2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 static const char copyright[] =
38 "@(#) Copyright (c) 1989, 1993\n\
39 The Regents of the University of California. All rights reserved.\n";
43 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93";
46 #include <sys/cdefs.h>
47 __FBSDID("$FreeBSD$");
52 * Using the Internet Control Message Protocol (ICMP) "ECHO" facility,
53 * measure round-trip-delays and packet loss across network paths.
57 * U. S. Army Ballistic Research Laboratory
61 * Public Domain. Distribution Unlimited.
63 * More statistics could always be gathered.
64 * This program has to run SUID to ROOT to access the ICMP socket.
67 #include <sys/param.h> /* NB: we rely on this for <sys/types.h> */
68 #include <sys/capsicum.h>
69 #include <sys/socket.h>
70 #include <sys/sysctl.h>
74 #include <netinet/in.h>
75 #include <netinet/in_systm.h>
76 #include <netinet/ip.h>
77 #include <netinet/ip_icmp.h>
78 #include <netinet/ip_var.h>
79 #include <arpa/inet.h>
81 #include <libcasper.h>
82 #include <casper/cap_dns.h>
85 #include <netipsec/ipsec.h>
88 #include <capsicum_helpers.h>
107 #define INADDR_LEN ((int)sizeof(in_addr_t))
108 #define TIMEVAL_LEN ((int)sizeof(struct tv32))
109 #define MASK_LEN (ICMP_MASKLEN - ICMP_MINLEN)
110 #define TS_LEN (ICMP_TSLEN - ICMP_MINLEN)
111 #define DEFDATALEN 56 /* default data length */
112 #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */
113 /* runs out of buffer space */
114 #define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN)
115 #define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN)
116 #define MAXWAIT 10000 /* max ms to wait for response */
117 #define MAXALARM (60 * 60) /* max seconds for alarm timeout */
120 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */
121 #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */
122 #define SET(bit) (A(bit) |= B(bit))
123 #define CLR(bit) (A(bit) &= (~B(bit)))
124 #define TST(bit) (A(bit) & B(bit))
131 /* various options */
133 #define F_FLOOD 0x0001
134 #define F_INTERVAL 0x0002
135 #define F_NUMERIC 0x0004
136 #define F_PINGFILLED 0x0008
137 #define F_QUIET 0x0010
138 #define F_RROUTE 0x0020
139 #define F_SO_DEBUG 0x0040
140 #define F_SO_DONTROUTE 0x0080
141 #define F_VERBOSE 0x0100
142 #define F_QUIET2 0x0200
143 #define F_NOLOOP 0x0400
144 #define F_MTTL 0x0800
146 #define F_AUDIBLE 0x2000
148 #ifdef IPSEC_POLICY_IPSEC
149 #define F_POLICY 0x4000
150 #endif /*IPSEC_POLICY_IPSEC*/
153 #define F_MISSED 0x10000
154 #define F_ONCE 0x20000
155 #define F_HDRINCL 0x40000
156 #define F_MASK 0x80000
157 #define F_TIME 0x100000
158 #define F_SWEEP 0x200000
159 #define F_WAITTIME 0x400000
160 #define F_IP_VLAN_PCP 0x800000
163 * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum
164 * number of received sequence numbers we can keep track of. Change 128
165 * to 8192 for complete accuracy...
167 #define MAX_DUP_CHK (8 * 128)
168 static int mx_dup_ck = MAX_DUP_CHK;
169 static char rcvd_tbl[MAX_DUP_CHK / 8];
171 static struct sockaddr_in whereto; /* who to ping */
172 static int datalen = DEFDATALEN;
173 static int maxpayload;
174 static int ssend; /* send socket file descriptor */
175 static int srecv; /* receive socket file descriptor */
176 static u_char outpackhdr[IP_MAXPACKET], *outpack;
177 static char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */
178 static char BSPACE = '\b'; /* characters written for flood */
179 static char DOT = '.';
180 static char *hostname;
181 static char *shostname;
182 static int ident; /* process id to identify our packets */
183 static int uid; /* cached uid for micro-optimization */
184 static u_char icmp_type = ICMP_ECHO;
185 static u_char icmp_type_rsp = ICMP_ECHOREPLY;
186 static int phdr_len = 0;
190 static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */
191 static long npackets; /* max packets to transmit */
192 static long nreceived; /* # of packets we got back */
193 static long nrepeats; /* number of duplicates */
194 static long ntransmitted; /* sequence # for outbound packets = #sent */
195 static long snpackets; /* max packets to transmit in one sweep */
196 static long sntransmitted; /* # of packets we sent in this sweep */
197 static int sweepmax; /* max value of payload in sweep */
198 static int sweepmin = 0; /* start value of payload in sweep */
199 static int sweepincr = 1; /* payload increment in sweep */
200 static int interval = 1000; /* interval between packets, ms */
201 static int waittime = MAXWAIT; /* timeout for each packet */
202 static long nrcvtimeout = 0; /* # of packets we got back after waittime */
205 static int timing; /* flag to do timing */
206 static double tmin = 999999999.0; /* minimum round trip time */
207 static double tmax = 0.0; /* maximum round trip time */
208 static double tsum = 0.0; /* sum of all times, for doing average */
209 static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */
211 /* nonzero if we've been told to finish up */
212 static volatile sig_atomic_t finish_up;
213 static volatile sig_atomic_t siginfo_p;
215 static cap_channel_t *capdns;
217 static void fill(char *, char *);
218 static cap_channel_t *capdns_setup(void);
219 static void check_status(void);
220 static void finish(void) __dead2;
221 static void pinger(void);
222 static char *pr_addr(struct in_addr);
