xref: /illumos-gate/usr/src/cmd/cmd-inet/usr.bin/netstat/netstat.c (revision cdfd7f6b)

/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
 * Copyright (c) 1990  Mentat Inc.
 * netstat.c 2.2, last change 9/9/91
 * MROUTING Revision 3.5
 * Copyright 2018, Joyent, Inc.
 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
 * Copyright 2021 Racktop Systems, Inc.
 */

/*
 * simple netstat based on snmp/mib-2 interface to the TCP/IP stack
 *
 * TODO:
 *	Add ability to request subsets from kernel (with level = MIB2_IP;
 *	name = 0 meaning everything for compatibility)
 */

#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <unistd.h>
#include <strings.h>
#include <string.h>
#include <errno.h>
#include <ctype.h>
#include <kstat.h>
#include <assert.h>
#include <locale.h>
#include <synch.h>
#include <thread.h>
#include <pwd.h>
#include <limits.h>
#include <sys/ccompile.h>

#include <sys/types.h>
#include <sys/stat.h>
#include <sys/stream.h>
#include <stropts.h>
#include <sys/strstat.h>
#include <sys/tihdr.h>
#include <procfs.h>
#include <dirent.h>

#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/sockio.h>
#include <netinet/in.h>
#include <net/if.h>
#include <net/route.h>

#include <inet/mib2.h>
#include <inet/ip.h>
#include <inet/arp.h>
#include <inet/tcp.h>
#include <netinet/igmp_var.h>
#include <netinet/ip_mroute.h>

#include <arpa/inet.h>
#include <netdb.h>
#include <fcntl.h>
#include <sys/systeminfo.h>
#include <arpa/inet.h>

#include <netinet/dhcp.h>
#include <dhcpagent_ipc.h>
#include <dhcpagent_util.h>
#include <compat.h>
#include <sys/mkdev.h>

#include <libtsnet.h>
#include <tsol/label.h>

#include <libproc.h>

#include "statcommon.h"

#define	STR_EXPAND	4

#define	V4MASK_TO_V6(v4, v6)	((v6)._S6_un._S6_u32[0] = 0xfffffffful, \
				(v6)._S6_un._S6_u32[1] = 0xfffffffful, \
				(v6)._S6_un._S6_u32[2] = 0xfffffffful, \
				(v6)._S6_un._S6_u32[3] = (v4))

#define	IN6_IS_V4MASK(v6)	((v6)._S6_un._S6_u32[0] == 0xfffffffful && \
				(v6)._S6_un._S6_u32[1] == 0xfffffffful && \
				(v6)._S6_un._S6_u32[2] == 0xfffffffful)

/*
 * This is used as a cushion in the buffer allocation directed by SIOCGLIFNUM.
 * Because there's no locking between SIOCGLIFNUM and SIOCGLIFCONF, it's
 * possible for an administrator to plumb new interfaces between those two
 * calls, resulting in the failure of the latter.  This addition makes that
 * less likely.
 */
#define	LIFN_GUARD_VALUE	10

typedef struct mib_item_s {
	struct mib_item_s	*next_item;
	int			group;
	int			mib_id;
	int			length;
	void			*valp;
} mib_item_t;

struct	ifstat {
	uint64_t	ipackets;
	uint64_t	ierrors;
	uint64_t	opackets;
	uint64_t	oerrors;
	uint64_t	collisions;
};

struct iflist {
	struct iflist	*next_if;
	char		ifname[LIFNAMSIZ];
	struct ifstat	tot;
};

static void fatal(int, char *, ...) __NORETURN;

static	mib_item_t	*mibget(int sd);
static	void		mibfree(mib_item_t *firstitem);
static	int		mibopen(void);
static void		mib_get_constants(mib_item_t *item);
static mib_item_t	*mib_item_dup(mib_item_t *item);
static mib_item_t	*mib_item_diff(mib_item_t *item1, mib_item_t *item2);
static void		mib_item_destroy(mib_item_t **item);

