1 /* 2 * Copyright (c) 1983, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#) Copyright (c) 1983, 1988, 1993 The Regents of the University of California. All rights reserved. 30 * @(#)trpt.c 8.1 (Berkeley) 6/6/93 31 * $FreeBSD: src/usr.sbin/trpt/trpt.c,v 1.12 2000/01/29 11:49:07 shin Exp $ 32 */ 33 34 #include <sys/param.h> 35 #include <sys/queue.h> 36 #include <sys/socket.h> 37 #include <sys/socketvar.h> 38 #define PRUREQUESTS 39 #include <sys/protosw.h> 40 #include <sys/time.h> 41 42 #include <net/route.h> 43 #include <net/if.h> 44 45 #include <netinet/in.h> 46 #include <netinet/in_systm.h> 47 #include <netinet/ip.h> 48 #ifdef INET6 49 #include <netinet/ip6.h> 50 #endif 51 #include <netinet/ip_var.h> 52 #include <netinet/tcp.h> 53 #define TCPSTATES 54 #include <netinet/tcp_fsm.h> 55 #include <netinet/tcp_seq.h> 56 #define TCPTIMERS 57 #include <netinet/tcp_timer.h> 58 #include <netinet/tcp_var.h> 59 #include <netinet/tcpip.h> 60 #define TANAMES 61 #include <netinet/tcp_debug.h> 62 63 #include <arpa/inet.h> 64 65 #include <err.h> 66 #include <fcntl.h> 67 #include <nlist.h> 68 #include <paths.h> 69 #include <stdio.h> 70 #include <stdlib.h> 71 #include <unistd.h> 72 73 struct nlist nl[] = { 74 #define N_TCP_DEBUG 0 75 { .n_name = "_tcp_debug" }, 76 #define N_TCP_DEBX 1 77 { .n_name = "_tcp_debx" }, 78 { .n_name = "" }, 79 }; 80 81 static caddr_t tcp_pcbs[TCP_NDEBUG]; 82 static n_time ntime; 83 static int aflag, kflag, memf, follow, sflag, tflag; 84 85 void dotrace(caddr_t); 86 void klseek(int, off_t, int); 87 int numeric(const void *, const void *); 88 void tcp_trace(short, short, struct tcpcb *, struct tcpcb *, 89 int, void *, struct tcphdr *, int); 90 static void usage(void); 91 92 int 93 main(int argc, char **argv) 94 { 95 int ch, i, jflag, npcbs; 96 const char *syst, *core; 97 98 jflag = npcbs = 0; 99 while ((ch = getopt(argc, argv, "afjp:st")) != -1) 100 switch (ch) { 101 case 'a': 102 ++aflag; 103 break; 104 case 'f': 105 ++follow; 106 setlinebuf(stdout); 107 break; 108 case 'j': 109 ++jflag; 110 break; 111 case 'p': 112 if (npcbs >= TCP_NDEBUG) 113 errx(1, "too many pcb's specified"); 114 sscanf(optarg, "%x", (int *)&tcp_pcbs[npcbs++]); 115 break; 116 case 's': 117 ++sflag; 118 break; 119 case 't': 120 ++tflag; 121 break; 122 case '?': 123 default: 124 usage(); 125 } 126 argc -= optind; 127 argv += optind; 128 129 core = _PATH_KMEM; 130 if (argc > 0) { 131 syst = *argv; 132 argc--, argv++; 133 if (argc > 0) { 134 core = *argv; 135 argc--, argv++; 136 ++kflag; 137 } 138 /* 139 * Discard setgid privileges if not the running kernel so that 140 * bad guys can't print interesting stuff from kernel memory. 141 */ 142 setgid(getgid()); 143 } else { 144 syst = getbootfile(); 145 } 146 147 if (nlist(syst, nl) < 0 || !nl[0].n_value) 148 errx(1, "%s: no namelist", syst); 149 if ((memf = open(core, O_RDONLY)) < 0) 150 err(2, "%s", core); 151 if (kflag) 152 errx(1, "can't do core files yet"); 153 klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET); 154 if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) != 155 sizeof(tcp_debx)) 156 err(3, "tcp_debx"); 157 klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET); 158 if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) != 159 sizeof(tcp_debug)) 160 err(3, "tcp_debug"); 161 /* 162 * If no control blocks have been specified, figure 163 * out how many distinct one we have and summarize 164 * them in tcp_pcbs for sorting the trace records 165 * below. 