o Print "unknown ICMP" instead of "(null)" if we don't have a description for a icmp type.
Based on code
Submitted by: Christoph Weber-Fahr
PR: misc/112126
MFC after: 2 weeks
in FreeBSD, and originated from INRIA IPv6.
Stub out netstat reference to addr2ascii() I mistakenly introduced.
Update misleading man page sections.
Merge NetBSD's getnameinfo() AF_LINK extensions for a portable way to
print link-layer addresses given a sockaddr_dl(), minus the IEEE 1394
bits which don't map directly to our code.
Obtained from: NetBSD (getnameinfo.c)
Discussed on: current (March 2006)
sidewaysintpr(). This increases the accuracy of the per-interval
counts when they are interpreted as rates. Repeated calls to alarm(n)
give an average interval that is about 2 ticks larger than n and has
a large variance. Periodic itimers normally get the average almost
right but have similarly large variance (due to scheduling delays).
Statistics utilities should use clock_gettime() to determine the
actual interval, but it is still useful to maximize the accuracy of
the interval, especially for cases like netstat -w where counts are
displayed so the program cannot hide the inaccuracy in a rate
conversion.
potential issues where the peer does not close, potentially leaving
thousands of connections in FIN_WAIT_2. This is controlled by a new sysctl
fast_finwait2_recycle, which is disabled by default.
Reviewed by: gnn, silby.
- BIOCGDIRECTION and BIOCSDIRECTION get or set the setting determining
whether incoming, outgoing, or all packets on the interface should be
returned by BPF. Set to BPF_D_IN to see only incoming packets on the
interface. Set to BPF_D_INOUT to see packets originating locally and
remotely on the interface. Set to BPF_D_OUT to see only outgoing
packets on the interface. This setting is initialized to BPF_D_INOUT
by default. BIOCGSEESENT and BIOCSSEESENT are obsoleted by these but
kept for backward compatibility.
- BIOCFEEDBACK sets packet feedback mode. This allows injected packets
to be fed back as input to the interface when output via the interface is
successful. When BPF_D_INOUT direction is set, injected outgoing packet
is not returned by BPF to avoid duplication. This flag is initialized to
zero by default.
Note that libpcap has been modified to support BPF_D_OUT direction for
pcap_setdirection(3) and PCAP_D_OUT direction is functional now.
Reviewed by: rwatson
loaded into the system.
Change wording of comments to reflect the fact we should unconditionally
use KVM if the -M option is used to specify a core file.
Add comments to document the fact that IPv6 multicast forwarding
information display still relies on KVM for gathering information.
Without -n, we now only print a "network name" without the prefix length
under the following conditions:
1) the network address and mask matches a classful network prefix;
2) getnetbyaddr(3) returns a network name for this network address.
With -n, we unconditionally print the full unabbreviated CIDR network
prefix in the form "a.b.c.d/p". 0.0.0.0/0 is still printed as "default".
This change is in preparation for changes such as equal-cost multipath, and
to more generally assist operational deployment of FreeBSD as a modern IPv4
router. There are currently no plans to backport this change.
Discussed on: freebsd-net
including to printf(). Using uintmax_t is also robust to further
extensions in both the C language and the bitwidth of kernel counters.
Tested on: i386 amd64 ia64
with FAST_IPSEC rather than the KAME IPSEC stack.
Note that the output of "netstat -s -p ipsec" differs depending on which
stack is compiled into the kernel since they each keep different stats.
This delta also adds the "esp", "ah", and "ipcomp" protocol stats, which
are also available when the kernel is compiled with the FAST_IPSEC stack
(e.g. "netstat -s -p esp").
Submitted by: Matt Titus <titus at nttmcl dot com>
MFC after: 3 days
kernel memory and not using sysctl. Previously, libmemstat was used
only for the live kernel via sysctl paths.
This results in netstat output becoming both more consistent between
core dumps and the live kernel, and also more information in the core
dump case than previously (i.e., mbuf cache information).
Statistics relating to sfbufs still rely on a kvm descriptor as they
are not currently exposed via libmemstat. netstat -m operating on a
core is still unable to print certain sfbuf stats available on the live
kernel.
MFC after: 1 week
replacement and has additional features which make it superior.
Discussed on: -arch
Reviewed by: thompsa
X-MFC-after: never (RELENG_6 as transition period)
a -B option which causes bpf peers to be printed. This option can be
used in conjunction with -I if information about specific interfaces
is desired. This is similar to what NetBSD added to their version of
netstat.
