2 * Copyright (c) 1983, 1988, 1993
3 * Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 4. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 char const copyright[] =
32 "@(#) Copyright (c) 1983, 1988, 1993\n\
33 Regents of the University of California. All rights reserved.\n";
38 static char sccsid[] = "@(#)main.c 8.4 (Berkeley) 3/1/94";
42 #include <sys/cdefs.h>
43 __FBSDID("$FreeBSD$");
45 #include <sys/param.h>
47 #include <sys/protosw.h>
48 #include <sys/socket.h>
49 #include <sys/socketvar.h>
51 #include <netinet/in.h>
54 #include <netgraph/ng_socket.h>
74 static struct nlist nl[] = {
76 { .n_name = "_rtstat" },
78 { .n_name = "_rt_tables"},
80 { .n_name = "_mrtstat" },
81 #define N_MFCHASHTBL 3
82 { .n_name = "_mfchashtbl" },
84 { .n_name = "_viftable" },
86 { .n_name = "_ngsocklist"},
88 { .n_name = "_ip6stat" },
90 { .n_name = "_icmp6stat" },
92 { .n_name = "_ipsec4stat" },
93 #define N_IPSEC6STAT 9
94 { .n_name = "_ipsec6stat" },
96 { .n_name = "_pim6stat" },
98 { .n_name = "_mrt6stat" },
99 #define N_MF6CTABLE 12
100 { .n_name = "_mf6ctable" },
101 #define N_MIF6TABLE 13
102 { .n_name = "_mif6table" },
103 #define N_PFKEYSTAT 14
104 { .n_name = "_pfkeystat" },
106 { .n_name = "_rttrash" },
107 #define N_CARPSTAT 16
108 { .n_name = "_carpstats" },
109 #define N_PFSYNCSTAT 17
110 { .n_name = "_pfsyncstats" },
112 { .n_name = "_ahstat" },
114 { .n_name = "_espstat" },
115 #define N_IPCOMPSTAT 20
116 { .n_name = "_ipcompstat" },
118 { .n_name = "_tcpstat" },
120 { .n_name = "_udpstat" },
122 { .n_name = "_ipstat" },
123 #define N_ICMPSTAT 24
124 { .n_name = "_icmpstat" },
125 #define N_IGMPSTAT 25
126 { .n_name = "_igmpstat" },
128 { .n_name = "_pimstat" },
130 { .n_name = "_tcbinfo" },
132 { .n_name = "_udbinfo" },
133 #define N_DIVCBINFO 29
134 { .n_name = "_divcbinfo" },
135 #define N_RIPCBINFO 30
136 { .n_name = "_ripcbinfo" },
137 #define N_UNP_COUNT 31
138 { .n_name = "_unp_count" },
139 #define N_UNP_GENCNT 32
140 { .n_name = "_unp_gencnt" },
141 #define N_UNP_DHEAD 33
142 { .n_name = "_unp_dhead" },
143 #define N_UNP_SHEAD 34
144 { .n_name = "_unp_shead" },
145 #define N_RIP6STAT 36
146 { .n_name = "_rip6stat" },
147 #define N_SCTPSTAT 36
148 { .n_name = "_sctpstat" },
149 #define N_MFCTABLESIZE 37
150 { .n_name = "_mfctablesize" },
152 { .n_name = "_arpstat" },
153 #define N_UNP_SPHEAD 39
154 { .n_name = "unp_sphead" },
156 { .n_name = "_sfstat"},
161 int pr_index; /* index into nlist of cb head */
162 int pr_sindex; /* index into nlist of stat block */
163 u_char pr_wanted; /* 1 if wanted, 0 otherwise */
164 void (*pr_cblocks)(u_long, const char *, int, int);
165 /* control blocks printing routine */
166 void (*pr_stats)(u_long, const char *, int, int);
167 /* statistics printing routine */
168 void (*pr_istats)(char *); /* per/if statistics printing routine */
169 const char *pr_name; /* well-known name */
170 int pr_usesysctl; /* non-zero if we use sysctl, not kvm */
173 { N_TCBINFO, N_TCPSTAT, 1, protopr,
174 tcp_stats, NULL, "tcp", 1, IPPROTO_TCP },
175 { N_UDBINFO, N_UDPSTAT, 1, protopr,
176 udp_stats, NULL, "udp", 1, IPPROTO_UDP },
178 { -1, N_SCTPSTAT, 1, sctp_protopr,
179 sctp_stats, NULL, "sctp", 1, IPPROTO_SCTP },
182 { -1, -1, 1, protopr,
183 NULL, NULL, "sdp", 1, IPPROTO_TCP },
185 { N_DIVCBINFO, -1, 1, protopr,
186 NULL, NULL, "divert", 1, IPPROTO_DIVERT },
187 { N_RIPCBINFO, N_IPSTAT, 1, protopr,
188 ip_stats, NULL, "ip", 1, IPPROTO_RAW },
