2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 2013 Gleb Smirnoff <glebius@FreeBSD.org>
5 * Copyright (c) 1983, 1988, 1993
6 * The Regents of the University of California. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 #include <sys/param.h>
34 #include <sys/protosw.h>
35 #include <sys/socket.h>
36 #include <sys/socketvar.h>
40 #include <net/if_dl.h>
41 #include <net/if_types.h>
42 #include <net/ethernet.h>
43 #include <netinet/in.h>
44 #include <netinet/in_var.h>
45 #include <arpa/inet.h>
47 #include <net/pfvar.h>
48 #include <net/pflow.h>
49 #include <net/if_pfsync.h>
71 static void sidewaysintpr(void);
74 static const char* pfsyncacts[] = {
75 /* PFSYNC_ACT_CLR */ "clear all request",
76 /* PFSYNC_ACT_INS_1301 */ "13.1 state insert",
77 /* PFSYNC_ACT_INS_ACK */ "state inserted ack",
78 /* PFSYNC_ACT_UPD_1301 */ "13.1 state update",
79 /* PFSYNC_ACT_UPD_C */ "compressed state update",
80 /* PFSYNC_ACT_UPD_REQ */ "uncompressed state request",
81 /* PFSYNC_ACT_DEL */ "state delete",
82 /* PFSYNC_ACT_DEL_C */ "compressed state delete",
83 /* PFSYNC_ACT_INS_F */ "fragment insert",
84 /* PFSYNC_ACT_DEL_F */ "fragment delete",
85 /* PFSYNC_ACT_BUS */ "bulk update mark",
86 /* PFSYNC_ACT_TDB */ "TDB replay counter update",
87 /* PFSYNC_ACT_EOF */ "end of frame mark",
88 /* PFSYNC_ACT_INS_1400 */ "state insert",
89 /* PFSYNC_ACT_UPD_1400 */ "state update",
92 static const char* pfsyncacts_name[] = {
93 /* PFSYNC_ACT_CLR */ "clear-all-request",
94 /* PFSYNC_ACT_INS_1301 */ "state-insert-1301",
95 /* PFSYNC_ACT_INS_ACK */ "state-inserted-ack",
96 /* PFSYNC_ACT_UPD_1301 */ "state-update-1301",
97 /* PFSYNC_ACT_UPD_C */ "compressed-state-update",
98 /* PFSYNC_ACT_UPD_REQ */ "uncompressed-state-request",
99 /* PFSYNC_ACT_DEL */ "state-delete",
100 /* PFSYNC_ACT_DEL_C */ "compressed-state-delete",
101 /* PFSYNC_ACT_INS_F */ "fragment-insert",
102 /* PFSYNC_ACT_DEL_F */ "fragment-delete",
103 /* PFSYNC_ACT_BUS */ "bulk-update-mark",
104 /* PFSYNC_ACT_TDB */ "TDB-replay-counter-update",
105 /* PFSYNC_ACT_EOF */ "end-of-frame-mark",
106 /* PFSYNC_ACT_INS_1400 */ "state-insert",
107 /* PFSYNC_ACT_UPD_1400 */ "state-update",
111 pfsync_acts_stats(const char *list, const char *desc, uint64_t *a)
116 for (i = 0; i < PFSYNC_ACT_MAX; i++, a++) {
117 if (*a || sflag <= 1) {
118 xo_open_instance(list);
119 xo_emit("\t\t{e:name}{:count/%ju} {N:/%s%s %s}\n",
120 pfsyncacts_name[i], (uintmax_t)(*a),
121 pfsyncacts[i], plural(*a), desc);
122 xo_close_instance(list);
129 * Dump pfsync statistics structure.