$ netstat -B
Pid Netif Flags Recv Drop Match Sblen Hblen Command
1137 lo0 p--s-- 0 0 0 0 0 tcpdump
205 sis0 -ifs-l 37331 0 1 0 0 dhclient
$
$ netstat -I lo0 -B
Pid Netif Flags Recv Drop Match Sblen Hblen Command
1174 lo0 p--s-- 0 0 0 0 0 tcpdump
$
-Add bpf.c which stores all the code for retrieving and parsing bpf
related statistics.
-Modify main.c to add support for the -B option and hook it into the
program logic.
-Add bpf.c to the build.
-Document this new functionality in the man page and bump the revision
date.
-Add prototype for bpf_stats function.
with a number of positive benefits:
- Start using UMA(9) statistics for mbufs and clusters, which avoids
using the mbuf allocator statistics which suffer from races under
load on SMP. This should eliminate "negative" mbuf counts in
netstat -mb.
- We are now able to track cached (free) mbufs and clusters and count
it towards memory allocated by the network stack.
- We are now also able to track memory allocated to mbuf tags since
libmemstat(3) can also query malloc(9). We don't print this except
as part of the total (for now - #if 0).
- We are now able to track mbuf/cluster/packet allocation failures,
although they are not currently printed (#if 0).
- Don't print out sfbuf statistics when running on a kernel core, as
currently that code is able only to query sysctl for statistics.
MFC after: 1 week
per-connection and globally. This eliminates potential DoS attacks
where SACK scoreboard elements tie up too much memory.
Submitted by: Raja Mukerji (raja at moselle dot com).
Reviewed by: Mohan Srinivasan (mohans at yahoo-inc dot com).
hosts to share an IP address, providing high availability and load
balancing.
Original work on CARP done by Michael Shalayeff, with many
additions by Marco Pfatschbacher and Ryan McBride.
FreeBSD port done solely by Max Laier.
Patch by: mlaier
Obtained from: OpenBSD (mickey, mcbride)
Without this change, when running netstat with a kernel without
INET6 built in, you will get a complain at the end of "netstat -s"
output.
X-MFC: NO_INET6 was called "NOINET6" on RELENG_5
netstat(1):
- Make previously unnecessarily global variables local.
- Use LIST_FOREACH() in preference to manual iteration.
- Restore a sanity check through slightly incestuous use of queue macro
knowledge.
Submitted by: rik
home-brew linked lists. Read in the ipxpcb_list structure first in
order to find the first pcb pointer. Then follow the chain as
before, only the termination condition is a NULL next pointer
rather than a next pointer equal to the original offset.
socket in LISTEN state happens to be bound to an interface, it will
show up in netstat(1) output even without the -a switch.
As the definition of "sockets used by server processes" is a
difficult one to qualify with regards to UDP, do not change the
output behaviour for UDP sockets.
PR: bin/26359
mbuma is an Mbuf & Cluster allocator built on top of a number of
extensions to the UMA framework, all included herein.
Extensions to UMA worth noting:
- Better layering between slab <-> zone caches; introduce
Keg structure which splits off slab cache away from the
zone structure and allows multiple zones to be stacked
on top of a single Keg (single type of slab cache);
perhaps we should look into defining a subset API on
top of the Keg for special use by malloc(9),
for example.
- UMA_ZONE_REFCNT zones can now be added, and reference
counters automagically allocated for them within the end
of the associated slab structures. uma_find_refcnt()
does a kextract to fetch the slab struct reference from
the underlying page, and lookup the corresponding refcnt.
mbuma things worth noting:
- integrates mbuf & cluster allocations with extended UMA
and provides caches for commonly-allocated items; defines
several zones (two primary, one secondary) and two kegs.
- change up certain code paths that always used to do:
m_get() + m_clget() to instead just use m_getcl() and
try to take advantage of the newly defined secondary
Packet zone.
- netstat(1) and systat(1) quickly hacked up to do basic
stat reporting but additional stats work needs to be
done once some other details within UMA have been taken
care of and it becomes clearer to how stats will work
within the modified framework.
From the user perspective, one implication is that the
NMBCLUSTERS compile-time option is no longer used. The
maximum number of clusters is still capped off according
to maxusers, but it can be made unlimited by setting
the kern.ipc.nmbclusters boot-time tunable to zero.
Work should be done to write an appropriate sysctl
handler allowing dynamic tuning of kern.ipc.nmbclusters
at runtime.
Additional things worth noting/known issues (READ):
- One report of 'ips' (ServeRAID) driver acting really
slow in conjunction with mbuma. Need more data.
