Commit Graph

357 Commits

Author SHA1 Message Date
Randall Stewart
d37c519324 - Fix typo in netstat's display of Nagle algorithm - refer to the RFC.
Submitted by:	bruce@cran.org.uk
Approved by:	re@freebsd.org (Bruce Mah)
2007-08-24 00:35:18 +00:00
Dag-Erling Smørgrav
218cbbea9a Make tcpstates[] static, and make sure TCPSTATES is defined before
<netinet/tcp_fsm.h> is included into any compilation unit that needs
tcpstates[].  Also remove incorrect extern declarations and TCPDEBUG
conditionals.  This allows kernels both with and without TCPDEBUG to
build, and unbreaks the tinderbox.

Approved by:	re (rwatson)
2007-07-30 11:06:42 +00:00
John Baldwin
55fd53e237 Bah, fix a cosmetic nit and remove a debugging aid missed in the previous
fixes for netstat -M.

Pointy hat to:	jhb
Approved by:	re (kensmith)
2007-07-16 18:13:12 +00:00
John Baldwin
feda1a4372 Restore netstat -M functionality for most statistics on core dumps. In
general, when support was added to netstat for fetching data using sysctl,
no provision was left for fetching equivalent data from a core dump, and
in fact, netstat would _always_ fetch data from the live kernel using
sysctl even when -M was specified resulting in the user believing they
were getting data from coredumps when they actually weren't.  Some specific
changes:
- Add a global 'live' variable that is true if netstat is running against
  the live kernel and false if -M has been specified.
- Stop abusing the sysctl flag in the protocol tables to hold the protocol
  number.  Instead, the protocol is now its own field in the tables, and
  it is passed as a separate parameter to the PCB and stat routines rather
  than overloading the KVM offset parameter.
- Don't run PCB or stats functions who don't have a namelist offset if we
  are being run against a crash dump (!live).
- For the inet and unix PCB routines, we generate the same buffer from KVM
  that the sysctl usually generates complete with the header and trailer.
- Don't run bpf stats for !live (before it would just silently always run
  live).
- kread() no longer trashes memory when opening the buffer if there is an
  error on open and the passed in buffer is smaller than _POSIX2_LINE_MAX.
- The multicast routing code doesn't fallback to kvm on live kernels if
  the sysctl fails.  Keeping this made the code rather hairy, and netstat
  is already tied to the kernel ABI anyway (even when using sysctl's since
  things like xinpcb contain an inpcb) so any kernels this is run against
  that have the multicast routing stuff should have the sysctls.
- Don't try to dig around in the kernel linker in the netgraph PCB routine
  for core dumps.

Other notes:
- sctp's PCB routine only works on live kernels, it looked rather
  complicated to generate all the same stuff via KVM.  Someone can always
  add it later if desired though.
- Fix the ipsec removal bug where N_xxx for IPSEC stats weren't renumbered.
- Use sysctlbyname() everywhere rather than hardcoded mib values.

MFC after:	1 week
Approved by:	re (rwatson)
2007-07-16 17:15:55 +00:00
George V. Neville-Neil
8409aedfa6 Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
Randall Stewart
b8a1761e07 o style(9) nit.
o shorten explainations which are over 80 columns in console.
	o group rows
	o clean up and change explanations a little bit.
Obtained from:	weongyo.jeong@gmail.com
2007-06-17 14:45:28 +00:00
Randall Stewart
3f8d71d596 - Forced commit to update who actually did this code (I forgot
the obtained from in the original line)
Obtained from:	Weongyo Jeong (weongyo.jeong@gmail.com)
2007-06-17 01:57:08 +00:00
Xin LI
04b764d8f4 sctp_process_inpcb() wants an offset parameter in size_t,
so define it as what it is expected.  This fixes WARNS=3
without NO_WERROR build.
2007-06-13 02:37:00 +00:00
Bruce M Simpson
71498f308b Import rewrite of IPv4 socket multicast layer to support source-specific
and protocol-independent host mode multicast. The code is written to
accomodate IPv6, IGMPv3 and MLDv2 with only a little additional work.

This change only pertains to FreeBSD's use as a multicast end-station and
does not concern multicast routing; for an IGMPv3/MLDv2 router
implementation, consider the XORP project.

