1 /* $NetBSD: trpt.c,v 1.18 2003/09/19 08:24:07 itojun Exp $ */ 2 3 /*- 4 * Copyright (c) 1997 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jason R. Thorpe of the Numerical Aerospace Simulation Facility, 9 * NASA Ames Research Center. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. All advertising materials mentioning features or use of this software 20 * must display the following acknowledgement: 21 * This product includes software developed by the NetBSD 22 * Foundation, Inc. and its contributors. 23 * 4. Neither the name of The NetBSD Foundation nor the names of its 24 * contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 * POSSIBILITY OF SUCH DAMAGE. 38 */ 39 40 /* 41 * Copyright (c) 1983, 1988, 1993 42 * The Regents of the University of California. All rights reserved. 43 * 44 * Redistribution and use in source and binary forms, with or without 45 * modification, are permitted provided that the following conditions 46 * are met: 47 * 1. Redistributions of source code must retain the above copyright 48 * notice, this list of conditions and the following disclaimer. 49 * 2. Redistributions in binary form must reproduce the above copyright 50 * notice, this list of conditions and the following disclaimer in the 51 * documentation and/or other materials provided with the distribution. 52 * 3. Neither the name of the University nor the names of its contributors 53 * may be used to endorse or promote products derived from this software 54 * without specific prior written permission. 55 * 56 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 57 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 58 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 59 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 60 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 61 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 62 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 63 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 64 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 65 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 66 * SUCH DAMAGE. 67 */ 68 69 #include <sys/cdefs.h> 70 #ifndef lint 71 __COPYRIGHT( 72 "@(#) Copyright (c) 1983, 1988, 1993\n\ 73 The Regents of the University of California. All rights reserved.\n"); 74 #endif /* not lint */ 75 76 #ifndef lint 77 #if 0 78 static char sccsid[] = "@(#)trpt.c 8.1 (Berkeley) 6/6/93"; 79 #else 80 __RCSID("$NetBSD: trpt.c,v 1.18 2003/09/19 08:24:07 itojun Exp $"); 81 #endif 82 #endif /* not lint */ 83 84 #include <sys/param.h> 85 #include <sys/queue.h> 86 #include <sys/socket.h> 87 #include <sys/socketvar.h> 88 #define PRUREQUESTS 89 #include <sys/protosw.h> 90 #include <sys/file.h> 91 92 #include <net/route.h> 93 #include <net/if.h> 94 95 #include <netinet/in.h> 96 #include <netinet/in_systm.h> 97 #include <netinet/ip.h> 98 #include <netinet/in_pcb.h> 99 #include <netinet/ip_var.h> 100 101 #ifdef INET6 102 #ifndef INET 103 #include <netinet/in.h> 104 #endif 105 #include <netinet/ip6.h> 106 #endif 107 108 #include <netinet/tcp.h> 109 #define TCPSTATES 110 #include <netinet/tcp_fsm.h> 111 #include <netinet/tcp_seq.h> 112 #define TCPTIMERS 113 #include <netinet/tcp_timer.h> 114 #include <netinet/tcp_var.h> 115 #include <netinet/tcpip.h> 116 #define TANAMES 117 #include <netinet/tcp_debug.h> 118 119 #include <arpa/inet.h> 