223 static char *pr_ntime(n_time);
224 static void pr_icmph(struct icmp *, struct ip *, const u_char *const);
225 static void pr_iph(struct ip *);
226 static void pr_pack(char *, ssize_t, struct sockaddr_in *, struct timespec *);
227 static void pr_retip(struct ip *, const u_char *);
228 static void status(int);
229 static void stopit(int);
232 ping(int argc, char *const *argv)
234 struct sockaddr_in from, sock_in;
235 struct in_addr ifaddr;
236 struct timespec last, intvl;
239 struct sigaction si_sa;
241 u_char *datap, packet[IP_MAXPACKET] __aligned(4);
243 char *ep, *source, *target, *payload;
245 #ifdef IPSEC_POLICY_IPSEC
246 char *policy_in, *policy_out;
248 struct sockaddr_in *to;
252 int almost_done, ch, df, hold, i, icmp_len, mib[4], preload;
253 int ssend_errno, srecv_errno, tos, ttl, pcp;
254 char ctrl[CMSG_SPACE(sizeof(struct timespec))];
255 char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN];
257 char rspace[MAX_IPOPTLEN]; /* record route space */
259 unsigned char loop, mttl;
261 payload = source = NULL;
262 #ifdef IPSEC_POLICY_IPSEC
263 policy_in = policy_out = NULL;
267 options |= F_NUMERIC;
270 * Do the stuff that we need root priv's for *first*, and
271 * then drop our setuid bit. Save error reporting for
274 * Historicaly ping was using one socket 's' for sending and for
275 * receiving. After capsicum(4) related changes we use two
276 * sockets. It was done for special ping use case - when user
277 * issue ping on multicast or broadcast address replies come
278 * from different addresses, not from the address we
279 * connect(2)'ed to, and send socket do not receive those
282 ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
284 srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
287 if (setuid(getuid()) != 0)
288 err(EX_NOPERM, "setuid() failed");
293 err(EX_OSERR, "ssend socket");
298 err(EX_OSERR, "srecv socket");
301 alarmtimeout = df = preload = tos = pcp = 0;
303 outpack = outpackhdr + sizeof(struct ip);
304 while ((ch = getopt(argc, argv, PING4OPTS)) != -1) {
307 /* This option is processed in main(). */
313 options |= F_AUDIBLE;
316 options |= F_IP_VLAN_PCP;
317 ltmp = strtonum(optarg, -1, 7, &errstr);
319 errx(EX_USAGE, "invalid PCP: `%s'", optarg);
323 ltmp = strtonum(optarg, 1, LONG_MAX, &errstr);
326 "invalid count of packets to transmit: `%s'",
328 npackets = (long)ltmp;
331 options |= F_HDRINCL;
335 options |= F_SO_DEBUG;
340 err(EX_NOPERM, "-f flag");
343 setbuf(stdout, (char *)NULL);
345 case 'G': /* Maximum packet size for ping sweep */
346 ltmp = strtonum(optarg, 1, INT_MAX, &errstr);
347 if (errstr != NULL) {
348 errx(EX_USAGE, "invalid packet size: `%s'",
351 sweepmax = (int)ltmp;
352 if (uid != 0 && sweepmax > DEFDATALEN) {
353 errc(EX_NOPERM, EPERM,
354 "packet size too large: %d > %u",
355 sweepmax, DEFDATALEN);
359 case 'g': /* Minimum packet size for ping sweep */
360 ltmp = strtonum(optarg, 1, INT_MAX, &errstr);
361 if (errstr != NULL) {
362 errx(EX_USAGE, "invalid packet size: `%s'",
365 sweepmin = (int)ltmp;
366 if (uid != 0 && sweepmin > DEFDATALEN) {
367 errc(EX_NOPERM, EPERM,
368 "packet size too large: %d > %u",
369 sweepmin, DEFDATALEN);
374 options &= ~F_NUMERIC;
376 case 'h': /* Packet size increment for ping sweep */
377 ltmp = strtonum(optarg, 1, INT_MAX, &errstr);
378 if (errstr != NULL) {
379 errx(EX_USAGE, "invalid packet size: `%s'",
382 sweepincr = (int)ltmp;
383 if (uid != 0 && sweepincr > DEFDATALEN) {
384 errc(EX_NOPERM, EPERM,
385 "packet size too large: %d > %u",
386 sweepincr, DEFDATALEN);
390 case 'I': /* multicast interface */
391 if (inet_aton(optarg, &ifaddr) == 0)
393 "invalid multicast interface: `%s'",
397 case 'i': /* wait between sending packets */
398 t = strtod(optarg, &ep) * 1000.0;
399 if (*ep || ep == optarg || t > (double)INT_MAX)
400 errx(EX_USAGE, "invalid timing interval: `%s'",
402 options |= F_INTERVAL;
404 if (uid && interval < 1000) {
406 err(EX_NOPERM, "-i interval too short");
414 ltmp = strtonum(optarg, 0, INT_MAX, &errstr);
417 "invalid preload value: `%s'", optarg);
420 err(EX_NOPERM, "-l flag");
435 errx(EX_USAGE, "invalid message: `%c'", optarg[0]);
440 ltmp = strtonum(optarg, 0, MAXTTL, &errstr);
442 errx(EX_USAGE, "invalid TTL: `%s'", optarg);
447 options |= F_NUMERIC;
453 #ifdef IPSEC_POLICY_IPSEC
456 if (!strncmp("in", optarg, 2))
457 policy_in = strdup(optarg);
458 else if (!strncmp("out", optarg, 3))
459 policy_out = strdup(optarg);
461 errx(1, "invalid security policy");
463 #endif /*IPSEC_POLICY_IPSEC*/
465 case 'p': /* fill buffer with user pattern */
466 options |= F_PINGFILLED;
479 options |= F_SO_DONTROUTE;
484 case 's': /* size of packet to send */
485 ltmp = strtonum(optarg, 0, INT_MAX, &errstr);
487 errx(EX_USAGE, "invalid packet size: `%s'",
490 if (uid != 0 && datalen > DEFDATALEN) {
493 "packet size too large: %d > %u",
494 datalen, DEFDATALEN);
497 case 'T': /* multicast TTL */
498 ltmp = strtonum(optarg, 0, MAXTTL, &errstr);
500 errx(EX_USAGE, "invalid multicast TTL: `%s'",
502 mttl = (unsigned char)ltmp;
506 alarmtimeout = strtoul(optarg, &ep, 0);
507 if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX))
508 errx(EX_USAGE, "invalid timeout: `%s'",
510 if (alarmtimeout > MAXALARM)
511 errx(EX_USAGE, "invalid timeout: `%s' > %d",
514 struct itimerval itv;
