1 /* 2 * Copyright (c) 1983, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#) Copyright (c) 1983, 1988, 1993 The Regents of the University of California. All rights reserved. 34 * @(#)trpt.c 8.1 (Berkeley) 6/6/93 35 * $FreeBSD: src/usr.sbin/trpt/trpt.c,v 1.12 2000/01/29 11:49:07 shin Exp $ 36 * $DragonFly: src/usr.sbin/trpt/trpt.c,v 1.4 2004/03/21 22:41:24 cpressey Exp $ 37 */ 38 39 #include <sys/param.h> 40 #include <sys/queue.h> 41 #include <sys/socket.h> 42 #include <sys/socketvar.h> 43 #define PRUREQUESTS 44 #include <sys/protosw.h> 45 #include <sys/file.h> 46 #include <sys/time.h> 47 48 #include <net/route.h> 49 #include <net/if.h> 50 51 #include <netinet/in.h> 52 #include <netinet/in_systm.h> 53 #include <netinet/ip.h> 54 #ifdef INET6 55 #include <netinet/ip6.h> 56 #endif 57 #include <netinet/ip_var.h> 58 #include <netinet/tcp.h> 59 #define TCPSTATES 60 #include <netinet/tcp_fsm.h> 61 #include <netinet/tcp_seq.h> 62 #define TCPTIMERS 63 #include <netinet/tcp_timer.h> 64 #include <netinet/tcp_var.h> 65 #include <netinet/tcpip.h> 66 #define TANAMES 67 #include <netinet/tcp_debug.h> 68 69 #include <arpa/inet.h> 70 71 #include <err.h> 72 #include <nlist.h> 73 #include <paths.h> 74 #include <stdio.h> 75 #include <stdlib.h> 76 #include <unistd.h> 77 78 struct nlist nl[] = { 79 #define N_TCP_DEBUG 0 80 { .n_name = "_tcp_debug" }, 81 #define N_TCP_DEBX 1 82 { .n_name = "_tcp_debx" }, 83 { .n_name = "" }, 84 }; 85 86 static caddr_t tcp_pcbs[TCP_NDEBUG]; 87 static n_time ntime; 88 static int aflag, kflag, memf, follow, sflag, tflag; 89 90 void dotrace(caddr_t); 91 void klseek(int, off_t, int); 92 int numeric(const void *, const void *); 93 void tcp_trace(short, short, struct tcpcb *, struct tcpcb *, 94 int, void *, struct tcphdr *, int); 95 static void usage(void); 96 97 int 98 main(int argc, char **argv) 99 { 100 int ch, i, jflag, npcbs; 101 const char *syst, *core; 102 103 jflag = npcbs = 0; 104 while ((ch = getopt(argc, argv, "afjp:st")) != -1) 105 switch (ch) { 106 case 'a': 107 ++aflag; 108 break; 109 case 'f': 110 ++follow; 111 setlinebuf(stdout); 112 break; 113 case 'j': 114 ++jflag; 115 break; 116 case 'p': 117 if (npcbs >= TCP_NDEBUG) 118 errx(1, "too many pcb's specified"); 119 sscanf(optarg, "%x", (int *)&tcp_pcbs[npcbs++]); 120 break; 121 case 's': 122 ++sflag; 123 break; 124 case 't': 125 ++tflag; 126 break; 127 case '?': 128 default: 129 usage(); 130 } 131 argc -= optind; 132 argv += optind; 133 134 core = _PATH_KMEM; 135 if (argc > 0) { 136 syst = *argv; 137 argc--, argv++; 138 if (argc > 0) { 139 core = *argv; 140 argc--, argv++; 141 ++kflag; 142 } 143 /* 144 * Discard setgid privileges if not the running kernel so that 145 * bad guys can't print interesting stuff from kernel memory. 146 */ 147 setgid(getgid()); 148 } else { 149 syst = getbootfile(); 150 } 151 152 if (nlist(syst, nl) < 0 || !nl[0].n_value) 153 errx(1, "%s: no namelist", syst); 154 if ((memf = open(core, O_RDONLY)) < 0) 155 err(2, "%s", core); 156 if (kflag) 157 errx(1, "can't do core files yet"); 158 klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET); 159 if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) != 160 sizeof(tcp_debx)) 161 err(3, "tcp_debx"); 162 klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET); 163 if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) != 164 sizeof(tcp_debug)) 165 err(3, "tcp_debug"); 166 /* 167 * If no control blocks have been specified, figure 168 * out how many distinct one we have and summarize 169 * them in tcp_pcbs for sorting the trace records 170 * below. 