d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tcpdrop: allow TCP connections to be filtered by cc-algo

Browse Source 
In addition to filtering by stack and state, allow filtering
by the congestion control module used.  Choose the command line
options to be consistent with the ones of sockstat.

MFC after:	1 week
Sponsored by:	Netflix, Inc.
This commit is contained in:
Michael Tuexen 2021-12-04 15:00:05 +01:00
parent 130df64793
commit 31537ea583
2 changed files with 55 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
usr.sbin/tcpdrop/tcpdrop.8
View File

@ -34,13 +34,18 @@
.Fl a .Fl a
.Nm tcpdrop .Nm tcpdrop
.Op Fl l .Op Fl l
.Fl S Ar stack .Fl C Ar cc-algo
.Op Fl S Ar stack
.Op Fl s Ar state
.Nm tcpdrop .Nm tcpdrop
.Op Fl l .Op Fl l
.Fl s Ar state .Op Fl C Ar cc-algo
.Fl S Ar stack
.Op Fl s Ar state
.Nm tcpdrop .Nm tcpdrop
.Op Fl l .Op Fl l
.Fl S Ar stack .Op Fl C Ar cc-algo
.Op Fl S Ar stack
.Fl s Ar state .Fl s Ar state
.Sh DESCRIPTION .Sh DESCRIPTION
The The
@ -54,6 +59,13 @@ is specified then
will attempt to drop all TCP connections. will attempt to drop all TCP connections.
.Pp .Pp
If If
.Fl C Ar cc-algo
is specified then
.Nm
will attempt to drop all connections using the TCP congestion control algorithm
.Ar cc-algo .
.Pp
If
.Fl S Ar stack .Fl S Ar stack
is specified then is specified then
.Nm .Nm
@ -78,16 +90,20 @@ is one of
.Dv FIN_WAIT_2 , or .Dv FIN_WAIT_2 , or
.Dv TIME_WAIT . .Dv TIME_WAIT .
.Pp .Pp
If If multiple of
.Fl S Ar stack .Fl C Ar cc-algo ,
.Fl S Ar stack ,
and and
.Fl s Ar state .Fl s Ar state
are specified, are specified,
.Nm .Nm
will attempt to drop all TCP connections being in the state will attempt to drop all TCP connections using the congestion control algorithm
.Ar state .Ar cc-algo ,
being in the state
.Ar state ,
and using the TCP stack and using the TCP stack
.Ar stack . .Ar stack ,
if specified.
Since TCP connections in the Since TCP connections in the
.Dv TIME_WAIT .Dv TIME_WAIT
state are not tied to any TCP stack, using the option state are not tied to any TCP stack, using the option
@ -102,6 +118,7 @@ The
.Fl l .Fl l
flag may be given in addition to the flag may be given in addition to the
.Fl a , .Fl a ,
.Fl C ,
.Fl S , .Fl S ,
or or
.Fl s .Fl s
@ -110,6 +127,7 @@ connections one at a time.
.Pp .Pp
If none of the If none of the
.Fl a , .Fl a ,
.Fl C ,
.Fl S , .Fl S ,
or or
.Fl s .Fl s
@ -154,6 +172,11 @@ port 22, the port used by
# tcpdrop -l -a | grep -vw 22 | sh # tcpdrop -l -a | grep -vw 22 | sh
.Ed .Ed
.Pp .Pp
To drop all TCP connections using the new-reno congestion control algorithm use:
.Bd -literal -offset indent
# tcpdrop -C new-reno
.Ed
.Pp
The following command will drop all connections using the TCP stack The following command will drop all connections using the TCP stack
rack: rack:
.Bd -literal -offset indent .Bd -literal -offset indent
@ -165,10 +188,10 @@ To drop all TCP connections in the LAST_ACK state use:
# tcpdrop -s LAST_ACK # tcpdrop -s LAST_ACK
.Ed .Ed
.Pp .Pp
To drop all TCP connections using the TCP stack rack and being in the To drop all TCP connections using the congestion control algorithm new-reno and
LAST_ACK state use: the TCP stack rack and being in the LAST_ACK state use:
.Bd -literal -offset indent .Bd -literal -offset indent
# tcpdrop -S rack -s LAST_ACK # tcpdrop -C new-reno -S rack -s LAST_ACK
.Ed .Ed
.Sh SEE ALSO .Sh SEE ALSO
.Xr netstat 1 , .Xr netstat 1 ,