static boolean_t	octetstrmatch(const Octet_t *a, const Octet_t *b);
static char		*octetstr(const Octet_t *op, int code,
			    char *dst, uint_t dstlen);
static char		*pr_addr(uint_t addr, char *dst, uint_t dstlen);
static char		*pr_addrnz(ipaddr_t addr, char *dst, uint_t dstlen);
static char		*pr_addr6(const in6_addr_t *addr,
			    char *dst, uint_t dstlen);
static char		*pr_mask(uint_t addr, char *dst, uint_t dstlen);
static char		*pr_prefix6(const struct in6_addr *addr,
			    uint_t prefixlen, char *dst, uint_t dstlen);
static char		*pr_ap(uint_t addr, uint_t port,
			    char *proto, char *dst, uint_t dstlen);
static char		*pr_ap6(const in6_addr_t *addr, uint_t port,
			    char *proto, char *dst, uint_t dstlen);
static char		*pr_net(uint_t addr, uint_t mask,
			    char *dst, uint_t dstlen);
static char		*pr_netaddr(uint_t addr, uint_t mask,
			    char *dst, uint_t dstlen);
static char		*fmodestr(uint_t fmode);
static char		*portname(uint_t port, char *proto,
			    char *dst, uint_t dstlen);

static const char	*mitcp_state(int code,
			    const mib2_transportMLPEntry_t *attr);
static const char	*miudp_state(int code,
			    const mib2_transportMLPEntry_t *attr);

static void		stat_report(mib_item_t *item);
static void		mrt_stat_report(mib_item_t *item);
static void		arp_report(mib_item_t *item);
static void		ndp_report(mib_item_t *item);
static void		mrt_report(mib_item_t *item);
static void		if_stat_total(struct ifstat *oldstats,
			    struct ifstat *newstats, struct ifstat *sumstats);
static void		if_report(mib_item_t *item, char *ifname,
			    int Iflag_only, boolean_t once_only);
static void		if_report_ip4(mib2_ipAddrEntry_t *ap,
			    char ifname[], char logintname[],
			    struct ifstat *statptr, boolean_t ksp_not_null);
static void		if_report_ip6(mib2_ipv6AddrEntry_t *ap6,
			    char ifname[], char logintname[],
			    struct ifstat *statptr, boolean_t ksp_not_null);
static void		ire_report(const mib_item_t *item);
static void		tcp_report(const mib_item_t *item);
static void		udp_report(const mib_item_t *item);
static void		uds_report(kstat_ctl_t *);
static void		group_report(mib_item_t *item);
static void		dce_report(mib_item_t *item);
static void		print_ip_stats(mib2_ip_t *ip);
static void		print_icmp_stats(mib2_icmp_t *icmp);
static void		print_ip6_stats(mib2_ipv6IfStatsEntry_t *ip6);
static void		print_icmp6_stats(mib2_ipv6IfIcmpEntry_t *icmp6);
static void		print_sctp_stats(mib2_sctp_t *tcp);
static void		print_tcp_stats(mib2_tcp_t *tcp);
static void		print_udp_stats(mib2_udp_t *udp);
static void		print_rawip_stats(mib2_rawip_t *rawip);
static void		print_igmp_stats(struct igmpstat *igps);
static void		print_mrt_stats(struct mrtstat *mrts);
static void		sctp_report(const mib_item_t *item);
static void		sum_ip6_stats(mib2_ipv6IfStatsEntry_t *ip6,
			    mib2_ipv6IfStatsEntry_t *sum6);
static void		sum_icmp6_stats(mib2_ipv6IfIcmpEntry_t *icmp6,
			    mib2_ipv6IfIcmpEntry_t *sum6);
static void		m_report(void);
static void		dhcp_report(char *);

static	uint64_t	kstat_named_value(kstat_t *, char *);
static	kid_t		safe_kstat_read(kstat_ctl_t *, kstat_t *, void *);
static int		isnum(char *);
static char		*plural(int n);
static char		*pluraly(int n);
static char		*plurales(int n);
static void		process_filter(char *arg);
static char		*ifindex2str(uint_t, char *);
static boolean_t	family_selected(int family);

static void		usage(char *);
static char		*get_username(uid_t);

static void		process_hash_build(void);
static void		process_hash_free(void);

