1 /* 2 * Copyright (c) 1983, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#) Copyright (c) 1983, 1988, 1993 The Regents of the University of California. All rights reserved. 30 * @(#)trpt.c 8.1 (Berkeley) 6/6/93 31 * $FreeBSD: src/usr.sbin/trpt/trpt.c,v 1.12 2000/01/29 11:49:07 shin Exp $ 32 * $DragonFly: src/usr.sbin/trpt/trpt.c,v 1.4 2004/03/21 22:41:24 cpressey Exp $ 33 */ 34 35 #include <sys/param.h> 36 #include <sys/queue.h> 37 #include <sys/socket.h> 38 #include <sys/socketvar.h> 39 #define PRUREQUESTS 40 #include <sys/protosw.h> 41 #include <sys/file.h> 42 #include <sys/time.h> 43 44 #include <net/route.h> 45 #include <net/if.h> 46 47 #include <netinet/in.h> 48 #include <netinet/in_systm.h> 49 #include <netinet/ip.h> 50 #ifdef INET6 51 #include <netinet/ip6.h> 52 #endif 53 #include <netinet/ip_var.h> 54 #include <netinet/tcp.h> 55 #define TCPSTATES 56 #include <netinet/tcp_fsm.h> 57 #include <netinet/tcp_seq.h> 58 #define TCPTIMERS 59 #include <netinet/tcp_timer.h> 60 #include <netinet/tcp_var.h> 61 #include <netinet/tcpip.h> 62 #define TANAMES 63 #include <netinet/tcp_debug.h> 64 65 #include <arpa/inet.h> 66 67 #include <err.h> 68 #include <nlist.h> 69 #include <paths.h> 70 #include <stdio.h> 71 #include <stdlib.h> 72 #include <unistd.h> 73 74 struct nlist nl[] = { 75 #define N_TCP_DEBUG 0 76 { .n_name = "_tcp_debug" }, 77 #define N_TCP_DEBX 1 78 { .n_name = "_tcp_debx" }, 79 { .n_name = "" }, 80 }; 81 82 static caddr_t tcp_pcbs[TCP_NDEBUG]; 83 static n_time ntime; 84 static int aflag, kflag, memf, follow, sflag, tflag; 85 86 void dotrace(caddr_t); 87 void klseek(int, off_t, int); 88 int numeric(const void *, const void *); 89 void tcp_trace(short, short, struct tcpcb *, struct tcpcb *, 90 int, void *, struct tcphdr *, int); 91 static void usage(void); 92 93 int 94 main(int argc, char **argv) 95 { 96 int ch, i, jflag, npcbs; 97 const char *syst, *core; 98 99 jflag = npcbs = 0; 100 while ((ch = getopt(argc, argv, "afjp:st")) != -1) 101 switch (ch) { 102 case 'a': 103 ++aflag; 104 break; 105 case 'f': 106 ++follow; 107 setlinebuf(stdout); 108 break; 109 case 'j': 110 ++jflag; 111 break; 112 case 'p': 113 if (npcbs >= TCP_NDEBUG) 114 errx(1, "too many pcb's specified"); 115 sscanf(optarg, "%x", (int *)&tcp_pcbs[npcbs++]); 116 break; 117 case 's': 118 ++sflag; 119 break; 120 case 't': 121 ++tflag; 122 break; 123 case '?': 124 default: 125 usage(); 126 } 127 argc -= optind; 128 argv += optind; 129 130 core = _PATH_KMEM; 131 if (argc > 0) { 132 syst = *argv; 133 argc--, argv++; 134 if (argc > 0) { 135 core = *argv; 136 argc--, argv++; 137 ++kflag; 138 } 139 /* 140 * Discard setgid privileges if not the running kernel so that 141 * bad guys can't print interesting stuff from kernel memory. 142 */ 143 setgid(getgid()); 144 } else { 145 syst = getbootfile(); 146 } 147 148 if (nlist(syst, nl) < 0 || !nl[0].n_value) 149 errx(1, "%s: no namelist", syst); 150 if ((memf = open(core, O_RDONLY)) < 0) 151 err(2, "%s", core); 152 if (kflag) 153 errx(1, "can't do core files yet"); 154 klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET); 155 if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) != 156 sizeof(tcp_debx)) 157 err(3, "tcp_debx"); 158 klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET); 159 if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) != 160 sizeof(tcp_debug)) 161 err(3, "tcp_debug"); 162 /* 163 * If no control blocks have been specified, figure 164 * out how many distinct one we have and summarize 165 * them in tcp_pcbs for sorting the trace records 166 * below. 