516 timerclear(&itv.it_interval);
517 timerclear(&itv.it_value);
518 itv.it_value.tv_sec = (time_t)alarmtimeout;
519 if (setitimer(ITIMER_REAL, &itv, NULL) != 0)
524 options |= F_VERBOSE;
526 case 'W': /* wait ms for answer */
527 t = strtod(optarg, &ep);
528 if (*ep || ep == optarg || t > (double)INT_MAX)
529 errx(EX_USAGE, "invalid timing interval: `%s'",
531 options |= F_WAITTIME;
535 options |= F_HDRINCL;
536 ltmp = strtol(optarg, &ep, 0);
537 if (*ep || ep == optarg || ltmp > MAXTOS || ltmp < 0)
538 errx(EX_USAGE, "invalid TOS: `%s'", optarg);
546 if (argc - optind != 1)
548 target = argv[optind];
550 switch (options & (F_MASK|F_TIME)) {
553 icmp_type = ICMP_MASKREQ;
554 icmp_type_rsp = ICMP_MASKREPLY;
556 if (!(options & F_QUIET))
557 (void)printf("ICMP_MASKREQ\n");
560 icmp_type = ICMP_TSTAMP;
561 icmp_type_rsp = ICMP_TSTAMPREPLY;
563 if (!(options & F_QUIET))
564 (void)printf("ICMP_TSTAMP\n");
567 errx(EX_USAGE, "ICMP_TSTAMP and ICMP_MASKREQ are exclusive.");
570 icmp_len = sizeof(struct ip) + ICMP_MINLEN + phdr_len;
571 if (options & F_RROUTE)
572 icmp_len += MAX_IPOPTLEN;
573 maxpayload = IP_MAXPACKET - icmp_len;
574 if (datalen > maxpayload)
575 errx(EX_USAGE, "packet size too large: %d > %d", datalen,
577 send_len = icmp_len + datalen;
578 datap = &outpack[ICMP_MINLEN + phdr_len + TIMEVAL_LEN];
579 if (options & F_PINGFILLED) {
580 fill((char *)datap, payload);
582 capdns = capdns_setup();
584 bzero((char *)&sock_in, sizeof(sock_in));
585 sock_in.sin_family = AF_INET;
586 if (inet_aton(source, &sock_in.sin_addr) != 0) {
589 hp = cap_gethostbyname2(capdns, source, AF_INET);
591 errx(EX_NOHOST, "cannot resolve %s: %s",
592 source, hstrerror(h_errno));
594 sock_in.sin_len = sizeof sock_in;
595 if ((unsigned)hp->h_length > sizeof(sock_in.sin_addr) ||
597 errx(1, "gethostbyname2: illegal address");
598 memcpy(&sock_in.sin_addr, hp->h_addr_list[0],
599 sizeof(sock_in.sin_addr));
600 (void)strncpy(snamebuf, hp->h_name,
601 sizeof(snamebuf) - 1);
602 snamebuf[sizeof(snamebuf) - 1] = '\0';
603 shostname = snamebuf;
605 if (bind(ssend, (struct sockaddr *)&sock_in, sizeof sock_in) ==
610 bzero(&whereto, sizeof(whereto));
612 to->sin_family = AF_INET;
613 to->sin_len = sizeof *to;
614 if (inet_aton(target, &to->sin_addr) != 0) {
617 hp = cap_gethostbyname2(capdns, target, AF_INET);
619 errx(EX_NOHOST, "cannot resolve %s: %s",
620 target, hstrerror(h_errno));
622 if ((unsigned)hp->h_length > sizeof(to->sin_addr))
623 errx(1, "gethostbyname2 returned an illegal address");
624 memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr);
625 (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1);
626 hnamebuf[sizeof(hnamebuf) - 1] = '\0';
630 /* From now on we will use only reverse DNS lookups. */
632 if (capdns != NULL) {
633 const char *types[1];
635 types[0] = "ADDR2NAME";
636 if (cap_dns_type_limit(capdns, types, 1) < 0)
637 err(1, "unable to limit access to system.dns service");
640 if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0)
643 if (options & F_FLOOD && options & F_INTERVAL)
644 errx(EX_USAGE, "-f and -i: incompatible options");
646 if (options & F_FLOOD && IN_MULTICAST(ntohl(to->sin_addr.s_addr)))
648 "-f flag cannot be used with multicast destination");
649 if (options & (F_MIF | F_NOLOOP | F_MTTL)
650 && !IN_MULTICAST(ntohl(to->sin_addr.s_addr)))
652 "-I, -L, -T flags cannot be used with unicast destination");
654 if (datalen >= TIMEVAL_LEN) /* can we time transfer */
657 if ((options & (F_PINGFILLED | F_SWEEP)) == 0)
658 for (i = TIMEVAL_LEN; i < datalen; ++i)
661 ident = getpid() & 0xFFFF;
664 if (options & F_SO_DEBUG) {
665 (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold,
667 (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold,
670 if (options & F_SO_DONTROUTE)
671 (void)setsockopt(ssend, SOL_SOCKET, SO_DONTROUTE, (char *)&hold,
673 if (options & F_IP_VLAN_PCP) {
674 (void)setsockopt(ssend, IPPROTO_IP, IP_VLAN_PCP, (char *)&pcp,
678 #ifdef IPSEC_POLICY_IPSEC
679 if (options & F_POLICY) {
681 if (policy_in != NULL) {
682 buf = ipsec_set_policy(policy_in, strlen(policy_in));
684 errx(EX_CONFIG, "%s", ipsec_strerror());
685 if (setsockopt(srecv, IPPROTO_IP, IP_IPSEC_POLICY,
686 buf, ipsec_get_policylen(buf)) < 0)
688 "ipsec policy cannot be configured");
692 if (policy_out != NULL) {
693 buf = ipsec_set_policy(policy_out, strlen(policy_out));
695 errx(EX_CONFIG, "%s", ipsec_strerror());
696 if (setsockopt(ssend, IPPROTO_IP, IP_IPSEC_POLICY,
697 buf, ipsec_get_policylen(buf)) < 0)
699 "ipsec policy cannot be configured");
703 #endif /*IPSEC_POLICY_IPSEC*/
706 if (options & F_HDRINCL) {
709 memcpy(&ip, outpackhdr, sizeof(ip));
710 if (!(options & (F_TTL | F_MTTL))) {
714 mib[3] = IPCTL_DEFTTL;
716 if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1)
717 err(1, "sysctl(net.inet.ip.ttl)");
719 setsockopt(ssend, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold));
721 ip.ip_hl = sizeof(struct ip) >> 2;
724 ip.ip_off = htons(df ? IP_DF : 0);
726 ip.ip_p = IPPROTO_ICMP;
727 ip.ip_src.s_addr = source ? sock_in.sin_addr.s_addr : INADDR_ANY;
728 ip.ip_dst = to->sin_addr;
729 memcpy(outpackhdr, &ip, sizeof(ip));
733 * Here we enter capability mode. Further down access to global
734 * namespaces (e.g filesystem) is restricted (see capsicum(4)).