#define	PLURAL(n) plural((int)n)
#define	PLURALY(n) pluraly((int)n)
#define	PLURALES(n) plurales((int)n)
#define	IFLAGMOD(flg, val1, val2)	if (flg == val1) flg = val2
#define	MDIFF(diff, elem2, elem1, member)	(diff)->member = \
	(elem2)->member - (elem1)->member

static	boolean_t	Aflag = B_FALSE;	/* All sockets/ifs/rtng-tbls */
static	boolean_t	CIDRflag = B_FALSE;	/* CIDR for IPv4 -i/-r addrs */
static	boolean_t	Dflag = B_FALSE;	/* DCE info */
static	boolean_t	Iflag = B_FALSE;	/* IP Traffic Interfaces */
static	boolean_t	Mflag = B_FALSE;	/* STREAMS Memory Statistics */
static	boolean_t	Nflag = B_FALSE;	/* Numeric Network Addresses */
static	boolean_t	Rflag = B_FALSE;	/* Routing Tables */
static	boolean_t	RSECflag = B_FALSE;	/* Security attributes */
static	boolean_t	Sflag = B_FALSE;	/* Per-protocol Statistics */
static	boolean_t	Vflag = B_FALSE;	/* Verbose */
static	boolean_t	Uflag = B_FALSE;	/* Show PID and UID info. */
static	boolean_t	Pflag = B_FALSE;	/* Net to Media Tables */
static	boolean_t	Gflag = B_FALSE;	/* Multicast group membership */
static	boolean_t	MMflag = B_FALSE;	/* Multicast routing table */
static	boolean_t	DHCPflag = B_FALSE;	/* DHCP statistics */
static	boolean_t	Xflag = B_FALSE;	/* Debug Info */

static	int	v4compat = 0;	/* Compatible printing format for status */

static int	proto = IPPROTO_MAX;	/* all protocols */
kstat_ctl_t	*kc = NULL;

/*
 * Name service timeout detection constants.
 */
static mutex_t ns_lock = ERRORCHECKMUTEX;
static boolean_t ns_active = B_FALSE;	/* Is a lookup ongoing? */
static hrtime_t ns_starttime;		/* Time the lookup started */
static int ns_sleeptime = 2;		/* Time in seconds between checks */
static int ns_warntime = 2;		/* Time in seconds before warning */

/*
 * Sizes of data structures extracted from the base mib.
 * This allows the size of the tables entries to grow while preserving
 * binary compatibility.
 */
static int ipAddrEntrySize;
static int ipRouteEntrySize;
static int ipNetToMediaEntrySize;
static int ipMemberEntrySize;
static int ipGroupSourceEntrySize;
static int ipRouteAttributeSize;
static int vifctlSize;
static int mfcctlSize;

static int ipv6IfStatsEntrySize;
static int ipv6IfIcmpEntrySize;
static int ipv6AddrEntrySize;
static int ipv6RouteEntrySize;
static int ipv6NetToMediaEntrySize;
static int ipv6MemberEntrySize;
static int ipv6GroupSourceEntrySize;

static int ipDestEntrySize;

static int transportMLPSize;
static int tcpConnEntrySize;
static int tcp6ConnEntrySize;
static int udpEntrySize;
static int udp6EntrySize;
static int sctpEntrySize;
static int sctpLocalEntrySize;
static int sctpRemoteEntrySize;

#define	protocol_selected(p)	(proto == IPPROTO_MAX || proto == (p))

/* Machinery used for -f (filter) option */
enum { FK_AF = 0, FK_OUTIF, FK_DST, FK_FLAGS, NFILTERKEYS };

static const char *filter_keys[NFILTERKEYS] = {
	"af", "outif", "dst", "flags"
};

static m_label_t *zone_security_label = NULL;