189 { N_RIPCBINFO, N_ICMPSTAT, 1, protopr,
190 icmp_stats, NULL, "icmp", 1, IPPROTO_ICMP },
191 { N_RIPCBINFO, N_IGMPSTAT, 1, protopr,
192 igmp_stats, NULL, "igmp", 1, IPPROTO_IGMP },
194 { -1, N_IPSECSTAT, 1, NULL, /* keep as compat */
195 ipsec_stats, NULL, "ipsec", 0, 0},
196 { -1, N_AHSTAT, 1, NULL,
197 ah_stats, NULL, "ah", 0, 0},
198 { -1, N_ESPSTAT, 1, NULL,
199 esp_stats, NULL, "esp", 0, 0},
200 { -1, N_IPCOMPSTAT, 1, NULL,
201 ipcomp_stats, NULL, "ipcomp", 0, 0},
203 { N_RIPCBINFO, N_PIMSTAT, 1, protopr,
204 pim_stats, NULL, "pim", 1, IPPROTO_PIM },
205 { -1, N_CARPSTAT, 1, NULL,
206 carp_stats, NULL, "carp", 1, 0 },
208 { -1, N_PFSYNCSTAT, 1, NULL,
209 pfsync_stats, NULL, "pfsync", 1, 0 },
211 { -1, N_ARPSTAT, 1, NULL,
212 arp_stats, NULL, "arp", 1, 0 },
214 NULL, NULL, NULL, 0, 0 }
218 struct protox ip6protox[] = {
219 { N_TCBINFO, N_TCPSTAT, 1, protopr,
220 tcp_stats, NULL, "tcp", 1, IPPROTO_TCP },
221 { N_UDBINFO, N_UDPSTAT, 1, protopr,
222 udp_stats, NULL, "udp", 1, IPPROTO_UDP },
223 { N_RIPCBINFO, N_IP6STAT, 1, protopr,
224 ip6_stats, ip6_ifstats, "ip6", 1, IPPROTO_RAW },
225 { N_RIPCBINFO, N_ICMP6STAT, 1, protopr,
226 icmp6_stats, icmp6_ifstats, "icmp6", 1, IPPROTO_ICMPV6 },
228 { -1, -1, 1, protopr,
229 NULL, NULL, "sdp", 1, IPPROTO_TCP },
232 { -1, N_IPSEC6STAT, 1, NULL,
233 ipsec_stats, NULL, "ipsec6", 0, 0 },
236 { -1, N_PIM6STAT, 1, NULL,
237 pim6_stats, NULL, "pim6", 1, 0 },
239 { -1, N_RIP6STAT, 1, NULL,
240 rip6_stats, NULL, "rip6", 1, 0 },
242 NULL, NULL, NULL, 0, 0 }
247 struct protox pfkeyprotox[] = {
248 { -1, N_PFKEYSTAT, 1, NULL,
249 pfkey_stats, NULL, "pfkey", 0, 0 },
251 NULL, NULL, NULL, 0, 0 }
256 struct protox netgraphprotox[] = {
257 { N_NGSOCKS, -1, 1, netgraphprotopr,
258 NULL, NULL, "ctrl", 0, 0 },
259 { N_NGSOCKS, -1, 1, netgraphprotopr,
260 NULL, NULL, "data", 0, 0 },
262 NULL, NULL, NULL, 0, 0 }
266 struct protox *protoprotox[] = {
276 static void printproto(struct protox *, const char *, bool *);
277 static void usage(void);
278 static struct protox *name2protox(const char *);
279 static struct protox *knownname(const char *);
282 static char *nlistf = NULL, *memf = NULL;
284 int Aflag; /* show addresses of protocol control block */
285 int aflag; /* show all sockets (including servers) */
286 int Bflag; /* show information about bpf consumers */
287 int bflag; /* show i/f total bytes in/out */
288 int dflag; /* show i/f dropped packets */
289 int gflag; /* show group (multicast) routing or stats */
290 int hflag; /* show counters in human readable format */
291 int iflag; /* show interfaces */
292 int Lflag; /* show size of listen queues */
293 int mflag; /* show memory stats */
294 int noutputs = 0; /* how much outputs before we exit */
295 int numeric_addr; /* show addresses numerically */
296 int numeric_port; /* show ports numerically */
297 static int pflag; /* show given protocol */
298 int Qflag; /* show netisr information */
299 int rflag; /* show routing tables (or routing stats) */
300 int Rflag; /* show flow / RSS statistics */
301 int sflag; /* show protocol statistics */
302 int Wflag; /* wide display */
303 int Tflag; /* TCP Information */
304 int xflag; /* extra information, includes all socket buffer info */
305 int zflag; /* zero stats */
307 int interval; /* repeat interval for i/f stats */
309 char *interface; /* desired i/f for stats, or NULL for all i/fs */
310 int unit; /* unit number for above */
312 int af; /* address family */