735 * We must connect(2) our socket before this point.
737 caph_cache_catpages();
738 if (caph_enter_casper() < 0)
739 err(1, "caph_enter_casper");
741 cap_rights_init(&rights, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT);
742 if (caph_rights_limit(srecv, &rights) < 0)
743 err(1, "cap_rights_limit srecv");
744 cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT);
745 if (caph_rights_limit(ssend, &rights) < 0)
746 err(1, "cap_rights_limit ssend");
748 /* record route option */
749 if (options & F_RROUTE) {
751 bzero(rspace, sizeof(rspace));
752 rspace[IPOPT_OPTVAL] = IPOPT_RR;
753 rspace[IPOPT_OLEN] = sizeof(rspace) - 1;
754 rspace[IPOPT_OFFSET] = IPOPT_MINOFF;
755 rspace[sizeof(rspace) - 1] = IPOPT_EOL;
756 if (setsockopt(ssend, IPPROTO_IP, IP_OPTIONS, rspace,
758 err(EX_OSERR, "setsockopt IP_OPTIONS");
761 "record route not available in this implementation");
762 #endif /* IP_OPTIONS */
765 if (options & F_TTL) {
766 if (setsockopt(ssend, IPPROTO_IP, IP_TTL, &ttl,
768 err(EX_OSERR, "setsockopt IP_TTL");
771 if (options & F_NOLOOP) {
772 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_LOOP, &loop,
774 err(EX_OSERR, "setsockopt IP_MULTICAST_LOOP");
777 if (options & F_MTTL) {
778 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_TTL, &mttl,
780 err(EX_OSERR, "setsockopt IP_MULTICAST_TTL");
783 if (options & F_MIF) {
784 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_IF, &ifaddr,
785 sizeof(ifaddr)) < 0) {
786 err(EX_OSERR, "setsockopt IP_MULTICAST_IF");
792 int ts_clock = SO_TS_MONOTONIC;
793 if (setsockopt(srecv, SOL_SOCKET, SO_TIMESTAMP, &on,
795 err(EX_OSERR, "setsockopt SO_TIMESTAMP");
796 if (setsockopt(srecv, SOL_SOCKET, SO_TS_CLOCK, &ts_clock,
797 sizeof(ts_clock)) < 0)
798 err(EX_OSERR, "setsockopt SO_TS_CLOCK");
802 if (sweepmin > sweepmax)
804 "Maximum packet size must be no less than the minimum packet size");
806 if (sweepmax > maxpayload - TIMEVAL_LEN)
807 errx(EX_USAGE, "Invalid sweep maximum");
809 if (datalen != DEFDATALEN)
811 "Packet size and ping sweep are mutually exclusive");
814 snpackets = npackets;
819 send_len = icmp_len + sweepmin;
821 if (options & F_SWEEP && !sweepmax)
822 errx(EX_USAGE, "Maximum sweep size must be specified");
825 * When pinging the broadcast address, you can get a lot of answers.
826 * Doing something so evil is useful if you are trying to stress the
827 * ethernet, or just want to fill the arp cache to get some stuff for
828 * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast
829 * or multicast pings if they wish.
833 * XXX receive buffer needs undetermined space for mbuf overhead
836 hold = IP_MAXPACKET + 128;
837 (void)setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold,
839 /* CAP_SETSOCKOPT removed */
840 cap_rights_init(&rights, CAP_RECV, CAP_EVENT);
841 if (caph_rights_limit(srecv, &rights) < 0)
842 err(1, "cap_rights_limit srecv setsockopt");
844 (void)setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, (char *)&hold,
846 /* CAP_SETSOCKOPT removed */
847 cap_rights_init(&rights, CAP_SEND);
848 if (caph_rights_limit(ssend, &rights) < 0)
849 err(1, "cap_rights_limit ssend setsockopt");
851 if (to->sin_family == AF_INET) {
852 (void)printf("PING %s (%s)", hostname,
853 inet_ntoa(to->sin_addr));
855 (void)printf(" from %s", shostname);
857 (void)printf(": (%d ... %d) data bytes\n",
860 (void)printf(": %d data bytes\n", datalen);
864 (void)printf("PING %s: (%d ... %d) data bytes\n",
865 hostname, sweepmin, sweepmax);
867 (void)printf("PING %s: %d data bytes\n", hostname, datalen);
871 * Use sigaction() instead of signal() to get unambiguous semantics,
872 * in particular with SA_RESTART not set.