/* Flags on routes */
#define	FLF_A		0x00000001
#define	FLF_b		0x00000002
#define	FLF_D		0x00000004
#define	FLF_G		0x00000008
#define	FLF_H		0x00000010
#define	FLF_L		0x00000020
#define	FLF_U		0x00000040
#define	FLF_M		0x00000080
#define	FLF_S		0x00000100
#define	FLF_C		0x00000200	/* IRE_IF_CLONE */
#define	FLF_I		0x00000400	/* RTF_INDIRECT */
#define	FLF_R		0x00000800	/* RTF_REJECT */
#define	FLF_B		0x00001000	/* RTF_BLACKHOLE */
#define	FLF_Z		0x00100000	/* RTF_ZONE */

static const char flag_list[] = "AbDGHLUMSCIRBZ";

typedef struct filter_rule filter_t;

struct filter_rule {
	filter_t *f_next;
	union {
		int f_family;
		const char *f_ifname;
		struct {
			struct hostent *f_address;
			in6_addr_t f_mask;
		} a;
		struct {
			uint_t f_flagset;
			uint_t f_flagclear;
		} f;
	} u;
};

/*
 * The user-specified filters are linked into lists separated by
 * keyword (type of filter).  Thus, the matching algorithm is:
 *	For each non-empty filter list
 *		If no filters in the list match
 *			then stop here; route doesn't match
 *	If loop above completes, then route does match and will be
 *	displayed.
 */
static filter_t *filters[NFILTERKEYS];

static uint_t timestamp_fmt = NODATE;

#if !defined(TEXT_DOMAIN)		/* Should be defined by cc -D */
#define	TEXT_DOMAIN "SYS_TEST"		/* Use this only if it isn't */
#endif

static void
ns_lookup_start(void)
{
	mutex_enter(&ns_lock);
	ns_active = B_TRUE;
	ns_starttime = gethrtime();
	mutex_exit(&ns_lock);
}

static void
ns_lookup_end(void)
{
	mutex_enter(&ns_lock);
	ns_active = B_FALSE;
	mutex_exit(&ns_lock);
}

/*
 * When name services are not functioning, this program appears to hang to the
 * user. To try and give the user a chance of figuring out that this might be
 * the case, we end up warning them and suggest that they may want to use the -n
 * flag.
 */
/* ARGSUSED */
static void *
ns_warning_thr(void *unsued)
{
	for (;;) {
		hrtime_t now;

		(void) sleep(ns_sleeptime);
		now = gethrtime();
		mutex_enter(&ns_lock);
		if (ns_active && now - ns_starttime >= ns_warntime * NANOSEC) {
			(void) fprintf(stderr, "warning: data "
			    "available, but name service lookups are "
			    "taking a while. Use the -n option to "
			    "disable name service lookups.\n");
			mutex_exit(&ns_lock);
			return (NULL);
		}
		mutex_exit(&ns_lock);
	}

	return (NULL);
}

int
main(int argc, char **argv)
{
	char		*name;
	mib_item_t	*item = NULL;
	mib_item_t	*previtem = NULL;
	int		sd = -1;
	char	*ifname = NULL;
	int	interval = 0;	/* Single time by default */
	int	count = -1;	/* Forever */
	int	c;
	int	d;
	/*
	 * Possible values of 'Iflag_only':
	 * -1, no feature-flags;
	 *  0, IFlag and other feature-flags enabled
	 *  1, IFlag is the only feature-flag enabled
	 * : trinary variable, modified using IFLAGMOD()
	 */
	int Iflag_only = -1;
	boolean_t once_only = B_FALSE; /* '-i' with count > 1 */
	extern char	*optarg;
	extern int	optind;
	char *default_ip_str = NULL;

	name = argv[0];

	v4compat = get_compat_flag(&default_ip_str);
	if (v4compat == DEFAULT_PROT_BAD_VALUE)
		fatal(2, "%s: %s: Bad value for %s in %s\n", name,
		    default_ip_str, DEFAULT_IP, INET_DEFAULT_FILE);
	free(default_ip_str);