Latest report is that ips is equally sucking with
and without mbuma.
- Giant leak in NFS code sometimes occurs, can't
reproduce but currently analyzing; brueffer is
able to reproduce but THIS IS NOT an mbuma-specific
problem and currently occurs even WITHOUT mbuma.
- Issues in network locking: there is at least one
code path in the rip code where one or more locks
are acquired and we end up in m_prepend() with
M_WAITOK, which causes WITNESS to whine from within
UMA. Current temporary solution: force all UMA
allocations to be M_NOWAIT from within UMA for now
to avoid deadlocks unless WITNESS is defined and we
can determine with certainty that we're not holding
any locks when we're M_WAITOK.
- I've seen at least one weird socketbuffer empty-but-
mbuf-still-attached panic. I don't believe this
to be related to mbuma but please keep your eyes
open, turn on debugging, and capture crash dumps.
This change removes more code than it adds.
A paper is available detailing the change and considering
various performance issues, it was presented at BSDCan2004:
http://www.unixdaemons.com/~bmilekic/netbuf_bmilekic.pdf
Please read the paper for Future Work and implementation
details, as well as credits.
Testing and Debugging:
rwatson,
brueffer,
Ketrien I. Saihr-Kesenchedra,
...
Reviewed by: Lots of people (for different parts)
- 0 should have been -1 in previous commit (just to stay consistent),
- Spell null pointers as NULL, not 0,
- Fixed the comment about pr_usesysctl to not confuse it with boolean.
Pointed by: bde
calculations. Long longs should never be used, since they break compiling
with C90 compilers and don't necessarily work any better than longs for
avoiding overflow.
Print percentages with another digit of precision since they can be small
and this is easy to do now that the format is floating point.
Restored some more of the old -m output:
Print the percentage of allocated memory that is in use. This is the
amount of memory in active mbufs and mbuf clusters relative to the
total amount of memory soft-allocated for mbufs and mbuf clusters.
Print the percentage of allocated memory that is wired (cached). The
old mbuf allocator never freed memory so printing this value wasn't
useful. A previous version of netstat for the new allocator printed
the in-use amount as a percentage of the wired amount.
Fixed some nearby style bugs (excessive parenthesization and a redundant
return).
Reviewed by: alfred
printf format warnings for inet6.c (pluralies() was implicit int, but
the context requires a "char *").
Added WARNS?=2 to the Makefile so that such errors don't come back.
Added NO_WERROR?= to the Makefile because I haven't checked that setting
WARNS doesn't uncover more bugs except on i386's.
overflow was breaking a bunch of the stats, specifically the
percentage displayed for wired memory.
Fix the output for current/peak/max lines, I forgot to output the types.
161/320/51200 (current/peak/max):
-to-
639/25696/51200 mbufs in use (current/peak/max):
using the old 'cached' value but reporting it as 'cached'.
I've decided to report the 'cached' as 'peak', why? Well because
it is the peak, the peak of what is actually allocated. 'cached'
doesn't make sense to me as a user.
truncated. In environments where many tunnel or vlan interfaces are created,
interface names have high numbers which overflow the field width.
PRs: bin/52349, bin/35838
Submitted by: Mike Tancsa, Scot W. Hetzel
Approved by: re (rwatson)
if_xname, if_dname, and if_dunit. if_xname is the name of the interface
and if_dname/unit are the driver name and instance.
This change paves the way for interface renaming and enhanced pseudo
device creation and configuration symantics.
Approved By: re (in principle)
Reviewed By: njl, imp
Tested On: i386, amd64, sparc64
Obtained From: NetBSD (if_xname)
netstat -s -p pim
2. Print information about the bandwidth meters installed in the kernel with
netstat -g
Submitted by: Pavlin Radoslavov <pavlin@icir.org>
multicast VIF tables.
This change is needed for consistency with the rest of the
netstat/mroute.c implementation, and because in some
cases "netstat -g" may fail to report the multicast forwarding
information (e.g., if we run a multicast router on PicoBSD).
* Remove "DVMRP" from the head comment of file netstat/mroute.c,
because the printed multicast-related statistics are not
DVMRP-specific anymore.
Submitted by: Pavlin Radoslavov <pavlin@icir.org>
The -l option is deprecated (hence undocumented in usage() and
SYNOPSIS), as was threatened in the commitlog accompanying rev.
1.10 of main.c.
Approved by: re (blanket)
netstat(1) not display it for now because its effects are not yet
completely implemented and we're about to cut 5.2-RELEASE.
This is temporary.