875 sigemptyset(&si_sa.sa_mask);
878 si_sa.sa_handler = stopit;
879 if (sigaction(SIGINT, &si_sa, 0) == -1) {
880 err(EX_OSERR, "sigaction SIGINT");
883 si_sa.sa_handler = status;
884 if (sigaction(SIGINFO, &si_sa, 0) == -1) {
885 err(EX_OSERR, "sigaction");
888 if (alarmtimeout > 0) {
889 si_sa.sa_handler = stopit;
890 if (sigaction(SIGALRM, &si_sa, 0) == -1)
891 err(EX_OSERR, "sigaction SIGALRM");
894 bzero(&msg, sizeof(msg));
895 msg.msg_name = (caddr_t)&from;
899 msg.msg_control = (caddr_t)ctrl;
900 msg.msg_controllen = sizeof(ctrl);
902 iov.iov_base = packet;
903 iov.iov_len = IP_MAXPACKET;
906 pinger(); /* send the first ping */
908 if (npackets != 0 && preload > npackets)
910 while (preload--) /* fire off them quickies */
913 (void)clock_gettime(CLOCK_MONOTONIC, &last);
915 if (options & F_FLOOD) {
917 intvl.tv_nsec = 10000000;
919 intvl.tv_sec = interval / 1000;
920 intvl.tv_nsec = interval % 1000 * 1000000;
925 struct timespec now, timeout;
931 if ((unsigned)srecv >= FD_SETSIZE)
932 errx(EX_OSERR, "descriptor too large");
934 FD_SET(srecv, &rfds);
935 (void)clock_gettime(CLOCK_MONOTONIC, &now);
936 timespecadd(&last, &intvl, &timeout);
937 timespecsub(&timeout, &now, &timeout);
938 if (timeout.tv_sec < 0)
939 timespecclear(&timeout);
940 n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL);
942 continue; /* Must be EINTR. */
944 struct timespec *tv = NULL;
946 struct cmsghdr *cmsg = CMSG_FIRSTHDR(&msg);
948 msg.msg_namelen = sizeof(from);
949 if ((cc = recvmsg(srecv, &msg, 0)) < 0) {
955 /* If we have a 0 byte read from recvfrom continue */
960 cmsg->cmsg_level == SOL_SOCKET &&
961 cmsg->cmsg_type == SCM_TIMESTAMP &&
962 cmsg->cmsg_len == CMSG_LEN(sizeof *tv)) {
963 /* Copy to avoid alignment problems: */
964 memcpy(&now, CMSG_DATA(cmsg), sizeof(now));
969 (void)clock_gettime(CLOCK_MONOTONIC, &now);
972 pr_pack((char *)packet, cc, &from, tv);
973 if ((options & F_ONCE && nreceived) ||
974 (npackets && nreceived >= npackets))
977 if (n == 0 || options & F_FLOOD) {
978 if (sweepmax && sntransmitted == snpackets) {
979 if (datalen + sweepincr > sweepmax)
981 for (i = 0; i < sweepincr; i++)
983 datalen += sweepincr;
984 send_len = icmp_len + datalen;
987 if (!npackets || ntransmitted < npackets)
995 intvl.tv_sec = 2 * tmax / 1000;
999 intvl.tv_sec = waittime / 1000;
1000 intvl.tv_nsec = waittime % 1000 * 1000000;
1003 (void)clock_gettime(CLOCK_MONOTONIC, &last);
1004 if (ntransmitted - nreceived - 1 > nmissedmax) {
1005 nmissedmax = ntransmitted - nreceived - 1;
1006 if (options & F_MISSED)
1007 (void)write(STDOUT_FILENO, &BBELL, 1);
1013 exit(0); /* Make the compiler happy */
1018 * Set the global bit that causes the main loop to quit.
1019 * Do NOT call finish() from here, since finish() does far too much
1020 * to be called from a signal handler.
1023 stopit(int sig __unused)
1027 * When doing reverse DNS lookups, the finish_up flag might not
1028 * be noticed for a while. Just exit if we get a second SIGINT.
1030 if (!(options & F_NUMERIC) && finish_up)
1031 _exit(nreceived ? 0 : 2);
1037 * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet
1038 * will be added on by the kernel. The ID field is our UNIX process ID,
1039 * and the sequence number is an ascending integer. The first TIMEVAL_LEN
1040 * bytes of the data portion are used to hold a UNIX "timespec" struct in
1041 * host byte-order, to compute the round-trip time.
1046 struct timespec now;
1053 memcpy(&icp, outpack, ICMP_MINLEN + phdr_len);
1054 icp.icmp_type = icmp_type;
1057 icp.icmp_seq = htons(ntransmitted);
1058 icp.icmp_id = ident; /* ID */
1060 CLR(ntransmitted % mx_dup_ck);
1062 if ((options & F_TIME) || timing) {
1063 (void)clock_gettime(CLOCK_MONOTONIC, &now);
1065 * Truncate seconds down to 32 bits in order
1066 * to fit the timestamp within 8 bytes of the
1067 * packet. We're only concerned with
1068 * durations, not absolute times.
1070 tv32.tv32_sec = (uint32_t)htonl(now.tv_sec);
1071 tv32.tv32_nsec = (uint32_t)htonl(now.tv_nsec);
1072 if (options & F_TIME)
1073 icp.icmp_otime = htonl((now.tv_sec % (24*60*60))
1074 * 1000 + now.tv_nsec / 1000000);
1076 bcopy((void *)&tv32,
1077 (void *)&outpack[ICMP_MINLEN + phdr_len],
1081 memcpy(outpack, &icp, ICMP_MINLEN + phdr_len);
1083 cc = ICMP_MINLEN + phdr_len + datalen;
1085 /* compute ICMP checksum here */
1086 icp.icmp_cksum = in_cksum(outpack, cc);
1087 /* Update icmp_cksum in the raw packet data buffer. */
1088 memcpy(outpack + offsetof(struct icmp, icmp_cksum), &icp.icmp_cksum,
1089 sizeof(icp.icmp_cksum));
1091 if (options & F_HDRINCL) {
1094 cc += sizeof(struct ip);
1095 ip.ip_len = htons(cc);
1096 /* Update ip_len in the raw packet data buffer. */
1097 memcpy(outpackhdr + offsetof(struct ip, ip_len), &ip.ip_len,
1099 ip.ip_sum = in_cksum(outpackhdr, cc);
1100 /* Update ip_sum in the raw packet data buffer. */
1101 memcpy(outpackhdr + offsetof(struct ip, ip_sum), &ip.ip_sum,
1103 packet = outpackhdr;
1105 i = send(ssend, (char *)packet, cc, 0);
1106 if (i < 0 || i != cc) {
1108 if (options & F_FLOOD && errno == ENOBUFS) {
1109 usleep(FLOOD_BACKOFF);
1114 warn("%s: partial write: %d of %d bytes",
1120 if (!(options & F_QUIET) && options & F_FLOOD)
1121 (void)write(STDOUT_FILENO, &DOT, 1);
1126 * Print out the packet, if it came from us. This logic is necessary
1127 * because ALL readers of the ICMP socket get a copy of ALL ICMP packets
1128 * which arrive ('tis only fair). This permits multiple copies of this
1129 * program to be run without having intermingled output (or statistics!).
1132 pr_pack(char *buf, ssize_t cc, struct sockaddr_in *from, struct timespec *tv)
1138 const u_char *icmp_data_raw;
1139 ssize_t icmp_data_raw_len;
1141 int dupflag, i, j, recv_len;
1144 static int old_rrlen;
1145 static char old_rr[MAX_IPOPTLEN];
1147 u_char oip_header_len;
1149 const u_char *oicmp_raw;
1152 * Get size of IP header of the received packet.