	(void) setlocale(LC_ALL, "");
	(void) textdomain(TEXT_DOMAIN);

	while ((c = getopt(argc, argv, "acdimnrspMguvxf:P:I:DRT:")) != -1) {
		switch ((char)c) {
		case 'a':		/* all connections */
			Aflag = B_TRUE;
			break;

		case 'c':
			CIDRflag = B_TRUE;
			break;

		case 'd':		/* DCE info */
			Dflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'i':		/* interface (ill/ipif report) */
			Iflag = B_TRUE;
			IFLAGMOD(Iflag_only, -1, 1); /* '-i' exists */
			break;

		case 'm':		/* streams msg report */
			Mflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'n':		/* numeric format */
			Nflag = B_TRUE;
			break;

		case 'r':		/* route tables */
			Rflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'R':		/* security attributes */
			RSECflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 's':		/* per-protocol statistics */
			Sflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'p':		/* arp/ndp table */
			Pflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'M':		/* multicast routing tables */
			MMflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'g':		/* multicast group membership */
			Gflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'v':		/* verbose output format */
			Vflag = B_TRUE;
			IFLAGMOD(Iflag_only, 1, 0); /* see macro def'n */
			break;

		case 'u':		/* show pid and uid information */
			Uflag = B_TRUE;
			break;

		case 'x':		/* turn on debugging */
			Xflag = B_TRUE;
			break;

		case 'f':
			process_filter(optarg);
			break;

		case 'P':
			if (strcmp(optarg, "ip") == 0) {
				proto = IPPROTO_IP;
			} else if (strcmp(optarg, "ipv6") == 0 ||
			    strcmp(optarg, "ip6") == 0) {
				v4compat = 0;	/* Overridden */
				proto = IPPROTO_IPV6;
			} else if (strcmp(optarg, "icmp") == 0) {
				proto = IPPROTO_ICMP;
			} else if (strcmp(optarg, "icmpv6") == 0 ||
			    strcmp(optarg, "icmp6") == 0) {
				v4compat = 0;	/* Overridden */
				proto = IPPROTO_ICMPV6;
			} else if (strcmp(optarg, "igmp") == 0) {
				proto = IPPROTO_IGMP;
			} else if (strcmp(optarg, "udp") == 0) {
				proto = IPPROTO_UDP;
			} else if (strcmp(optarg, "tcp") == 0) {
				proto = IPPROTO_TCP;
			} else if (strcmp(optarg, "sctp") == 0) {
				proto = IPPROTO_SCTP;
			} else if (strcmp(optarg, "raw") == 0 ||
			    strcmp(optarg, "rawip") == 0) {
				proto = IPPROTO_RAW;
			} else {
				fatal(1, "%s: unknown protocol.\n", optarg);
			}
			break;

		case 'I':
			ifname = optarg;
			Iflag = B_TRUE;
			IFLAGMOD(Iflag_only, -1, 1); /* see macro def'n */
			break;

		case 'D':
			DHCPflag = B_TRUE;
			Iflag_only = 0;
			break;

		case 'T':
			if (optarg) {
				if (*optarg == 'u')
					timestamp_fmt = UDATE;
				else if (*optarg == 'd')
					timestamp_fmt = DDATE;
				else
					usage(name);
			} else {
				usage(name);
			}
			break;

		case '?':
		default:
			usage(name);
		}
	}

	/*
	 * Make sure -R option is set only on a labeled system.
	 */
	if (RSECflag && !is_system_labeled()) {
		(void) fprintf(stderr, "-R set but labeling is not enabled\n");
		usage(name);
	}

	/*
	 * Handle other arguments: find interval, count; the
	 * flags that accept 'interval' and 'count' are OR'd
	 * in the outermost 'if'; more flags may be added as
	 * required
	 */
	if (Iflag || Sflag || Mflag) {
		for (d = optind; d < argc; d++) {
			if (isnum(argv[d])) {
				interval = atoi(argv[d]);
				if (d + 1 < argc &&
				    isnum(argv[d + 1])) {
					count = atoi(argv[d + 1]);
					optind++;