The work is based on Wilbert de Graaf's IGMPv3 code drop for FreeBSD 4.6,
which is available at: http://www.kloosterhof.com/wilbert/igmpv3.html

Summary
 * IPv4 multicast socket processing is now moved out of ip_output.c
   into a new module, in_mcast.c.
 * The in_mcast.c module implements the IPv4 legacy any-source API in
   terms of the protocol-independent source-specific API.
 * Source filters are lazy allocated as the common case does not use them.
   They are part of per inpcb state and are covered by the inpcb lock.
 * struct ip_mreqn is now supported to allow applications to specify
   multicast joins by interface index in the legacy IPv4 any-source API.
 * In UDP, an incoming multicast datagram only requires that the source
   port matches the 4-tuple if the socket was already bound by source port.
   An unbound socket SHOULD be able to receive multicasts sent from an
   ephemeral source port.
 * The UDP socket multicast filter mode defaults to exclusive, that is,
   sources present in the per-socket list will be blocked from delivery.
 * The RFC 3678 userland functions have been added to libc: setsourcefilter,
   getsourcefilter, setipv4sourcefilter, getipv4sourcefilter.
 * Definitions for IGMPv3 are merged but not yet used.
 * struct sockaddr_storage is now referenced from <netinet/in.h>. It
   is therefore defined there if not already declared in the same way
   as for the C99 types.
 * The RFC 1724 hack (specify 0.0.0.0/8 addresses to IP_MULTICAST_IF
   which are then interpreted as interface indexes) is now deprecated.
 * A patch for the Rhyolite.com routed in the FreeBSD base system
   is available in the -net archives. This only affects individuals
   running RIPv1 or RIPv2 via point-to-point and/or unnumbered interfaces.
 * Make IPv6 detach path similar to IPv4's in code flow; functionally same.
 * Bump __FreeBSD_version to 700048; see UPDATING.

This work was financially supported by another FreeBSD committer.

Obtained from:  p4://bms_netdev
Submitted by:   Wilbert de Graaf (original work)
Reviewed by:    rwatson (locking), silence from fenner,
		net@ (but with encouragement)
2007-06-12 16:24:56 +00:00
Ceri Davies
f18f2fc7fd Backout mess mistakenly committed with manpage update. 2007-06-10 06:18:04 +00:00
Ceri Davies
664fd46b84 Document SCTP support. 2007-06-10 06:11:03 +00:00
Randall Stewart
74fd40c90c Adds support for SCTP. 2007-06-09 13:44:09 +00:00
Andre Oppermann
612d21296c 'netstat -A -p tcp' doesn't print the Socket but the Tcpcb pointer in the
first column.
2007-05-13 22:32:32 +00:00
Maxim Konovalov
4063583a62 o Fill the list of icmp types; make its size depend on ICMP_MAXTYPE.
o Print "unknown ICMP" instead of "(null)" if we don't have a description         for a icmp type.

Based on code

Submitted by:	Christoph Weber-Fahr
PR:		misc/112126
MFC after:	2 weeks
2007-04-30 12:27:04 +00:00
Bruce M Simpson
b9cb107e3a Mark netstat -g host-mode output as deprecated.
MFC after:	2 weeks
2007-04-10 00:30:26 +00:00
Tai-hwa Liang
1fa420b671 Fixing NO_INET6 build as addr2ascii() has been nuked in previous commit. 2007-03-02 05:23:39 +00:00
Bruce M Simpson
b32fedf48f stub call to addr2ascii().
Noticed by:	brooks
2007-03-01 02:11:57 +00:00
Bruce M Simpson
67228c4621 Nuke ascii2addr() and addr2ascii(). They have no consumers anywhere
in FreeBSD, and originated from INRIA IPv6.

Stub out netstat reference to addr2ascii() I mistakenly introduced.
Update misleading man page sections.

Merge NetBSD's getnameinfo() AF_LINK extensions for a portable way to
print link-layer addresses given a sockaddr_dl(), minus the IEEE 1394
bits which don't map directly to our code.

Obtained from:	NetBSD (getnameinfo.c)
Discussed on:	current (March 2006)
2007-02-28 21:18:38 +00:00
Bruce Evans
b6c86f4b1e Fixed some style bugs (whitespace lossage for removal of __P(()), and
lots of naming and typing errors involving `interval').
2007-02-27 05:10:36 +00:00
Bruce Evans
93547b07b9 Use a periodic itimer instead of repeated calls to alarm() in
sidewaysintpr().  This increases the accuracy of the per-interval
counts when they are interpreted as rates.  Repeated calls to alarm(n)
give an average interval that is about 2 ticks larger than n and has
a large variance.  Periodic itimers normally get the average almost
right but have similarly large variance (due to scheduling delays).