132 pfsync_stats(u_long off, const char *name, int af1 __unused, int proto __unused)
134 struct pfsyncstats pfsyncstat;
136 if (fetch_stats("net.pfsync.stats", off, &pfsyncstat,
137 sizeof(pfsyncstat), kread) != 0)
140 xo_emit("{T:/%s}:\n", name);
141 xo_open_container(name);
143 #define p(f, m) if (pfsyncstat.f || sflag <= 1) \
144 xo_emit(m, (uintmax_t)pfsyncstat.f, plural(pfsyncstat.f))
146 p(pfsyncs_ipackets, "\t{:received-inet-packets/%ju} "
147 "{N:/packet%s received (IPv4)}\n");
148 p(pfsyncs_ipackets6, "\t{:received-inet6-packets/%ju} "
149 "{N:/packet%s received (IPv6)}\n");
150 pfsync_acts_stats("input-histogram", "received",
151 &pfsyncstat.pfsyncs_iacts[0]);
152 p(pfsyncs_badif, "\t\t{:dropped-bad-interface/%ju} "
153 "{N:/packet%s discarded for bad interface}\n");
154 p(pfsyncs_badttl, "\t\t{:dropped-bad-ttl/%ju} "
155 "{N:/packet%s discarded for bad ttl}\n");
156 p(pfsyncs_hdrops, "\t\t{:dropped-short-header/%ju} "
157 "{N:/packet%s shorter than header}\n");
158 p(pfsyncs_badver, "\t\t{:dropped-bad-version/%ju} "
159 "{N:/packet%s discarded for bad version}\n");
160 p(pfsyncs_badauth, "\t\t{:dropped-bad-auth/%ju} "
161 "{N:/packet%s discarded for bad HMAC}\n");
162 p(pfsyncs_badact,"\t\t{:dropped-bad-action/%ju} "
163 "{N:/packet%s discarded for bad action}\n");
164 p(pfsyncs_badlen, "\t\t{:dropped-short/%ju} "
165 "{N:/packet%s discarded for short packet}\n");
166 p(pfsyncs_badval, "\t\t{:dropped-bad-values/%ju} "
167 "{N:/state%s discarded for bad values}\n");
168 p(pfsyncs_stale, "\t\t{:dropped-stale-state/%ju} "
169 "{N:/stale state%s}\n");
170 p(pfsyncs_badstate, "\t\t{:dropped-failed-lookup/%ju} "
171 "{N:/failed state lookup\\/insert%s}\n");
172 p(pfsyncs_opackets, "\t{:sent-inet-packets/%ju} "
173 "{N:/packet%s sent (IPv4})\n");
174 p(pfsyncs_opackets6, "\t{:send-inet6-packets/%ju} "
175 "{N:/packet%s sent (IPv6})\n");
176 pfsync_acts_stats("output-histogram", "sent",
177 &pfsyncstat.pfsyncs_oacts[0]);
178 p(pfsyncs_onomem, "\t\t{:discarded-no-memory/%ju} "
179 "{N:/failure%s due to mbuf memory error}\n");
180 p(pfsyncs_oerrors, "\t\t{:send-errors/%ju} "
181 "{N:/send error%s}\n");
183 xo_close_container(name);
187 pflow_stats(u_long off, const char *name, int af1 __unused, int proto __unused)
189 struct pflowstats pflowstat;
191 if (fetch_stats("net.pflow.stats", off, &pflowstat,
192 sizeof(pflowstat), kread) != 0)
195 xo_emit("{T:/%s}:\n", name);
196 xo_open_container(name);
198 #define p(f, m) if (pflowstat.f || sflag <= 1) \
199 xo_emit(m, (uintmax_t)pflowstat.f, plural(pflowstat.f))
201 p(pflow_flows, "\t{:flows/%ju} {N:/flow%s sent}\n");
202 p(pflow_packets, "\t{:packets/%ju} {N:/packet%s sent}\n");
203 p(pflow_onomem, "\t{:nomem/%ju} "
204 "{N:/send failed due to mbuf memory error}\n");
205 p(pflow_oerrors, "\t{:send-error/%ju} {N:/send error}\n");
208 xo_close_container(name);
213 * Display a formatted value, or a '-' in the same space.
216 show_stat(const char *fmt, int width, const char *name,
217 u_long value, short showvalue, int div1000)
219 const char *lsep, *rsep;
223 if (strncmp(fmt, "LS", 2) == 0) {
228 if (strncmp(fmt, "NRS", 3) == 0) {
232 if (showvalue == 0) {
233 /* Print just dash. */
234 xo_emit("{P:/%s}{D:/%*s}{P:/%s}", lsep, width, "-", rsep);
239 * XXX: workaround {P:} modifier can't be empty and doesn't seem to
240 * take args... so we need to conditionally include it in the format.
242 #define maybe_pad(pad) do { \
244 snprintf(newfmt, sizeof(newfmt), "{P:%s}", pad); \
252 /* Format in human readable form. */
253 humanize_number(buf, sizeof(buf), (int64_t)value, "",
254 HN_AUTOSCALE, HN_NOSPACE | HN_DECIMAL | \
255 ((div1000) ? HN_DIVISOR_1000 : 0));
257 snprintf(newfmt, sizeof(newfmt), "{:%s/%%%ds}", name, width);
258 xo_emit(newfmt, buf);
261 /* Construct the format string. */
263 snprintf(newfmt, sizeof(newfmt), "{:%s/%%%d%s}",
265 xo_emit(newfmt, value);
271 * Find next multiaddr for a given interface name.