1153 * The header length is contained in the lower four bits of the first
1154 * byte and represents the number of 4 byte octets the header takes up.
1156 * The IHL minimum value is 5 (20 bytes) and its maximum value is 15
1159 memcpy(&l, buf, sizeof(l));
1160 hlen = (l & 0x0f) << 2;
1162 /* Reject IP packets with a short header */
1163 if (hlen < sizeof(struct ip)) {
1164 if (options & F_VERBOSE)
1165 warn("IHL too short (%d bytes) from %s", hlen,
1166 inet_ntoa(from->sin_addr));
1170 memcpy(&ip, buf, sizeof(struct ip));
1172 /* Check packet has enough data to carry a valid ICMP header */
1174 if (cc < hlen + ICMP_MINLEN) {
1175 if (options & F_VERBOSE)
1176 warn("packet too short (%zd bytes) from %s", cc,
1177 inet_ntoa(from->sin_addr));
1182 icmp_data_raw = buf + hlen + offsetof(struct icmp, icmp_ip);
1184 icmp_data_raw_len = cc - (hlen + offsetof(struct icmp, icmp_data));
1185 icmp_data_raw = buf + hlen + offsetof(struct icmp, icmp_data);
1188 /* Now the ICMP part */
1190 memcpy(&icp, buf + hlen, MIN((ssize_t)sizeof(icp), cc));
1191 if (icp.icmp_type == icmp_type_rsp) {
1192 if (icp.icmp_id != ident)
1193 return; /* 'Twas not our ECHO */
1197 struct timespec tv1;
1201 tp = icmp_data_raw + phdr_len;
1203 if ((size_t)(cc - ICMP_MINLEN - phdr_len) >=
1205 /* Copy to avoid alignment problems: */
1206 memcpy(&tv32, tp, sizeof(tv32));
1207 tv1.tv_sec = ntohl(tv32.tv32_sec);
1208 tv1.tv_nsec = ntohl(tv32.tv32_nsec);
1209 timespecsub(tv, &tv1, tv);
1210 triptime = ((double)tv->tv_sec) * 1000.0 +
1211 ((double)tv->tv_nsec) / 1000000.0;
1213 tsumsq += triptime * triptime;
1214 if (triptime < tmin)
1216 if (triptime > tmax)
1222 seq = ntohs(icp.icmp_seq);
1224 if (TST(seq % mx_dup_ck)) {
1229 SET(seq % mx_dup_ck);
1233 if (options & F_QUIET)
1236 if (options & F_WAITTIME && triptime > waittime) {
1241 if (options & F_FLOOD)
1242 (void)write(STDOUT_FILENO, &BSPACE, 1);
1244 (void)printf("%zd bytes from %s: icmp_seq=%u", cc,
1245 pr_addr(from->sin_addr), seq);
1246 (void)printf(" ttl=%d", ip.ip_ttl);
1248 (void)printf(" time=%.3f ms", triptime);
1250 (void)printf(" (DUP!)");
1251 if (options & F_AUDIBLE)
1252 (void)write(STDOUT_FILENO, &BBELL, 1);
1253 if (options & F_MASK) {
1254 /* Just prentend this cast isn't ugly */
1255 (void)printf(" mask=%s",
1256 inet_ntoa(*(struct in_addr *)&(icp.icmp_mask)));
1258 if (options & F_TIME) {
1259 (void)printf(" tso=%s", pr_ntime(icp.icmp_otime));
1260 (void)printf(" tsr=%s", pr_ntime(icp.icmp_rtime));
1261 (void)printf(" tst=%s", pr_ntime(icp.icmp_ttime));
1263 if (recv_len != send_len) {
1265 "\nwrong total length %d instead of %d",
1266 recv_len, send_len);
1268 /* check the data */
1269 cp = (u_char*)(buf + hlen + offsetof(struct icmp,
1270 icmp_data) + phdr_len);
1271 dp = &outpack[ICMP_MINLEN + phdr_len];
1272 cc -= ICMP_MINLEN + phdr_len;
1274 if (timing) { /* don't check variable timestamp */
1280 for (; i < datalen && cc > 0; ++i, ++cp, ++dp, --cc) {
1282 (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x",
1284 (void)printf("\ncp:");
1285 cp = (u_char*)(buf + hlen +
1286 offsetof(struct icmp, icmp_data));
1287 for (i = 0; i < datalen; ++i, ++cp) {
1289 (void)printf("\n\t");
1290 (void)printf("%2x ", *cp);
1292 (void)printf("\ndp:");
1293 cp = &outpack[ICMP_MINLEN];
1294 for (i = 0; i < datalen; ++i, ++cp) {
1296 (void)printf("\n\t");
1297 (void)printf("%2x ", *cp);
1305 * We've got something other than an ECHOREPLY.
1306 * See if it's a reply to something that we sent.
1307 * We can compare IP destination, protocol,
1308 * and ICMP type and ID.
1310 * Only print all the error messages if we are running
1311 * as root to avoid leaking information not normally
1312 * available to those not running as root.
1316 * If we don't have enough bytes for a quoted IP header and an
1317 * ICMP header then stop.
1319 if (icmp_data_raw_len <
1320 (ssize_t)(sizeof(struct ip) + sizeof(struct icmp))) {
1321 if (options & F_VERBOSE)
1322 warnx("quoted data too short (%zd bytes) from %s",
1323 icmp_data_raw_len, inet_ntoa(from->sin_addr));
1327 memcpy(&oip_header_len, icmp_data_raw, sizeof(oip_header_len));
1328 oip_header_len = (oip_header_len & 0x0f) << 2;
1330 /* Reject IP packets with a short header */
1331 if (oip_header_len < sizeof(struct ip)) {
1332 if (options & F_VERBOSE)
1333 warnx("inner IHL too short (%d bytes) from %s",
1334 oip_header_len, inet_ntoa(from->sin_addr));
1339 * Check against the actual IHL length, to protect against
1340 * quoated packets carrying IP options.