171 */ 172 if (!npcbs) { 173 for (i = 0; i < TCP_NDEBUG; i++) { 174 struct tcp_debug *td = &tcp_debug[i]; 175 int j; 176 177 if (td->td_tcb == 0) 178 continue; 179 for (j = 0; j < npcbs; j++) 180 if (tcp_pcbs[j] == td->td_tcb) 181 break; 182 if (j >= npcbs) 183 tcp_pcbs[npcbs++] = td->td_tcb; 184 } 185 if (!npcbs) 186 exit(0); 187 } 188 qsort(tcp_pcbs, npcbs, sizeof(caddr_t), numeric); 189 if (jflag) { 190 for (i = 0;;) { 191 printf("%p", (void *)tcp_pcbs[i]); 192 if (++i == npcbs) 193 break; 194 fputs(", ", stdout); 195 } 196 putchar('\n'); 197 } else { 198 for (i = 0; i < npcbs; i++) { 199 printf("\n%p:\n", (void *)tcp_pcbs[i]); 200 dotrace(tcp_pcbs[i]); 201 } 202 } 203 exit(0); 204 } 205 206 static void 207 usage(void) 208 { 209 fprintf(stderr, 210 "usage: trpt [-afjst] [-p hex-address] [system [core]]\n"); 211 exit(1); 212 } 213 214 void 215 dotrace(caddr_t tcpcb) 216 { 217 struct tcp_debug *td; 218 int i; 219 int prev_debx, family; 220 221 prev_debx = tcp_debx; 222 again: if (--tcp_debx < 0) 223 tcp_debx = TCP_NDEBUG - 1; 224 for (i = prev_debx % TCP_NDEBUG; i < TCP_NDEBUG; i++) { 225 td = &tcp_debug[i]; 226 if (tcpcb && td->td_tcb != tcpcb) 227 continue; 228 ntime = ntohl(td->td_time); 229 #ifdef INET6 230 family = td->td_family; 231 #else 232 family = AF_INET; 233 #endif 234 switch(family) { 235 case AF_INET: 236 tcp_trace(td->td_act, td->td_ostate, 237 (struct tcpcb *)td->td_tcb, 238 &td->td_cb, td->td_family, &td->td_ti.ti_i, 239 &td->td_ti.ti_t, td->td_req); 240 break; 241 #ifdef INET6 242 case AF_INET6: 243 tcp_trace(td->td_act, td->td_ostate, 244 (struct tcpcb *)td->td_tcb, 245 &td->td_cb, td->td_family, &td->td_ti6.ip6, 246 &td->td_ti6.th, td->td_req); 247 break; 248 #endif 249 } 250 if (i == tcp_debx) 251 goto done; 252 } 253 for (i = 0; i <= tcp_debx % TCP_NDEBUG; i++) { 254 td = &tcp_debug[i]; 255 if (tcpcb && td->td_tcb != tcpcb) 256 continue; 257 ntime = ntohl(td->td_time); 258 #ifdef INET6 259 family = td->td_family; 260 #else 261 family = AF_INET; 262 #endif 263 switch(family) { 264 case AF_INET: 265 tcp_trace(td->td_act, td->td_ostate, 266 (struct tcpcb *)td->td_tcb, 267 &td->td_cb, td->td_family, &td->td_ti.ti_i, 268 &td->td_ti.ti_t, td->td_req); 269 break; 270 #ifdef INET6 271 case AF_INET6: 272 tcp_trace(td->td_act, td->td_ostate, 273 (struct tcpcb *)td->td_tcb, 274 &td->td_cb, td->td_family, &td->td_ti6.ip6, 275 &td->td_ti6.th, td->td_req); 276 break; 277 #endif 278 } 279 } 280 done: if (follow) { 281 prev_debx = tcp_debx + 1; 282 if (prev_debx >= TCP_NDEBUG) 283 prev_debx = 0; 284 do { 285 sleep(1); 286 klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET); 287 if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) != 288 sizeof(tcp_debx)) 289 err(3, "tcp_debx"); 290 } while (tcp_debx == prev_debx); 291 klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET); 292 if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) != 293 sizeof(tcp_debug)) 294 err(3, "tcp_debug"); 295 goto again; 296 } 297 } 298 299 /* 300 * Tcp debug routines 301 */ 302 /*ARGSUSED*/ 303 void 304 tcp_trace(short act, short ostate, struct tcpcb *atp __unused, 305 struct tcpcb *tp, int family, void *ip, struct tcphdr *th, int req) 306 { 307 tcp_seq seq, ack; 