313 int live; /* true if we are examining a live system */
316 main(int argc, char *argv[])
318 struct protox *tp = NULL; /* for printing cblocks & stats */
326 argc = xo_parse_args(argc, argv);
328 while ((ch = getopt(argc, argv, "46AaBbdF:f:ghI:iLlM:mN:np:Qq:RrSTsuWw:xz"))
335 errx(1, "IPv4 support is not compiled in");
342 errx(1, "IPv6 support is not compiled in");
361 fib = strtol(optarg, &endptr, 0);
362 if (*endptr != '\0' ||
363 (fib == 0 && (errno == EINVAL || errno == ERANGE)))
364 xo_errx(1, "%s: invalid fib", optarg);
367 if (strcmp(optarg, "inet") == 0)
370 else if (strcmp(optarg, "inet6") == 0)
374 else if (strcmp(optarg, "pfkey") == 0)
377 else if (strcmp(optarg, "unix") == 0)
380 else if (strcmp(optarg, "ng") == 0
381 || strcmp(optarg, "netgraph") == 0)
384 else if (strcmp(optarg, "link") == 0)
387 xo_errx(1, "%s: unknown address family",
401 for (cp = interface = optarg; isalpha(*cp); cp++)
422 numeric_addr = numeric_port = 1;
425 if ((tp = name2protox(optarg)) == NULL) {
426 xo_errx(1, "%s: unknown or uninstrumented "
435 noutputs = atoi(optarg);
459 interval = atoi(optarg);
478 #define BACKWARD_COMPATIBILITY
479 #ifdef BACKWARD_COMPATIBILITY
481 if (isdigit(**argv)) {
482 interval = atoi(*argv);
497 * Discard setgid privileges if not the running kernel so that bad
498 * guys can't print interesting stuff from kernel memory.
500 live = (nlistf == NULL && memf == NULL);
505 xo_errx(1, "-x and -T are incompatible, pick one.");
510 bpf_stats(interface);
516 if (kread(0, NULL, 0) == 0)
517 mbpr(kvmd, nl[N_SFSTAT].n_value);
525 if (kread(0, NULL, 0) == 0)
534 * Keep file descriptors open to avoid overhead
535 * of open/close on each call to get* routines.
541 * This does not make sense any more with DNS being default over
542 * the files. Doing a setXXXXent(1) causes a tcp connection to be
543 * used for the queries, which is slower.
546 if (iflag && !sflag) {
547 xo_open_container("statistics");
548 intpr(interval, NULL, af);
549 xo_close_container("statistics");
554 xo_open_container("statistics");
560 xo_close_container("statistics");
566 xo_open_container("statistics");
568 if (af == AF_INET || af == AF_UNSPEC)
571 if (af == AF_INET6 || af == AF_UNSPEC)
575 if (af == AF_INET || af == AF_UNSPEC)
578 if (af == AF_INET6 || af == AF_UNSPEC)
582 xo_close_container("statistics");
587 /* Load all necessary kvm symbols */
591 xo_open_container("statistics");
592 printproto(tp, tp->pr_name, &first);
594 xo_close_list("socket");
595 xo_close_container("statistics");
600 xo_open_container("statistics");
601 if (af == AF_INET || af == AF_UNSPEC)
602 for (tp = protox; tp->pr_name; tp++)
603 printproto(tp, tp->pr_name, &first);
605 if (af == AF_INET6 || af == AF_UNSPEC)
606 for (tp = ip6protox; tp->pr_name; tp++)
607 printproto(tp, tp->pr_name, &first);
610 if (af == PF_KEY || af == AF_UNSPEC)
611 for (tp = pfkeyprotox; tp->pr_name; tp++)
612 printproto(tp, tp->pr_name, &first);
615 if (af == AF_NETGRAPH || af == AF_UNSPEC)
616 for (tp = netgraphprotox; tp->pr_name; tp++)
617 printproto(tp, tp->pr_name, &first);
618 #endif /* NETGRAPH */
619 if ((af == AF_UNIX || af == AF_UNSPEC) && !sflag)
620 unixpr(nl[N_UNP_COUNT].n_value, nl[N_UNP_GENCNT].n_value,
621 nl[N_UNP_DHEAD].n_value, nl[N_UNP_SHEAD].n_value,
622 nl[N_UNP_SPHEAD].n_value, &first);
625 xo_close_list("socket");
626 xo_close_container("statistics");
632 * Print out protocol statistics or control blocks (per sflag).