Statistics utilities should use clock_gettime() to determine the
actual interval, but it is still useful to maximize the accuracy of
the interval, especially for cases like netstat -w where counts are
displayed so the program cannot hide the inaccuracy in a rate
conversion.
2007-02-27 04:54:33 +00:00
Mohan Srinivasan
7c72af8770 Reap FIN_WAIT_2 connections marked SOCANTRCVMORE faster. This mitigate
potential issues where the peer does not close, potentially leaving
thousands of connections in FIN_WAIT_2. This is controlled by a new sysctl
fast_finwait2_recycle, which is disabled by default.

Reviewed by: gnn, silby.
2007-02-26 22:25:21 +00:00
Jung-uk Kim
560a54e10c Add three new ioctl(2) commands for bpf(4).
- BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining
whether incoming, outgoing, or all packets on the interface should be
returned by BPF.  Set to BPF_D_IN to see only incoming packets on the
interface.  Set to BPF_D_INOUT to see packets originating locally and
remotely on the interface.  Set to BPF_D_OUT to see only outgoing
packets on the interface.  This setting is initialized to BPF_D_INOUT
by default.  BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but
kept for backward compatibility.

- BIOCFEEDBACK sets packet feedback mode.  This allows injected packets
to be fed back as input to the interface when output via the interface is
successful.  When BPF_D_INOUT direction is set, injected outgoing packet
is not returned by BPF to avoid duplication.  This flag is initialized to
zero by default.

Note that libpcap has been modified to support BPF_D_OUT direction for
pcap_setdirection(3) and PCAP_D_OUT direction is functional now.

Reviewed by:	rwatson
2007-02-26 22:24:14 +00:00
Bruce M Simpson
c15ddad979 Use sysctl(2), not kvm(3), to read IPv6 multicast information from
the running system.
Use the name 'IPv6 Forwarding Table', not 'IPv6 Routing Table', to be
consistent with what the code actually does and is.
2007-02-24 21:58:30 +00:00
Bruce M Simpson
848b41603f Use the names 'IPv4' and 'Forwarding Table' in program output, not
'Routing Table', to be consistent with what the code actually does and is.
2007-02-24 21:56:52 +00:00
Bruce M Simpson
4f487dfc1a Add comments about where netstat is using KVM to read things which
should really be available via sysctl for a running system.
2007-02-24 21:42:21 +00:00
Bruce M Simpson
b1b536e789 Update host-mode multicast group information output.
Display IPv4 and IPv6 memberships separately.
  Obey the MK_INET6_SUPPORT flag.
 Display link-layer memberships.
  Use addr2ascii() to correctly print non-IEEE 802 sockaddr_dl instances.
 Eliminate redundant switch..case blocks.
 Update copyright.
 Misc style changes.

MFC after:	3 weeks
2007-02-21 13:59:21 +00:00
Bruce M Simpson
ab8e5cbf16 Change wording of warnings when there is no ip_mroute.ko module
loaded into the system.
Change wording of comments to reflect the fact we should unconditionally
use KVM if the -M option is used to specify a core file.
Add comments to document the fact that IPv6 multicast forwarding
information display still relies on KVM for gathering information.
2007-02-21 13:41:51 +00:00
Bruce M Simpson
d092c06c3a Retire most of the classful network behaviour of netstat -r output, for IPv4.
Without -n, we now only print a "network name" without the prefix length
 under the following conditions:
  1) the network address and mask matches a classful network prefix;
  2) getnetbyaddr(3) returns a network name for this network address.

 With -n, we unconditionally print the full unabbreviated CIDR network
 prefix in the form "a.b.c.d/p". 0.0.0.0/0 is still printed as "default".

This change is in preparation for changes such as equal-cost multipath, and
to more generally assist operational deployment of FreeBSD as a modern IPv4
router. There are currently no plans to backport this change.