273 static struct ifmaddrs *
274 next_ifma(struct ifmaddrs *ifma, const char *name, const sa_family_t family)
277 for(; ifma != NULL; ifma = ifma->ifma_next) {
278 struct sockaddr_dl *sdl;
280 sdl = (struct sockaddr_dl *)ifma->ifma_name;
281 if (ifma->ifma_addr->sa_family == family &&
282 strcmp(sdl->sdl_data, name) == 0)
289 enum process_op { MEASURE, EMIT };
292 process_ifa_addr(enum process_op op, struct ifaddrs *ifa, int *max_net_len,
293 int *max_addr_len, bool *network, bool *link)
295 int net_len, addr_len;
299 net_len = *max_net_len;
300 addr_len = *max_addr_len;
303 switch (ifa->ifa_addr->sa_family) {
306 net_len = strlen("none");
307 addr_len = strlen("none");
309 xo_emit("{:network/%-*.*s} ", net_len, net_len,
311 xo_emit("{:address/%-*.*s} ", addr_len, addr_len,
319 nn = netname(ifa->ifa_addr, ifa->ifa_netmask);
320 rn = routename(ifa->ifa_addr, numeric_addr);
322 net_len = strlen(nn);
323 addr_len = strlen(rn);
325 xo_emit("{t:network/%-*s} ", net_len, nn);
326 xo_emit("{t:address/%-*s} ", addr_len, rn);
334 struct sockaddr_dl *sdl;
335 char linknum[sizeof("<Link#32767>")];
337 sdl = (struct sockaddr_dl *)ifa->ifa_addr;
338 snprintf(linknum, sizeof(linknum), "<Link#%d>", sdl->sdl_index);
340 net_len = strlen(linknum);
341 if (sdl->sdl_nlen == 0 &&
342 sdl->sdl_alen == 0 &&
346 addr_len = strlen(routename(ifa->ifa_addr, 1));
348 xo_emit("{t:network/%-*.*s} ", net_len, net_len,
350 if (sdl->sdl_nlen == 0 &&
351 sdl->sdl_alen == 0 &&
353 xo_emit("{P:/%*s} ", addr_len, "");
355 xo_emit("{t:address/%-*.*s} ", addr_len,
356 addr_len, routename(ifa->ifa_addr, 1));
365 if (net_len > *max_net_len)
366 *max_net_len = net_len;
367 if (addr_len > *max_addr_len)
368 *max_addr_len = addr_len;
373 max_num_len(int max_len, u_long num)
375 int len = 2; /* include space */
377 for (; num > 10; len++)
379 return (MAX(max_len, len));
383 * Print a description of the network interfaces.
386 intpr(void (*pfunc)(char *), int af)
388 struct ifaddrs *ifap, *ifa;
389 struct ifmaddrs *ifmap, *ifma;
390 u_int ifn_len_max = 5, ifn_len;
391 u_int net_len = strlen("Network "), addr_len = strlen("Address ");
392 u_int npkt_len = 8, nbyte_len = 10, nerr_len = 5;
395 return sidewaysintpr();
397 if (getifaddrs(&ifap) != 0)
398 err(EX_OSERR, "getifaddrs");
399 if (aflag && getifmaddrs(&ifmap) != 0)
400 err(EX_OSERR, "getifmaddrs");
402 for (ifa = ifap; ifa; ifa = ifa->ifa_next) {
403 if (interface != NULL &&
404 strcmp(ifa->ifa_name, interface) != 0)
406 if (af != AF_UNSPEC && ifa->ifa_addr->sa_family != af)
408 ifn_len = strlen(ifa->ifa_name);
409 if ((ifa->ifa_flags & IFF_UP) == 0)
411 ifn_len_max = MAX(ifn_len_max, ifn_len);
412 process_ifa_addr(MEASURE, ifa, &net_len, &addr_len,
415 #define IFA_STAT(s) (((struct if_data *)ifa->ifa_data)->ifi_ ## s)
417 npkt_len = max_num_len(npkt_len, IFA_STAT(ipackets));
418 npkt_len = max_num_len(npkt_len, IFA_STAT(opackets));
419 nerr_len = max_num_len(nerr_len, IFA_STAT(ierrors));
420 nerr_len = max_num_len(nerr_len, IFA_STAT(iqdrops));
421 nerr_len = max_num_len(nerr_len, IFA_STAT(collisions));
423 nerr_len = max_num_len(nerr_len,
426 nbyte_len = max_num_len(nbyte_len,
428 nbyte_len = max_num_len(nbyte_len,
434 xo_open_list("interface");
436 xo_emit("{T:/%-*.*s}", ifn_len_max, ifn_len_max, "Name");
437 xo_emit(" {T:/%5.5s} {T:/%-*.*s} {T:/%-*.*s} {T:/%*.*s} "
438 "{T:/%*.*s} {T:/%*.*s}",