120 121 #include <err.h> 122 #include <stdio.h> 123 #include <errno.h> 124 #include <kvm.h> 125 #include <nlist.h> 126 #include <paths.h> 127 #include <limits.h> 128 #include <stdlib.h> 129 #include <unistd.h> 130 131 struct nlist nl[] = { 132 #define N_HARDCLOCK_TICKS 0 133 { "_hardclock_ticks" }, 134 #define N_TCP_DEBUG 1 135 { "_tcp_debug" }, 136 #define N_TCP_DEBX 2 137 { "_tcp_debx" }, 138 { NULL }, 139 }; 140 141 static caddr_t tcp_pcbs[TCP_NDEBUG]; 142 static n_time ntime; 143 static int aflag, follow, sflag, tflag; 144 145 /* see sys/netinet/tcp_debug.c */ 146 struct tcp_debug tcp_debug[TCP_NDEBUG]; 147 int tcp_debx; 148 149 int main __P((int, char *[])); 150 void dotrace __P((caddr_t)); 151 void tcp_trace __P((short, short, struct tcpcb *, struct tcpcb *, 152 int, void *, int)); 153 int numeric __P((const void *, const void *)); 154 void usage __P((void)); 155 156 kvm_t *kd; 157 158 int 159 main(argc, argv) 160 int argc; 161 char *argv[]; 162 { 163 int ch, i, jflag, npcbs; 164 char *system, *core, *cp, errbuf[_POSIX2_LINE_MAX]; 165 gid_t egid = getegid(); 166 unsigned long l; 167 168 (void)setegid(getgid()); 169 system = core = NULL; 170 171 jflag = npcbs = 0; 172 while ((ch = getopt(argc, argv, "afjp:stN:M:")) != -1) { 173 switch (ch) { 174 case 'a': 175 ++aflag; 176 break; 177 case 'f': 178 ++follow; 179 setlinebuf(stdout); 180 break; 181 case 'j': 182 ++jflag; 183 break; 184 case 'p': 185 if (npcbs >= TCP_NDEBUG) 186 errx(1, "too many pcbs specified"); 187 errno = 0; 188 cp = NULL; 189 l = strtoul(optarg, &cp, 16); 190 tcp_pcbs[npcbs] = (caddr_t)l; 191 if (*optarg == '\0' || *cp != '\0' || errno || 192 (unsigned long)tcp_pcbs[npcbs] != l) 193 errx(1, "invalid address: %s", optarg); 194 npcbs++; 195 break; 196 case 's': 197 ++sflag; 198 break; 199 case 't': 200 ++tflag; 201 break; 202 case 'N': 203 system = optarg; 204 break; 205 case 'M': 206 core = optarg; 207 break; 208 default: 209 usage(); 210 /* NOTREACHED */ 211 } 212 } 213 argc -= optind; 214 argv += optind; 215 216 if (argc) 217 usage(); 218 219 /* 220 * Discard setgid privileges. If not the running kernel, we toss 221 * them away totally so that bad guys can't print interesting stuff 222 * from kernel memory, otherwise switch back to kmem for the 223 * duration of the kvm_openfiles() call. 224 */ 225 if (core != NULL || system != NULL) 226 setgid(getgid()); 227 else 228 setegid(egid); 229 230 kd = kvm_openfiles(system, core, NULL, O_RDONLY, errbuf); 231 if (kd == NULL) 232 errx(1, "can't open kmem: %s", errbuf); 233 234 /* get rid of it now anyway */ 235 if (core == NULL && system == NULL) 236 setgid(getgid()); 237 238 if (kvm_nlist(kd, nl)) 239 errx(2, "%s: no namelist", system ? system : _PATH_UNIX); 240 241 if (kvm_read(kd, nl[N_TCP_DEBX].n_value, (char *)&tcp_debx, 242 sizeof(tcp_debx)) != sizeof(tcp_debx)) 243 errx(3, "tcp_debx: %s", kvm_geterr(kd)); 244 245 if (kvm_read(kd, nl[N_TCP_DEBUG].n_value, (char *)tcp_debug, 246 sizeof(tcp_debug)) != sizeof(tcp_debug)) 247 errx(3, "tcp_debug: %s", kvm_geterr(kd)); 248 249 /* 250 * If no control blocks have been specified, figure 251 * out how many distinct one we have and summarize 252 * them in tcp_pcbs for sorting the trace records 253 * below. 