1342 if (icmp_data_raw_len <
1343 (ssize_t)(oip_header_len + sizeof(struct icmp))) {
1344 if (options & F_VERBOSE)
1345 warnx("inner packet too short (%zd bytes) from %s",
1346 icmp_data_raw_len, inet_ntoa(from->sin_addr));
1350 memcpy(&oip, icmp_data_raw, sizeof(struct ip));
1351 oicmp_raw = icmp_data_raw + oip_header_len;
1352 memcpy(&oicmp, oicmp_raw, sizeof(struct icmp));
1354 if (((options & F_VERBOSE) && uid == 0) ||
1355 (!(options & F_QUIET2) &&
1356 (oip.ip_dst.s_addr == whereto.sin_addr.s_addr) &&
1357 (oip.ip_p == IPPROTO_ICMP) &&
1358 (oicmp.icmp_type == ICMP_ECHO) &&
1359 (oicmp.icmp_id == ident))) {
1360 (void)printf("%zd bytes from %s: ", cc,
1361 pr_addr(from->sin_addr));
1362 pr_icmph(&icp, &oip, oicmp_raw);
1367 /* Display any IP options */
1368 cp = (u_char *)buf + sizeof(struct ip);
1370 for (; hlen > (int)sizeof(struct ip); --hlen, ++cp)
1377 (void)printf(*cp == IPOPT_LSRR ?
1378 "\nLSRR: " : "\nSSRR: ");
1379 j = cp[IPOPT_OLEN] - IPOPT_MINOFF + 1;
1382 if (j >= INADDR_LEN &&
1383 j <= hlen - (int)sizeof(struct ip)) {
1385 bcopy(++cp, &ina.s_addr, INADDR_LEN);
1386 if (ina.s_addr == 0)
1387 (void)printf("\t0.0.0.0");
1389 (void)printf("\t%s",
1392 cp += INADDR_LEN - 1;
1396 (void)putchar('\n');
1399 (void)printf("\t(truncated route)\n");
1402 j = cp[IPOPT_OLEN]; /* get length */
1403 i = cp[IPOPT_OFFSET]; /* and pointer */
1408 i = i - IPOPT_MINOFF + 1;
1409 if (i < 0 || i > (hlen - (int)sizeof(struct ip))) {
1414 && !bcmp((char *)cp, old_rr, i)
1415 && !(options & F_FLOOD)) {
1416 (void)printf("\t(same route)");
1422 bcopy((char *)cp, old_rr, i);
1423 (void)printf("\nRR: ");
1424 if (i >= INADDR_LEN &&
1425 i <= hlen - (int)sizeof(struct ip)) {
1427 bcopy(++cp, &ina.s_addr, INADDR_LEN);
1428 if (ina.s_addr == 0)
1429 (void)printf("\t0.0.0.0");
1431 (void)printf("\t%s",
1434 cp += INADDR_LEN - 1;
1438 (void)putchar('\n');
1441 (void)printf("\t(truncated route)");
1444 (void)printf("\nNOP");
1447 (void)printf("\nunknown option %x", *cp);
1450 if (!(options & F_FLOOD)) {
1451 (void)putchar('\n');
1452 (void)fflush(stdout);
1458 * Print out statistics when SIGINFO is received.
1462 status(int sig __unused)
1474 (void)fprintf(stderr, "\r%ld/%ld packets received (%.1f%%)",
1475 nreceived, ntransmitted,
1476 ntransmitted ? nreceived * 100.0 / ntransmitted : 0.0);
1477 if (nreceived && timing)
1478 (void)fprintf(stderr, " %.3f min / %.3f avg / %.3f max",
1479 tmin, tsum / (nreceived + nrepeats), tmax);
1480 (void)fprintf(stderr, "\n");
1486 * Print out statistics, and give up.
1492 (void)signal(SIGINT, SIG_IGN);
1493 (void)signal(SIGALRM, SIG_IGN);
1494 (void)putchar('\n');
1495 (void)fflush(stdout);
1496 (void)printf("--- %s ping statistics ---\n", hostname);
1497 (void)printf("%ld packets transmitted, ", ntransmitted);
1498 (void)printf("%ld packets received, ", nreceived);
1500 (void)printf("+%ld duplicates, ", nrepeats);
1502 if (nreceived > ntransmitted)
1503 (void)printf("-- somebody's printing up packets!");
1505 (void)printf("%.1f%% packet loss",
1506 ((ntransmitted - nreceived) * 100.0) /
1510 (void)printf(", %ld packets out of wait time", nrcvtimeout);
1511 (void)putchar('\n');
1512 if (nreceived && timing) {
1513 double n = nreceived + nrepeats;
1514 double avg = tsum / n;
1515 double vari = tsumsq / n - avg * avg;
1517 "round-trip min/avg/max/stddev = %.3f/%.3f/%.3f/%.3f ms\n",
1518 tmin, avg, tmax, sqrt(vari));
1529 * Print a descriptive string about an ICMP header.