167 */ 168 if (!npcbs) { 169 for (i = 0; i < TCP_NDEBUG; i++) { 170 struct tcp_debug *td = &tcp_debug[i]; 171 int j; 172 173 if (td->td_tcb == 0) 174 continue; 175 for (j = 0; j < npcbs; j++) 176 if (tcp_pcbs[j] == td->td_tcb) 177 break; 178 if (j >= npcbs) 179 tcp_pcbs[npcbs++] = td->td_tcb; 180 } 181 if (!npcbs) 182 exit(0); 183 } 184 qsort(tcp_pcbs, npcbs, sizeof(caddr_t), numeric); 185 if (jflag) { 186 for (i = 0;;) { 187 printf("%p", (void *)tcp_pcbs[i]); 188 if (++i == npcbs) 189 break; 190 fputs(", ", stdout); 191 } 192 putchar('\n'); 193 } else { 194 for (i = 0; i < npcbs; i++) { 195 printf("\n%p:\n", (void *)tcp_pcbs[i]); 196 dotrace(tcp_pcbs[i]); 197 } 198 } 199 exit(0); 200 } 201 202 static void 203 usage(void) 204 { 205 fprintf(stderr, 206 "usage: trpt [-afjst] [-p hex-address] [system [core]]\n"); 207 exit(1); 208 } 209 210 void 211 dotrace(caddr_t tcpcb) 212 { 213 struct tcp_debug *td; 214 int i; 215 int prev_debx, family; 216 217 prev_debx = tcp_debx; 218 again: if (--tcp_debx < 0) 219 tcp_debx = TCP_NDEBUG - 1; 220 for (i = prev_debx % TCP_NDEBUG; i < TCP_NDEBUG; i++) { 221 td = &tcp_debug[i]; 222 if (tcpcb && td->td_tcb != tcpcb) 223 continue; 224 ntime = ntohl(td->td_time); 225 #ifdef INET6 226 family = td->td_family; 227 #else 228 family = AF_INET; 229 #endif 230 switch(family) { 231 case AF_INET: 232 tcp_trace(td->td_act, td->td_ostate, 233 (struct tcpcb *)td->td_tcb, 234 &td->td_cb, td->td_family, &td->td_ti.ti_i, 235 &td->td_ti.ti_t, td->td_req); 236 break; 237 #ifdef INET6 238 case AF_INET6: 239 tcp_trace(td->td_act, td->td_ostate, 240 (struct tcpcb *)td->td_tcb, 241 &td->td_cb, td->td_family, &td->td_ti6.ip6, 242 &td->td_ti6.th, td->td_req); 243 break; 244 #endif 245 } 246 if (i == tcp_debx) 247 goto done; 248 } 249 for (i = 0; i <= tcp_debx % TCP_NDEBUG; i++) { 250 td = &tcp_debug[i]; 251 if (tcpcb && td->td_tcb != tcpcb) 252 continue; 253 ntime = ntohl(td->td_time); 254 #ifdef INET6 255 family = td->td_family; 256 #else 257 family = AF_INET; 258 #endif 259 switch(family) { 260 case AF_INET: 261 tcp_trace(td->td_act, td->td_ostate, 262 (struct tcpcb *)td->td_tcb, 263 &td->td_cb, td->td_family, &td->td_ti.ti_i, 264 &td->td_ti.ti_t, td->td_req); 265 break; 266 #ifdef INET6 267 case AF_INET6: 268 tcp_trace(td->td_act, td->td_ostate, 269 (struct tcpcb *)td->td_tcb, 270 &td->td_cb, td->td_family, &td->td_ti6.ip6, 271 &td->td_ti6.th, td->td_req); 272 break; 273 #endif 274 } 275 } 276 done: if (follow) { 277 prev_debx = tcp_debx + 1; 278 if (prev_debx >= TCP_NDEBUG) 279 prev_debx = 0; 280 do { 281 sleep(1); 282 klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET); 283 if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) != 284 sizeof(tcp_debx)) 285 err(3, "tcp_debx"); 286 } while (tcp_debx == prev_debx); 287 klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET); 288 if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) != 289 sizeof(tcp_debug)) 290 err(3, "tcp_debug"); 291 goto again; 292 } 293 } 294 295 /* 296 * Tcp debug routines 297 */ 298 /*ARGSUSED*/ 299 void 300 tcp_trace(short act, short ostate, struct tcpcb *atp __unused, 301 struct tcpcb *tp, int family, void *ip, struct tcphdr *th, int req) 302 { 303 tcp_seq seq, ack; 