Approved by: re (scottl, rwatson)
(See: ftp://ftp.rfc-editor.org/in-notes/rfc3514.txt)
This fulfills the host requirements for userland support by
way of the setsockopt() IP_EVIL_INTENT message.
There are three sysctl tunables provided to govern system behavior.
net.inet.ip.rfc3514:
Enables support for rfc3514. As this is an
Informational RFC and support is not yet widespread
this option is disabled by default.
net.inet.ip.hear_no_evil
If set the host will discard all received evil packets.
net.inet.ip.speak_no_evil
If set the host will discard all transmitted evil packets.
The IP statistics counter 'ips_evil' (available via 'netstat') provides
information on the number of 'evil' packets recieved.
For reference, the '-E' option to 'ping' has been provided to demonstrate
and test the implementation.
compile-time constants). That is, a "bucket" now is not necessarily
a page-worth of mbufs or clusters, but it is MBUF_BUCK_SZ, CLUS_BUCK_SZ
worth of mbufs, clusters.
o Rename {mbuf,clust}_limit to {mbuf,clust}_hiwm and introduce
{mbuf,clust}_lowm, which currently has no effect but will be used
to set the low watermarks.
o Fix netstat so that it can deal with the differently-sized buckets
and teach it about the low watermarks too.
o Make sure the per-cpu stats for an absent CPU has mb_active set to 0,
explicitly.
o Get rid of the allocate refcounts from mbuf map mess. Instead,
just malloc() the refcounts in one shot from mbuf_init()
o Clean up / update comments in subr_mbuf.c
1) Include arpa/inet.h for ntohs.
2) Constness fixes.
3) Fix shadowing except for "sin" which shouldn't be in scope.
4) Remove register keyword.
5) Add missing initialsers to user defined structs.
5) Make prototype of netname6 globally visable.
6) Use right macros for printing syncache stats (even though entrie isn't
a word).
non-default but reasonable values of hz this member overflowed,
breaking NFS over UDP.
Also, as long as I'm plowing up struct sockbuf ... Change certain
members from u_long/long to u_int/int in order to reduce wasted
space on 64-bit machines. This change was requested by Andrew
Gallatin.
Netstat and systat need to be rebuilt. I am incrementing
__FreeBSD_version in case any ports need to change.
supplied rather than arbitrarily larger widths. This (almost) guarantees
that no columns will be truncated (routing table additions between the
width calculation and display passes may create a row with column widths
larger than those calculated).
Sponsored by: NTT Multimedia Communications Labs
of the recent WARNS commits. The idea is:
1) FreeBSD id tags should follow vendor tags.
2) Vendor tags should not be compiled (though copyrights probably should).
3) There should be no blank line between including cdefs and __FBSDIF.
- Restore the ability to look up network names in the networks(5)
database by passing getnetbyaddr(3) shifted network numbers,
but without duplicating the old bug that was fixed in 1.27 (we
now only shift netnums with standard netmasks). For example:
Before:
$ netstat -r
[...]
127.0.1/24 localhost UGSc 0 0 lo0
127.0.2/24 localhost UGSc 0 0 lo0
After:
$ netstat -r
[...]
subnet1/24 localhost UGSc 0 0 lo0
subnet2/24 localhost UGSc 0 0 lo0
- Only try to lookup with the forged netmask if the mask was not
explicitly specified, like it was before 1.27. For example:
Before:
$ netstat -r
net-44.ampr.org/25 localhost UGSc 0 0 lo0
net-44.ampr.org/25 localhost UGSc 0 0 lo0
After:
44.108.2/25 localhost UGSc 0 0 lo0
44.108.2.128/25 localhost UGSc 0 0 lo0
- Make sure to null-terminate the resulting string.
MFC after: 1 week
when I changed the allocator bits. This implements per-CPU mbtypes
stats by keeping net number of decrements/increments of a given mbtype
per-CPU and then summing all of the per-CPU mbtypes to produce the total
net number of allocated mbufs of the given mbtype.
Counters are carefully balanced to avoid/prevent underflows/overflows.
mbtypes stats are re-enabled with the idea that we may occasionally
(although very rarely) observe slight inconsistencies in the stat
reporting. Most of the time, we should be fine, though.
Also make appropriate modifications to netstat(1) and systat(1) to do
the necessary reporting.
Submitted by: Jiangyi Liu <jyliu@163.net>
The compatibility glue is still provided.
(This change is not yet reflected in the manpage, nor
in usage(). This will be fixed at a later time today,
with the general manpage cleanup commit.)