166 */ 167 if (!npcbs) { 168 for (i = 0; i < TCP_NDEBUG; i++) { 169 struct tcp_debug *td = &tcp_debug[i]; 170 int j; 171 172 if (td->td_tcb == 0) 173 continue; 174 for (j = 0; j < npcbs; j++) 175 if (tcp_pcbs[j] == td->td_tcb) 176 break; 177 if (j >= npcbs) 178 tcp_pcbs[npcbs++] = td->td_tcb; 179 } 180 if (!npcbs) 181 exit(0); 182 } 183 qsort(tcp_pcbs, npcbs, sizeof(caddr_t), numeric); 184 if (jflag) { 185 for (i = 0;;) { 186 printf("%p", (void *)tcp_pcbs[i]); 187 if (++i == npcbs) 188 break; 189 fputs(", ", stdout); 190 } 191 putchar('\n'); 192 } else { 193 for (i = 0; i < npcbs; i++) { 194 printf("\n%p:\n", (void *)tcp_pcbs[i]); 195 dotrace(tcp_pcbs[i]); 196 } 197 } 198 exit(0); 199 } 200 201 static void 202 usage(void) 203 { 204 fprintf(stderr, 205 "usage: trpt [-afjst] [-p hex-address] [system [core]]\n"); 206 exit(1); 207 } 208 209 void 210 dotrace(caddr_t tcpcb) 211 { 212 struct tcp_debug *td; 213 int i; 214 int prev_debx, family; 215 216 prev_debx = tcp_debx; 217 again: if (--tcp_debx < 0) 218 tcp_debx = TCP_NDEBUG - 1; 219 for (i = prev_debx % TCP_NDEBUG; i < TCP_NDEBUG; i++) { 220 td = &tcp_debug[i]; 221 if (tcpcb && td->td_tcb != tcpcb) 222 continue; 223 ntime = ntohl(td->td_time); 224 #ifdef INET6 225 family = td->td_family; 226 #else 227 family = AF_INET; 228 #endif 229 switch(family) { 230 case AF_INET: 231 tcp_trace(td->td_act, td->td_ostate, 232 (struct tcpcb *)td->td_tcb, 233 &td->td_cb, td->td_family, &td->td_ti.ti_i, 234 &td->td_ti.ti_t, td->td_req); 235 break; 236 #ifdef INET6 237 case AF_INET6: 238 tcp_trace(td->td_act, td->td_ostate, 239 (struct tcpcb *)td->td_tcb, 240 &td->td_cb, td->td_family, &td->td_ti6.ip6, 241 &td->td_ti6.th, td->td_req); 242 break; 243 #endif 244 } 245 if (i == tcp_debx) 246 goto done; 247 } 248 for (i = 0; i <= tcp_debx % TCP_NDEBUG; i++) { 249 td = &tcp_debug[i]; 250 if (tcpcb && td->td_tcb != tcpcb) 251 continue; 252 ntime = ntohl(td->td_time); 253 #ifdef INET6 254 family = td->td_family; 255 #else 256 family = AF_INET; 257 #endif 258 switch(family) { 259 case AF_INET: 260 tcp_trace(td->td_act, td->td_ostate, 261 (struct tcpcb *)td->td_tcb, 262 &td->td_cb, td->td_family, &td->td_ti.ti_i, 263 &td->td_ti.ti_t, td->td_req); 264 break; 265 #ifdef INET6 266 case AF_INET6: 267 tcp_trace(td->td_act, td->td_ostate, 268 (struct tcpcb *)td->td_tcb, 269 &td->td_cb, td->td_family, &td->td_ti6.ip6, 270 &td->td_ti6.th, td->td_req); 271 break; 272 #endif 273 } 274 } 275 done: if (follow) { 276 prev_debx = tcp_debx + 1; 277 if (prev_debx >= TCP_NDEBUG) 278 prev_debx = 0; 279 do { 280 sleep(1); 281 klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET); 282 if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) != 283 sizeof(tcp_debx)) 284 err(3, "tcp_debx"); 285 } while (tcp_debx == prev_debx); 286 klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET); 287 if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) != 288 sizeof(tcp_debug)) 289 err(3, "tcp_debug"); 290 goto again; 291 } 292 } 293 294 /* 295 * Tcp debug routines 296 */ 297 /*ARGSUSED*/ 298 void 299 tcp_trace(short act, short ostate, struct tcpcb *atp __unused, 300 struct tcpcb *tp, int family, void *ip, struct tcphdr *th, int req) 301 { 302 tcp_seq seq, ack; 303 int flags, len, win, timer; 