304 int flags, len, win, timer; 305 struct ip *ip4 = NULL; 306 #ifdef INET6 307 int isipv6 = 0, nopkt = 1; 308 struct ip6_hdr *ip6 = NULL; 309 char ntop_buf[INET6_ADDRSTRLEN]; 310 #endif 311 312 #ifdef INET6 313 switch (family) { 314 case AF_INET: 315 nopkt = 0; 316 isipv6 = 0; 317 ip4 = (struct ip *)ip; 318 break; 319 case AF_INET6: 320 nopkt = 0; 321 isipv6 = 1; 322 ip6 = (struct ip6_hdr *)ip; 323 case 0: 324 default: 325 break; 326 } 327 #else 328 ip4 = (struct ip *)ip; 329 #endif 330 printf("%03ld %s:%s ",(long)(ntime/10) % 1000, tcpstates[ostate], 331 tanames[act]); 332 switch (act) { 333 case TA_INPUT: 334 case TA_OUTPUT: 335 case TA_DROP: 336 #ifdef INET6 337 if (nopkt != 0) 338 break; 339 #endif 340 if (aflag) { 341 printf("(src=%s,%u, ", 342 343 #ifdef INET6 344 isipv6 345 ? inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, 346 sizeof(ntop_buf)) : 347 #endif 348 inet_ntoa(ip4->ip_src), 349 ntohs(th->th_sport)); 350 printf("dst=%s,%u)", 351 #ifdef INET6 352 isipv6 353 ? inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, 354 sizeof(ntop_buf)) : 355 #endif 356 inet_ntoa(ip4->ip_dst), 357 ntohs(th->th_dport)); 358 } 359 seq = th->th_seq; 360 ack = th->th_ack; 361 362 len = 363 #ifdef INET6 364 isipv6 ? ip6->ip6_plen : 365 #endif 366 ip4->ip_len; 367 win = th->th_win; 368 if (act == TA_OUTPUT) { 369 seq = ntohl(seq); 370 ack = ntohl(ack); 371 len = ntohs(len); 372 win = ntohs(win); 373 } 374 if (act == TA_OUTPUT) 375 len -= sizeof(struct tcphdr); 376 if (len) 377 printf("[%lx..%lx)", (u_long)seq, (u_long)(seq + len)); 378 else 379 printf("%lx", (u_long)seq); 380 printf("@%lx", (u_long)ack); 381 if (win) 382 printf("(win=%x)", win); 383 flags = th->th_flags; 384 if (flags) { 385 const char *cp = "<"; 386 387 #define pf(flag, string) { \ 388 if (th->th_flags & flag) { \ 389 printf("%s%s", cp, string); \ 390 cp = ","; \ 391 } \ 392 } 393 pf(TH_SYN, "SYN"); 394 pf(TH_ACK, "ACK"); 395 pf(TH_FIN, "FIN"); 396 pf(TH_RST, "RST"); 397 pf(TH_PUSH, "PUSH"); 398 pf(TH_URG, "URG"); 399 printf(">"); 400 } 401 break; 402 case TA_USER: 403 timer = req >> 8; 404 req &= 0xff; 405 printf("%s", prurequests[req]); 406 if (req == PRU_SLOWTIMO || req == PRU_FASTTIMO) 407 printf("<%s>", tcptimers[timer]); 408 break; 409 } 410 printf(" -> %s", tcpstates[tp->t_state]); 411 /* print out internal state of tp !?! */ 412 printf("\n"); 413 if (sflag) { 414 printf("\trcv_nxt %lx rcv_wnd %lx snd_una %lx snd_nxt %lx snd_max %lx\n", 415 (u_long)tp->rcv_nxt, tp->rcv_wnd, 416 (u_long)tp->snd_una, (u_long)tp->snd_nxt, 417 (u_long)tp->snd_max); 418 printf("\tsnd_wl1 %lx snd_wl2 %lx snd_wnd %lx\n", 419 (u_long)tp->snd_wl1, 420 (u_long)tp->snd_wl2, (u_long)tp->snd_wnd); 421 } 422 /* print out timers? */ 423 #if 0 424 /* 425 * XXX 426 * kernel now uses callouts, not integer time values. 427 */ 428 if (tflag) { 429 char *cp = "\t"; 430 int i; 431 432 for (i = 0; i < TCPT_NTIMERS; i++) { 433 if (tp->t_timer[i] == 0) 434 continue; 435 printf("%s%s=%d", cp, tcptimers[i], tp->t_timer[i]); 436 if (i == TCPT_REXMT) 437 printf(" (t_rxtshft=%d)", tp->t_rxtshift); 438 cp = ", "; 439 } 440 if (*cp != '\t') 441 putchar('\n'); 442 } 443 #endif 444 } 445 446 int 447 numeric(const void *v1, const void *v2) 448 { 449 const caddr_t *c1 = v1, *c2 = v2; 450 451 return(*c1 - *c2); 452 } 453 454 void 455 klseek(int fd, off_t base, int off) 456 { 457 lseek(fd, base, off); 458 } 459