439 "Mtu", net_len, net_len, "Network", addr_len, addr_len,
440 "Address", npkt_len, npkt_len, "Ipkts",
441 nerr_len, nerr_len, "Ierrs", nerr_len, nerr_len, "Idrop");
443 xo_emit(" {T:/%*.*s}", nbyte_len, nbyte_len, "Ibytes");
444 xo_emit(" {T:/%*.*s} {T:/%*.*s}", npkt_len, npkt_len, "Opkts",
445 nerr_len, nerr_len, "Oerrs");
447 xo_emit(" {T:/%*.*s}", nbyte_len, nbyte_len, "Obytes");
448 xo_emit(" {T:/%*s}", nerr_len, "Coll");
450 xo_emit(" {T:/%*.*s}", nerr_len, nerr_len, "Drop");
454 for (ifa = ifap; ifa; ifa = ifa->ifa_next) {
455 bool network = false, link = false;
456 char *name, *xname, buf[IFNAMSIZ+1];
458 if (interface != NULL && strcmp(ifa->ifa_name, interface) != 0)
461 name = ifa->ifa_name;
468 * Skip all ifaddrs belonging to same interface.
470 while(ifa->ifa_next != NULL &&
471 (strcmp(ifa->ifa_next->ifa_name, name) == 0)) {
477 if (af != AF_UNSPEC && ifa->ifa_addr->sa_family != af)
480 xo_open_instance("interface");
482 if ((ifa->ifa_flags & IFF_UP) == 0) {
483 xname = stpcpy(buf, name);
490 xo_emit("{d:/%-*.*s}{etk:name}{eq:flags/0x%x}",
491 ifn_len_max, ifn_len_max, xname, name, ifa->ifa_flags);
493 #define IFA_MTU(ifa) (((struct if_data *)(ifa)->ifa_data)->ifi_mtu)
494 show_stat("lu", 6, "mtu", IFA_MTU(ifa), IFA_MTU(ifa), 0);
497 process_ifa_addr(EMIT, ifa, &net_len, &addr_len,
500 show_stat("lu", npkt_len, "received-packets",
501 IFA_STAT(ipackets), link|network, 1);
502 show_stat("lu", nerr_len, "received-errors", IFA_STAT(ierrors),
504 show_stat("lu", nerr_len, "dropped-packets", IFA_STAT(iqdrops),
507 show_stat("lu", nbyte_len, "received-bytes",
508 IFA_STAT(ibytes), link|network, 0);
509 show_stat("lu", npkt_len, "sent-packets", IFA_STAT(opackets),
511 show_stat("lu", nerr_len, "send-errors", IFA_STAT(oerrors),
514 show_stat("lu", nbyte_len, "sent-bytes",
515 IFA_STAT(obytes), link|network, 0);
516 show_stat("NRSlu", nerr_len, "collisions", IFA_STAT(collisions),
519 show_stat("LSlu", nerr_len, "dropped-packets",
520 IFA_STAT(oqdrops), link, 1);
524 xo_close_instance("interface");
529 * Print family's multicast addresses.
531 xo_open_list("multicast-address");
532 for (ifma = next_ifma(ifmap, ifa->ifa_name,
533 ifa->ifa_addr->sa_family);
535 ifma = next_ifma(ifma, ifa->ifa_name,
536 ifa->ifa_addr->sa_family)) {
537 const char *fmt = NULL;
539 xo_open_instance("multicast-address");
540 switch (ifma->ifma_addr->sa_family) {
543 struct sockaddr_dl *sdl;
545 sdl = (struct sockaddr_dl *)ifma->ifma_addr;
546 if (sdl->sdl_type != IFT_ETHER &&
547 sdl->sdl_type != IFT_FDDI)
555 fmt = routename(ifma->ifma_addr, numeric_addr);
561 "{t:address/%-17s/}", "", fmt);
564 "{t:address/%-17.17s/}", "", fmt);
565 if (ifma->ifma_addr->sa_family == AF_LINK) {
566 xo_emit(" {:received-packets/%8lu}",
568 xo_emit("{P:/%*s}", bflag? 17 : 6, "");
569 xo_emit(" {:sent-packets/%8lu}",
574 xo_close_instance("multicast-address");
575 ifma = ifma->ifma_next;
577 xo_close_list("multicast-address");
578 xo_close_instance("interface");
580 xo_close_list("interface");
588 u_long ift_ip; /* input packets */
589 u_long ift_ie; /* input errors */
590 u_long ift_id; /* input drops */
591 u_long ift_op; /* output packets */
592 u_long ift_oe; /* output errors */
593 u_long ift_od; /* output drops */
594 u_long ift_co; /* collisions */
595 u_long ift_ib; /* input bytes */
596 u_long ift_ob; /* output bytes */
600 * Obtain stats for interface(s).