308 int flags, len, win, timer; 309 struct ip *ip4 = NULL; 310 #ifdef INET6 311 int isipv6 = 0, nopkt = 1; 312 struct ip6_hdr *ip6 = NULL; 313 char ntop_buf[INET6_ADDRSTRLEN]; 314 #endif 315 316 #ifdef INET6 317 switch (family) { 318 case AF_INET: 319 nopkt = 0; 320 isipv6 = 0; 321 ip4 = (struct ip *)ip; 322 break; 323 case AF_INET6: 324 nopkt = 0; 325 isipv6 = 1; 326 ip6 = (struct ip6_hdr *)ip; 327 case 0: 328 default: 329 break; 330 } 331 #else 332 ip4 = (struct ip *)ip; 333 #endif 334 printf("%03ld %s:%s ",(long)(ntime/10) % 1000, tcpstates[ostate], 335 tanames[act]); 336 switch (act) { 337 case TA_INPUT: 338 case TA_OUTPUT: 339 case TA_DROP: 340 #ifdef INET6 341 if (nopkt != 0) 342 break; 343 #endif 344 if (aflag) { 345 printf("(src=%s,%u, ", 346 347 #ifdef INET6 348 isipv6 349 ? inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, 350 sizeof(ntop_buf)) : 351 #endif 352 inet_ntoa(ip4->ip_src), 353 ntohs(th->th_sport)); 354 printf("dst=%s,%u)", 355 #ifdef INET6 356 isipv6 357 ? inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, 358 sizeof(ntop_buf)) : 359 #endif 360 inet_ntoa(ip4->ip_dst), 361 ntohs(th->th_dport)); 362 } 363 seq = th->th_seq; 364 ack = th->th_ack; 365 366 len = 367 #ifdef INET6 368 isipv6 ? ip6->ip6_plen : 369 #endif 370 ip4->ip_len; 371 win = th->th_win; 372 if (act == TA_OUTPUT) { 373 seq = ntohl(seq); 374 ack = ntohl(ack); 375 len = ntohs(len); 376 win = ntohs(win); 377 } 378 if (act == TA_OUTPUT) 379 len -= sizeof(struct tcphdr); 380 if (len) 381 printf("[%lx..%lx)", (u_long)seq, (u_long)(seq + len)); 382 else 383 printf("%lx", (u_long)seq); 384 printf("@%lx", (u_long)ack); 385 if (win) 386 printf("(win=%x)", win); 387 flags = th->th_flags; 388 if (flags) { 389 const char *cp = "<"; 390 391 #define pf(flag, string) { \ 392 if (th->th_flags & flag) { \ 393 printf("%s%s", cp, string); \ 394 cp = ","; \ 395 } \ 396 } 397 pf(TH_SYN, "SYN"); 398 pf(TH_ACK, "ACK"); 399 pf(TH_FIN, "FIN"); 400 pf(TH_RST, "RST"); 401 pf(TH_PUSH, "PUSH"); 402 pf(TH_URG, "URG"); 403 printf(">"); 404 } 405 break; 406 case TA_USER: 407 timer = req >> 8; 408 req &= 0xff; 409 printf("%s", prurequests[req]); 410 if (req == PRU_SLOWTIMO || req == PRU_FASTTIMO) 411 printf("<%s>", tcptimers[timer]); 412 break; 413 } 414 printf(" -> %s", tcpstates[tp->t_state]); 415 /* print out internal state of tp !?! */ 416 printf("\n"); 417 if (sflag) { 418 printf("\trcv_nxt %lx rcv_wnd %lx snd_una %lx snd_nxt %lx snd_max %lx\n", 419 (u_long)tp->rcv_nxt, tp->rcv_wnd, 420 (u_long)tp->snd_una, (u_long)tp->snd_nxt, 421 (u_long)tp->snd_max); 422 printf("\tsnd_wl1 %lx snd_wl2 %lx snd_wnd %lx\n", 423 (u_long)tp->snd_wl1, 424 (u_long)tp->snd_wl2, (u_long)tp->snd_wnd); 425 } 426 /* print out timers? */ 427 #if 0 428 /* 429 * XXX 430 * kernel now uses callouts, not integer time values. 431 */ 432 if (tflag) { 433 char *cp = "\t"; 434 int i; 435 436 for (i = 0; i < TCPT_NTIMERS; i++) { 437 if (tp->t_timer[i] == 0) 438 continue; 439 printf("%s%s=%d", cp, tcptimers[i], tp->t_timer[i]); 440 if (i == TCPT_REXMT) 441 printf(" (t_rxtshft=%d)", tp->t_rxtshift); 442 cp = ", "; 443 } 444 if (*cp != '\t') 445 putchar('\n'); 446 } 447 #endif 448 } 449 450 int 451 numeric(const void *v1, const void *v2) 452 { 453 const caddr_t *c1 = v1, *c2 = v2; 454 455 return(*c1 - *c2); 456 } 457 458 void 459 klseek(int fd, off_t base, int off) 460 { 461 lseek(fd, base, off); 462 } 463