28
usr.sbin/tcpdrop/tcpdrop.c
View File

@ -54,7 +54,7 @@ static char *findport(const char *);
static struct xinpgen *getxpcblist(const char *); static struct xinpgen *getxpcblist(const char *);
static void sockinfo(const struct sockaddr *, struct host_service *); static void sockinfo(const struct sockaddr *, struct host_service *);
static bool tcpdrop(const struct sockaddr *, const struct sockaddr *); static bool tcpdrop(const struct sockaddr *, const struct sockaddr *);
static bool tcpdropall(const char *, int); static bool tcpdropall(const char *, const char *, int);
static bool tcpdropbyname(const char *, const char *, const char *, static bool tcpdropbyname(const char *, const char *, const char *,
const char *); const char *);
static bool tcpdropconn(const struct in_conninfo *); static bool tcpdropconn(const struct in_conninfo *);
@ -67,20 +67,26 @@ int
main(int argc, char *argv[]) main(int argc, char *argv[])
{ {
char stack[TCP_FUNCTION_NAME_LEN_MAX]; char stack[TCP_FUNCTION_NAME_LEN_MAX];
char ca_name[TCP_CA_NAME_MAX];
char *lport, *fport; char *lport, *fport;
bool dropall, dropspecific; bool dropall, dropspecific;
int ch, state; int ch, state;
dropall = false; dropall = false;
dropspecific = false; dropspecific = false;
ca_name[0] = '\0';
stack[0] = '\0'; stack[0] = '\0';
state = -1; state = -1;
while ((ch = getopt(argc, argv, "alS:s:")) != -1) { while ((ch = getopt(argc, argv, "aC:lS:s:")) != -1) {
switch (ch) { switch (ch) {
case 'a': case 'a':
dropall = true; dropall = true;
break; break;
case 'C':
dropspecific = true;
strlcpy(ca_name, optarg, sizeof(ca_name));
break;
case 'l': case 'l':
tcpdrop_list_commands = true; tcpdrop_list_commands = true;
break; break;
@ -111,7 +117,7 @@ main(int argc, char *argv[])
if (dropall || dropspecific) { if (dropall || dropspecific) {
if (argc != 0) if (argc != 0)
usage(); usage();
if (!tcpdropall(stack, state)) if (!tcpdropall(ca_name, stack, state))
exit(1); exit(1);
exit(0); exit(0);
} }
@ -223,7 +229,7 @@ tcpdrop(const struct sockaddr *lsa, const struct sockaddr *fsa)
} }
static bool static bool
tcpdropall(const char *stack, int state) tcpdropall(const char *ca_name, const char *stack, int state)
{ {
struct xinpgen *head, *xinp; struct xinpgen *head, *xinp;
struct xtcpcb *xtp; struct xtcpcb *xtp;
@ -259,6 +265,14 @@ tcpdropall(const char *stack, int state)
if ((state != -1) && (xtp->t_state != state)) if ((state != -1) && (xtp->t_state != state))
continue; continue;
/*
* If requested, skip sockets not having the requested
* congestion control algorithm.
*/
if (ca_name[0] != '\0' &&
strncmp(xtp->xt_cc, ca_name, TCP_CA_NAME_MAX))
continue;
/* If requested, skip sockets not having the requested stack. */ /* If requested, skip sockets not having the requested stack. */
if (stack[0] != '\0' && if (stack[0] != '\0' &&
strncmp(xtp->xt_stack, stack, TCP_FUNCTION_NAME_LEN_MAX)) strncmp(xtp->xt_stack, stack, TCP_FUNCTION_NAME_LEN_MAX))
@ -379,8 +393,8 @@ usage(void)
" tcpdrop local-address:local-port foreign-address:foreign-port\n" " tcpdrop local-address:local-port foreign-address:foreign-port\n"
" tcpdrop local-address.local-port foreign-address.foreign-port\n" " tcpdrop local-address.local-port foreign-address.foreign-port\n"
" tcpdrop [-l] -a\n" " tcpdrop [-l] -a\n"
" tcpdrop [-l] -S stack\n" " tcpdrop [-l] -C cc-algo [-S stack] [-s state]\n"
" tcpdrop [-l] -s state\n" " tcpdrop [-l] [-C cc-algo] -S stack [-s state]\n"
" tcpdrop [-l] -S stack -s state\n"); " tcpdrop [-l] [-C cc-algo] [-S stack] -s state\n");
exit(1); exit(1);
} }