254 */ 255 if (npcbs == 0) { 256 for (i = 0; i < TCP_NDEBUG; i++) { 257 struct tcp_debug *td = &tcp_debug[i]; 258 int j; 259 260 if (td->td_tcb == 0) 261 continue; 262 for (j = 0; j < npcbs; j++) 263 if (tcp_pcbs[j] == td->td_tcb) 264 break; 265 if (j >= npcbs) 266 tcp_pcbs[npcbs++] = td->td_tcb; 267 } 268 if (npcbs == 0) 269 exit(0); 270 } 271 qsort(tcp_pcbs, npcbs, sizeof(caddr_t), numeric); 272 if (jflag) { 273 for (i = 0;;) { 274 printf("%lx", (long)tcp_pcbs[i]); 275 if (++i == npcbs) 276 break; 277 fputs(", ", stdout); 278 } 279 putchar('\n'); 280 } else { 281 for (i = 0; i < npcbs; i++) { 282 printf("\n%lx:\n", (long)tcp_pcbs[i]); 283 dotrace(tcp_pcbs[i]); 284 } 285 } 286 exit(0); 287 } 288 289 void 290 dotrace(tcpcb) 291 caddr_t tcpcb; 292 { 293 struct tcp_debug *td; 294 int prev_debx = tcp_debx; 295 int i; 296 297 again: 298 if (--tcp_debx < 0) 299 tcp_debx = TCP_NDEBUG - 1; 300 for (i = prev_debx % TCP_NDEBUG; i < TCP_NDEBUG; i++) { 301 td = &tcp_debug[i]; 302 if (tcpcb && td->td_tcb != tcpcb) 303 continue; 304 ntime = ntohl(td->td_time); 305 switch (td->td_family) { 306 case AF_INET: 307 tcp_trace(td->td_act, td->td_ostate, 308 (struct tcpcb *)td->td_tcb, &td->td_cb, 309 td->td_family, &td->td_ti, td->td_req); 310 break; 311 #ifdef INET6 312 case AF_INET6: 313 tcp_trace(td->td_act, td->td_ostate, 314 (struct tcpcb *)td->td_tcb, &td->td_cb, 315 td->td_family, &td->td_ti6, td->td_req); 316 break; 317 #endif 318 default: 319 tcp_trace(td->td_act, td->td_ostate, 320 (struct tcpcb *)td->td_tcb, &td->td_cb, 321 td->td_family, NULL, td->td_req); 322 break; 323 } 324 if (i == tcp_debx) 325 goto done; 326 } 327 for (i = 0; i <= tcp_debx % TCP_NDEBUG; i++) { 328 td = &tcp_debug[i]; 329 if (tcpcb && td->td_tcb != tcpcb) 330 continue; 331 ntime = ntohl(td->td_time); 332 switch (td->td_family) { 333 case AF_INET: 334 tcp_trace(td->td_act, td->td_ostate, 335 (struct tcpcb *)td->td_tcb, &td->td_cb, 336 td->td_family, &td->td_ti, td->td_req); 337 break; 338 #ifdef INET6 339 case AF_INET6: 340 tcp_trace(td->td_act, td->td_ostate, 341 (struct tcpcb *)td->td_tcb, &td->td_cb, 342 td->td_family, &td->td_ti6, td->td_req); 343 break; 344 #endif 345 default: 346 tcp_trace(td->td_act, td->td_ostate, 347 (struct tcpcb *)td->td_tcb, &td->td_cb, 348 td->td_family, NULL, td->td_req); 349 break; 350 } 351 } 352 done: 353 if (follow) { 354 prev_debx = tcp_debx + 1; 355 if (prev_debx >= TCP_NDEBUG) 356 prev_debx = 0; 357 do { 358 sleep(1); 359 if (kvm_read(kd, nl[N_TCP_DEBX].n_value, 360 (char *)&tcp_debx, sizeof(tcp_debx)) != 361 sizeof(tcp_debx)) 362 errx(3, "tcp_debx: %s", kvm_geterr(kd)); 363 } while (tcp_debx == prev_debx); 364 365 if (kvm_read(kd, nl[N_TCP_DEBUG].n_value, (char *)tcp_debug, 366 sizeof(tcp_debug)) != sizeof(tcp_debug)) 367 errx(3, "tcp_debug: %s", kvm_geterr(kd)); 368 369 goto again; 370 } 371 } 372 373 /* 374 * Tcp debug routines 375 */ 376 /*ARGSUSED*/ 377 void 378 tcp_trace(act, ostate, atp, tp, family, packet, req) 379 short act, ostate; 380 struct tcpcb *atp, *tp; 381 int family; 382 void *packet; 383 int req; 384 { 385 tcp_seq seq, ack; 386 int flags, len, win, timer; 387 struct tcphdr *th = NULL; 388 struct ip *ip = NULL; 389 #ifdef INET6 390 struct ip6_hdr *ip6 = NULL; 391 #endif 392 char hbuf[MAXHOSTNAMELEN]; 393 394 switch (family) { 395 case AF_INET: 396 if (packet) { 397 ip = (struct ip *)packet; 398 th = (struct tcphdr *)(ip + 1); 399 } 400 break; 401 #ifdef INET6 402 case AF_INET6: 403 if (packet) { 404 ip6 = (struct ip6_hdr *)packet; 405 th = (struct tcphdr *)(ip6 + 1); 406 } 407 break; 408 #endif 409 default: 410 return; 411 } 412 413 printf("%03d %s:%s ", (ntime/10) % 1000, tcpstates[ostate], 414 tanames[act]); 415 416 #ifndef INET6 417 if (!ip) 418 #else 419 if (!