304 struct ip *ip4 = NULL; 305 #ifdef INET6 306 int isipv6 = 0, nopkt = 1; 307 struct ip6_hdr *ip6 = NULL; 308 char ntop_buf[INET6_ADDRSTRLEN]; 309 #endif 310 311 #ifdef INET6 312 switch (family) { 313 case AF_INET: 314 nopkt = 0; 315 isipv6 = 0; 316 ip4 = (struct ip *)ip; 317 break; 318 case AF_INET6: 319 nopkt = 0; 320 isipv6 = 1; 321 ip6 = (struct ip6_hdr *)ip; 322 case 0: 323 default: 324 break; 325 } 326 #else 327 ip4 = (struct ip *)ip; 328 #endif 329 printf("%03ld %s:%s ",(long)(ntime/10) % 1000, tcpstates[ostate], 330 tanames[act]); 331 switch (act) { 332 case TA_INPUT: 333 case TA_OUTPUT: 334 case TA_DROP: 335 #ifdef INET6 336 if (nopkt != 0) 337 break; 338 #endif 339 if (aflag) { 340 printf("(src=%s,%u, ", 341 342 #ifdef INET6 343 isipv6 344 ? inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, 345 sizeof(ntop_buf)) : 346 #endif 347 inet_ntoa(ip4->ip_src), 348 ntohs(th->th_sport)); 349 printf("dst=%s,%u)", 350 #ifdef INET6 351 isipv6 352 ? inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, 353 sizeof(ntop_buf)) : 354 #endif 355 inet_ntoa(ip4->ip_dst), 356 ntohs(th->th_dport)); 357 } 358 seq = th->th_seq; 359 ack = th->th_ack; 360 361 len = 362 #ifdef INET6 363 isipv6 ? ip6->ip6_plen : 364 #endif 365 ip4->ip_len; 366 win = th->th_win; 367 if (act == TA_OUTPUT) { 368 seq = ntohl(seq); 369 ack = ntohl(ack); 370 len = ntohs(len); 371 win = ntohs(win); 372 } 373 if (act == TA_OUTPUT) 374 len -= sizeof(struct tcphdr); 375 if (len) 376 printf("[%lx..%lx)", (u_long)seq, (u_long)(seq + len)); 377 else 378 printf("%lx", (u_long)seq); 379 printf("@%lx", (u_long)ack); 380 if (win) 381 printf("(win=%x)", win); 382 flags = th->th_flags; 383 if (flags) { 384 const char *cp = "<"; 385 386 #define pf(flag, string) { \ 387 if (th->th_flags & flag) { \ 388 printf("%s%s", cp, string); \ 389 cp = ","; \ 390 } \ 391 } 392 pf(TH_SYN, "SYN"); 393 pf(TH_ACK, "ACK"); 394 pf(TH_FIN, "FIN"); 395 pf(TH_RST, "RST"); 396 pf(TH_PUSH, "PUSH"); 397 pf(TH_URG, "URG"); 398 printf(">"); 399 } 400 break; 401 case TA_USER: 402 timer = req >> 8; 403 req &= 0xff; 404 printf("%s", prurequests[req]); 405 if (req == PRU_SLOWTIMO || req == PRU_FASTTIMO) 406 printf("<%s>", tcptimers[timer]); 407 break; 408 } 409 printf(" -> %s", tcpstates[tp->t_state]); 410 /* print out internal state of tp !?! */ 411 printf("\n"); 412 if (sflag) { 413 printf("\trcv_nxt %lx rcv_wnd %lx snd_una %lx snd_nxt %lx snd_max %lx\n", 414 (u_long)tp->rcv_nxt, tp->rcv_wnd, 415 (u_long)tp->snd_una, (u_long)tp->snd_nxt, 416 (u_long)tp->snd_max); 417 printf("\tsnd_wl1 %lx snd_wl2 %lx snd_wnd %lx\n", 418 (u_long)tp->snd_wl1, 419 (u_long)tp->snd_wl2, (u_long)tp->snd_wnd); 420 } 421 /* print out timers? */ 422 #if 0 423 /* 424 * XXX 425 * kernel now uses callouts, not integer time values. 426 */ 427 if (tflag) { 428 char *cp = "\t"; 429 int i; 430 431 for (i = 0; i < TCPT_NTIMERS; i++) { 432 if (tp->t_timer[i] == 0) 433 continue; 434 printf("%s%s=%d", cp, tcptimers[i], tp->t_timer[i]); 435 if (i == TCPT_REXMT) 436 printf(" (t_rxtshft=%d)", tp->t_rxtshift); 437 cp = ", "; 438 } 439 if (*cp != '\t') 440 putchar('\n'); 441 } 442 #endif 443 } 444 445 int 446 numeric(const void *v1, const void *v2) 447 { 448 const caddr_t *c1 = v1, *c2 = v2; 449 450 return(*c1 - *c2); 451 } 452 453 void 454 klseek(int fd, off_t base, int off) 455 { 456 lseek(fd, base, off); 457 } 458