1532 pr_icmph(struct icmp *icp, struct ip *oip, const u_char *const oicmp_raw)
1535 switch(icp->icmp_type) {
1536 case ICMP_ECHOREPLY:
1537 (void)printf("Echo Reply\n");
1538 /* XXX ID + Seq + Data */
1541 switch(icp->icmp_code) {
1542 case ICMP_UNREACH_NET:
1543 (void)printf("Destination Net Unreachable\n");
1545 case ICMP_UNREACH_HOST:
1546 (void)printf("Destination Host Unreachable\n");
1548 case ICMP_UNREACH_PROTOCOL:
1549 (void)printf("Destination Protocol Unreachable\n");
1551 case ICMP_UNREACH_PORT:
1552 (void)printf("Destination Port Unreachable\n");
1554 case ICMP_UNREACH_NEEDFRAG:
1555 (void)printf("frag needed and DF set (MTU %d)\n",
1556 ntohs(icp->icmp_nextmtu));
1558 case ICMP_UNREACH_SRCFAIL:
1559 (void)printf("Source Route Failed\n");
1561 case ICMP_UNREACH_FILTER_PROHIB:
1562 (void)printf("Communication prohibited by filter\n");
1565 (void)printf("Dest Unreachable, Bad Code: %d\n",
1569 /* Print returned IP header information */
1570 pr_retip(oip, oicmp_raw);
1572 case ICMP_SOURCEQUENCH:
1573 (void)printf("Source Quench\n");
1574 pr_retip(oip, oicmp_raw);
1577 switch(icp->icmp_code) {
1578 case ICMP_REDIRECT_NET:
1579 (void)printf("Redirect Network");
1581 case ICMP_REDIRECT_HOST:
1582 (void)printf("Redirect Host");
1584 case ICMP_REDIRECT_TOSNET:
1585 (void)printf("Redirect Type of Service and Network");
1587 case ICMP_REDIRECT_TOSHOST:
1588 (void)printf("Redirect Type of Service and Host");
1591 (void)printf("Redirect, Bad Code: %d", icp->icmp_code);
1594 (void)printf("(New addr: %s)\n", inet_ntoa(icp->icmp_gwaddr));
1595 pr_retip(oip, oicmp_raw);
1598 (void)printf("Echo Request\n");
1599 /* XXX ID + Seq + Data */
1602 switch(icp->icmp_code) {
1603 case ICMP_TIMXCEED_INTRANS:
1604 (void)printf("Time to live exceeded\n");
1606 case ICMP_TIMXCEED_REASS:
1607 (void)printf("Frag reassembly time exceeded\n");
1610 (void)printf("Time exceeded, Bad Code: %d\n",
1614 pr_retip(oip, oicmp_raw);
1616 case ICMP_PARAMPROB:
1617 (void)printf("Parameter problem: pointer = 0x%02x\n",
1618 icp->icmp_hun.ih_pptr);
1619 pr_retip(oip, oicmp_raw);
1622 (void)printf("Timestamp\n");
1623 /* XXX ID + Seq + 3 timestamps */
1625 case ICMP_TSTAMPREPLY:
1626 (void)printf("Timestamp Reply\n");
1627 /* XXX ID + Seq + 3 timestamps */
1630 (void)printf("Information Request\n");
1633 case ICMP_IREQREPLY:
1634 (void)printf("Information Reply\n");
1638 (void)printf("Address Mask Request\n");
1640 case ICMP_MASKREPLY:
1641 (void)printf("Address Mask Reply\n");
1643 case ICMP_ROUTERADVERT:
1644 (void)printf("Router Advertisement\n");
1646 case ICMP_ROUTERSOLICIT:
1647 (void)printf("Router Solicitation\n");
1650 (void)printf("Bad ICMP type: %d\n", icp->icmp_type);
1656 * Print an IP header with options.
1659 pr_iph(struct ip *ip)
1665 hlen = ip->ip_hl << 2;
1666 cp = (u_char *)ip + 20; /* point to options */
1668 (void)printf("Vr HL TOS Len ID Flg off TTL Pro cks Src Dst\n");
1669 (void)printf(" %1x %1x %02x %04x %04x",
1670 ip->ip_v, ip->ip_hl, ip->ip_tos, ntohs(ip->ip_len),
1672 (void)printf(" %1lx %04lx",
1673 (u_long) (ntohl(ip->ip_off) & 0xe000) >> 13,
1674 (u_long) ntohl(ip->ip_off) & 0x1fff);
1675 (void)printf(" %02x %02x %04x", ip->ip_ttl, ip->ip_p,
1677 memcpy(&ina, &ip->ip_src.s_addr, sizeof ina);
1678 (void)printf(" %s ", inet_ntoa(ina));
1679 memcpy(&ina, &ip->ip_dst.s_addr, sizeof ina);
1680 (void)printf(" %s ", inet_ntoa(ina));
1681 /* dump any option bytes */
1682 while (hlen-- > 20) {
1683 (void)printf("%02x", *cp++);
1685 (void)putchar('\n');
1690 * Return an ascii host address as a dotted quad and optionally with
1694 pr_addr(struct in_addr ina)
1697 static char buf[16 + 3 + MAXHOSTNAMELEN];
1699 if (options & F_NUMERIC)
1700 return inet_ntoa(ina);
1702 hp = cap_gethostbyaddr(capdns, (char *)&ina, 4, AF_INET);
1705 return inet_ntoa(ina);
1707 (void)snprintf(buf, sizeof(buf), "%s (%s)", hp->h_name,
1714 * Dump some info on a returned (via ICMP) IP packet.
1717 pr_retip(struct ip *ip, const u_char *cp)
1722 (void)printf("TCP: from port %u, to port %u (decimal)\n",
1723 (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3)));
1724 else if (ip->ip_p == 17)
1725 (void)printf("UDP: from port %u, to port %u (decimal)\n",
1726 (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3)));
1730 pr_ntime(n_time timestamp)
1732 static char buf[11];
1735 sec = ntohl(timestamp) / 1000;
1736 hour = sec / 60 / 60;
1737 min = (sec % (60 * 60)) / 60;
1738 sec = (sec % (60 * 60)) % 60;
1740 (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d", hour, min, sec);
1746 fill(char *bp, char *patp)
1752 for (cp = patp; *cp; cp++) {
1755 "patterns must be specified as hex digits");
1759 "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x",
1760 &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6],
1761 &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12],
1762 &pat[13], &pat[14], &pat[15]);
1765 for (kk = 0; kk <= maxpayload - (TIMEVAL_LEN + ii); kk += ii)
1766 for (jj = 0; jj < ii; ++jj)
1767 bp[jj + kk] = pat[jj];
1768 if (!(options & F_QUIET)) {
1769 (void)printf("PATTERN: 0x");
1770 for (jj = 0; jj < ii; ++jj)
1771 (void)printf("%02x", bp[jj] & 0xFF);
1776 static cap_channel_t *
1779 cap_channel_t *capcas, *capdnsloc;
1781 const char *types[2];
1784 capcas = cap_init();
1786 err(1, "unable to create casper process");
1787 capdnsloc = cap_service_open(capcas, "system.dns");
1788 /* Casper capability no longer needed. */
1790 if (capdnsloc == NULL)
1791 err(1, "unable to open system.dns service");
1793 types[0] = "NAME2ADDR";
1794 types[1] = "ADDR2NAME";
1795 if (cap_dns_type_limit(capdnsloc, types, 2) < 0)
1796 err(1, "unable to limit access to system.dns service");
1797 families[0] = AF_INET;
1798 if (cap_dns_family_limit(capdnsloc, families, 1) < 0)
1799 err(1, "unable to limit access to system.dns service");