Discussed on:	freebsd-net
2007-02-14 14:17:01 +00:00
Yaroslav Tykhiy
04f7f23bf8 Don't shadow globals.
Found by:       WARNS=6
MFC after:      3 days
2006-11-27 19:50:50 +00:00
Yaroslav Tykhiy
da67074ec6 We should return the name in cp, not printf it.
Found by:	WARNS=6
MFC after:	3 days
2006-11-27 19:48:45 +00:00
Bruce Evans
1f575ce8f9 Don't always print a space character in show_stat(), since a space
shouldn't be printed after the last column.  This restores the
formatting to 79 columns.
2006-11-08 15:15:05 +00:00
Bruce M Simpson
910e1364b6 Nits.
Submitted by:	ru
2006-09-29 16:16:41 +00:00
Bruce M Simpson
2d20d32344 Push removal of mrouted down to the rest of the tree. 2006-09-29 15:45:11 +00:00
Ruslan Ermilov
cb29445a92 Markup fixes. 2006-09-29 15:20:48 +00:00
Wojciech A. Koszek
60e15662e1 Export tcps_rcvmemdrop available in 'struct tcpstat' with netstat(1).
Requested by:	Tomasz Pilat <tomasz.pilat (at) axelspringer.pl>
Approved by:	andre
2006-09-20 12:29:12 +00:00
Yaroslav Tykhiy
096146f88b - Achieve WARNS=3 by using sparse initializers or avoiding initializers at all.
- Fix a nlist initialization: it should be terminated by a NULL entry.
- Constify.
- Catch an unused parameter.

Tested on:	i386 amd64 ia64
2006-07-28 16:16:40 +00:00
Yaroslav Tykhiy
7b95a1ebbd Achieve WARNS=2 by using uintmax_t to pass around 64-bit quantities,
including to printf().  Using uintmax_t is also robust to further
extensions in both the C language and the bitwidth of kernel counters.

Tested on:	i386 amd64 ia64
2006-07-28 16:09:19 +00:00
Yaroslav Tykhiy
778d2bddd2 Both fields of struct timeval are of a non-basic type,
so we should cast them to a type printf() knows about.
2006-07-28 11:17:17 +00:00
Yaroslav Tykhiy
b7dd94d5e6 Avoid useless work: Do not build inet6.c if INET6 support is off.
This also avoids pretending that netstat includes inet6.c in the
output from ident(1).
2006-07-28 11:09:21 +00:00
Julian Elischer
109dad819f Not having ipv6 in your kernel is not an error and should not be reported.
MFC after:	1 week
2006-07-14 23:32:43 +00:00
Oleg Bulyzhin
7c7f48f12c Since kernel & userland use different timebase and netstat is reading kernel
memory directly, we should do timebase conversion for route lifetime.

Approved by:	glebius (mentor)
2006-07-06 11:59:27 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Andre Oppermann
4b969aa55a Improved description for packet zone statistics.
Sponsored by:	TCP/IP Optimization Fundraise 2005
MFC after:	3 days
2006-02-18 16:09:38 +00:00
Andre Oppermann
1434cbd62a Print statistics on mbuf+clusters in packet zone.
Sponsored by:	TCP/IP Optimization Fundraise 2005
MFC after:	3 days
2006-02-18 16:03:07 +00:00
Andre Oppermann
2b22cf9cbe Print statistics on jumbo mbuf clusters.
Sponsored by:	TCP/IP Optimization Fundraise 2005
MFC after:	3 days
2006-02-18 15:55:19 +00:00
Robert Watson
dd8dfa82e7 Sort sfbuf allocation counters with other sfbuf information.
MFC after:	3 days
2006-02-11 21:27:16 +00:00
Robert Watson
e446b85087 Un-#if 0 the printing of allocation failure counts for mbufs, clusters,
and packets in netstat -m.

MFC after:	3 days
2006-02-11 17:18:36 +00:00
Kelly Yancey
100b98db75 Add support for printing IPSEC protocol stats if the kernel was compiled
with FAST_IPSEC rather than the KAME IPSEC stack.

Note that the output of "netstat -s -p ipsec" differs depending on which
stack is compiled into the kernel since they each keep different stats.
This delta also adds the "esp", "ah", and "ipcomp" protocol stats, which
are also available when the kernel is compiled with the FAST_IPSEC stack
(e.g. "netstat -s -p esp").

Submitted by:	Matt Titus <titus at nttmcl dot com>
MFC after:	3 days
2005-12-28 20:36:55 +00:00
Christian S.J. Peron
9d51867579 Provide some basic documentation explaining what the bpf(4) flags are
supposed to mean. Also, add an external references for bpf now that we
reference flags from that man page.
2005-12-18 19:38:43 +00:00
Robert Watson
91978388e2 Remove two lines of debugging output that accidentally snuck into the
commit to fix up kvm support for netstat -m.
2005-11-28 18:06:21 +00:00