603 fill_iftot(struct iftot *st)
605 struct ifaddrs *ifap, *ifa;
608 if (getifaddrs(&ifap) != 0)
609 xo_err(EX_OSERR, "getifaddrs");
611 bzero(st, sizeof(*st));
613 for (ifa = ifap; ifa; ifa = ifa->ifa_next) {
614 if (ifa->ifa_addr->sa_family != AF_LINK)
617 if (strcmp(ifa->ifa_name, interface) == 0)
623 st->ift_ip += IFA_STAT(ipackets);
624 st->ift_ie += IFA_STAT(ierrors);
625 st->ift_id += IFA_STAT(iqdrops);
626 st->ift_ib += IFA_STAT(ibytes);
627 st->ift_op += IFA_STAT(opackets);
628 st->ift_oe += IFA_STAT(oerrors);
629 st->ift_od += IFA_STAT(oqdrops);
630 st->ift_ob += IFA_STAT(obytes);
631 st->ift_co += IFA_STAT(collisions);
634 if (interface && found == false)
635 xo_err(EX_DATAERR, "interface %s not found", interface);
641 * Set a flag to indicate that a signal from the periodic itimer has been
644 static sig_atomic_t signalled;
646 catchalarm(int signo __unused)
652 * Print a running summary of interface statistics.
653 * Repeat display every interval seconds, showing statistics
654 * collected over that interval. Assumes that interval is non-zero.
655 * First line printed at top of screen is always cumulative.
660 struct iftot ift[2], *new, *old;
661 struct itimerval interval_it;
668 (void)signal(SIGALRM, catchalarm);
670 interval_it.it_interval.tv_sec = interval;
671 interval_it.it_interval.tv_usec = 0;
672 interval_it.it_value = interval_it.it_interval;
673 setitimer(ITIMER_REAL, &interval_it, NULL);
674 xo_open_list("interface-statistics");
677 xo_emit("{T:/%17s} {T:/%14s} {T:/%16s}\n", "input",
678 interface != NULL ? interface : "(Total)", "output");
679 xo_emit("{T:/%10s} {T:/%5s} {T:/%5s} {T:/%10s} {T:/%10s} {T:/%5s} "
680 "{T:/%10s} {T:/%5s}",
681 "packets", "errs", "idrops", "bytes", "packets", "errs", "bytes",
684 xo_emit(" {T:/%5.5s}", "drops");
690 if ((noutputs != 0) && (--noutputs == 0)) {
691 xo_close_list("interface-statistics");
694 oldmask = sigblock(sigmask(SIGALRM));
703 xo_open_instance("stats");
704 show_stat("lu", 10, "received-packets",
705 new->ift_ip - old->ift_ip, 1, 1);
706 show_stat("lu", 5, "received-errors",
707 new->ift_ie - old->ift_ie, 1, 1);
708 show_stat("lu", 5, "dropped-packets",
709 new->ift_id - old->ift_id, 1, 1);
710 show_stat("lu", 10, "received-bytes",
711 new->ift_ib - old->ift_ib, 1, 0);
712 show_stat("lu", 10, "sent-packets",
713 new->ift_op - old->ift_op, 1, 1);
714 show_stat("lu", 5, "send-errors",
715 new->ift_oe - old->ift_oe, 1, 1);
716 show_stat("lu", 10, "sent-bytes",
717 new->ift_ob - old->ift_ob, 1, 0);
718 show_stat("NRSlu", 5, "collisions",
719 new->ift_co - old->ift_co, 1, 1);
721 show_stat("LSlu", 5, "dropped-packets",
722 new->ift_od - old->ift_od, 1, 1);
723 xo_close_instance("stats");
727 if (new == &ift[0]) {
projects / FreeBSD / FreeBSD.git / blob