(ip || ip6)) 420 #endif 421 goto skipact; 422 423 switch (act) { 424 case TA_INPUT: 425 case TA_OUTPUT: 426 case TA_DROP: 427 if (aflag) { 428 inet_ntop(family, 429 #ifndef INET6 430 (void *)&ip->ip_src, 431 #else 432 family == AF_INET ? (void *)&ip->ip_src 433 : (void *)&ip6->ip6_src, 434 #endif 435 hbuf, sizeof(hbuf)); 436 printf("(src=%s,%u, ", 437 hbuf, ntohs(th->th_sport)); 438 inet_ntop(family, 439 #ifndef INET6 440 (void *)&ip->ip_dst, 441 #else 442 family == AF_INET ? (void *)&ip->ip_dst 443 : (void *)&ip6->ip6_dst, 444 #endif 445 hbuf, sizeof(hbuf)); 446 printf("dst=%s,%u)", 447 hbuf, ntohs(th->th_dport)); 448 } 449 seq = th->th_seq; 450 ack = th->th_ack; 451 if (ip) 452 len = ip->ip_len; 453 #ifdef INET6 454 else if (ip6) 455 len = ip6->ip6_plen; 456 #endif 457 win = th->th_win; 458 if (act == TA_OUTPUT) { 459 NTOHL(seq); 460 NTOHL(ack); 461 NTOHS(len); 462 NTOHS(win); 463 } 464 if (act == TA_OUTPUT) 465 len -= sizeof(struct tcphdr); 466 if (len) 467 printf("[%x..%x)", seq, seq + len); 468 else 469 printf("%x", seq); 470 printf("@%x", ack); 471 if (win) 472 printf("(win=%x)", win); 473 flags = th->th_flags; 474 if (flags) { 475 register char *cp = "<"; 476 #define pf(flag, string) { \ 477 if (th->th_flags&flag) { \ 478 (void)printf("%s%s", cp, string); \ 479 cp = ","; \ 480 } \ 481 } 482 pf(TH_SYN, "SYN"); 483 pf(TH_ACK, "ACK"); 484 pf(TH_FIN, "FIN"); 485 pf(TH_RST, "RST"); 486 pf(TH_PUSH, "PUSH"); 487 pf(TH_URG, "URG"); 488 printf(">"); 489 } 490 break; 491 case TA_USER: 492 timer = req >> 8; 493 req &= 0xff; 494 printf("%s", prurequests[req]); 495 if (req == PRU_SLOWTIMO || req == PRU_FASTTIMO) 496 printf("<%s>", tcptimers[timer]); 497 break; 498 } 499 500 skipact: 501 printf(" -> %s", tcpstates[tp->t_state]); 502 /* print out internal state of tp !?! */ 503 printf("\n"); 504 if (sflag) { 505 printf("\trcv_nxt %x rcv_wnd %lx snd_una %x snd_nxt %x snd_max %x\n", 506 tp->rcv_nxt, tp->rcv_wnd, tp->snd_una, tp->snd_nxt, 507 tp->snd_max); 508 printf("\tsnd_wl1 %x snd_wl2 %x snd_wnd %lx\n", tp->snd_wl1, 509 tp->snd_wl2, tp->snd_wnd); 510 } 511 /* print out timers? */ 512 if (tflag) { 513 register char *cp = "\t"; 514 register int i; 515 int hardticks; 516 517 if (kvm_read(kd, nl[N_HARDCLOCK_TICKS].n_value, 518 (char *)&hardticks, sizeof(hardticks)) != sizeof(hardticks)) 519 errx(3, "hardclock_ticks: %s", kvm_geterr(kd)); 520 521 for (i = 0; i < TCPT_NTIMERS; i++) { 522 if ((tp->t_timer[i].c_flags & CALLOUT_PENDING) == 0) 523 continue; 524 printf("%s%s=%d", cp, tcptimers[i], 525 tp->t_timer[i].c_time - hardticks); 526 if (i == TCPT_REXMT) 527 printf(" (t_rxtshft=%d)", tp->t_rxtshift); 528 cp = ", "; 529 } 530 if (*cp != '\t') 531 putchar('\n'); 532 } 533 } 534 535 int 536 numeric(v1, v2) 537 const void *v1, *v2; 538 { 539 const caddr_t *c1 = v1; 540 const caddr_t *c2 = v2; 541 int rv; 542 543 if (*c1 < *c2) 544 rv = -1; 545 else if (*c1 > *c2) 546 rv = 1; 547 else 548 rv = 0; 549 550 return (rv); 551 } 552 553 void 554 usage() 555 { 556 557 (void) fprintf(stderr, "usage: %s [-afjst] [-p hex-address]" 558 " [-N system] [-M core]\n", getprogname()); 559 exit(1); 560 } 561