633 * If the interface was not specifically requested, and the symbol
634 * is not in the namelist, ignore this one.
637 printproto(struct protox *tp, const char *name, bool *first)
639 void (*pr)(u_long, const char *, int, int);
641 bool doingdblocks = false;
646 intpr(interval, tp->pr_istats, af);
648 xo_message("%s: no per-interface stats routine",
655 xo_message("%s: no stats routine",
659 if (tp->pr_usesysctl && live)
661 else if (tp->pr_sindex < 0) {
663 xo_message("%s: stats routine doesn't "
664 "work on cores", tp->pr_name);
667 off = nl[tp->pr_sindex].n_value;
674 xo_message("%s: no PCB routine", tp->pr_name);
677 if (tp->pr_usesysctl && live)
679 else if (tp->pr_index < 0) {
681 xo_message("%s: PCB routine doesn't work on "
682 "cores", tp->pr_name);
685 off = nl[tp->pr_index].n_value;
687 if (pr != NULL && (off || (live && tp->pr_usesysctl) ||
689 if (doingdblocks && *first) {
690 xo_open_list("socket");
694 (*pr)(off, name, af, tp->pr_protocol);
701 char errbuf[_POSIX2_LINE_MAX];
706 kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf);
710 xo_warnx("kvm not available: %s", errbuf);
718 * Resolve symbol list, return 0 on success.
721 kresolve_list(struct nlist *_nl)
724 if ((kvmd == NULL) && (kvmd_init() != 0))
727 if (_nl[0].n_type != 0)
730 if (kvm_nlist(kvmd, _nl) < 0) {
732 xo_errx(1, "%s: kvm_nlist: %s", nlistf,
735 xo_errx(1, "kvm_nlist: %s", kvm_geterr(kvmd));
742 * Read kernel memory, return 0 on success.
745 kread(u_long addr, void *buf, size_t size)
753 if (kvm_read(kvmd, addr, buf, size) != (ssize_t)size) {
754 xo_warnx("%s", kvm_geterr(kvmd));
761 * Read single counter(9).
764 kread_counter(u_long addr)
770 return (kvm_counter_u64_fetch(kvmd, addr));
774 * Read an array of N counters in kernel memory into array of N uint64_t's.
777 kread_counters(u_long addr, void *buf, size_t size)
784 if (kread(addr, buf, size) < 0)
788 *c = kvm_counter_u64_fetch(kvmd, *c);
798 return (n != 1 ? "s" : "");
802 plurales(uintmax_t n)
804 return (n != 1 ? "es" : "");
808 pluralies(uintmax_t n)
810 return (n != 1 ? "ies" : "y");
814 * Find the protox for the given "well-known" name.
816 static struct protox *
817 knownname(const char *name)
819 struct protox **tpp, *tp;
821 for (tpp = protoprotox; *tpp; tpp++)
822 for (tp = *tpp; tp->pr_name; tp++)
823 if (strcmp(tp->pr_name, name) == 0)
829 * Find the protox corresponding to name.
831 static struct protox *
832 name2protox(const char *name)
835 char **alias; /* alias from p->aliases */
839 * Try to find the name in the list of "well-known" names. If that
840 * fails, check if name is an alias for an Internet protocol.
842 if ((tp = knownname(name)) != NULL)
845 setprotoent(1); /* make protocol lookup cheaper */
846 while ((p = getprotoent()) != NULL) {
847 /* assert: name not same as p->name */
848 for (alias = p->p_aliases; *alias; alias++)
849 if (strcmp(name, *alias) == 0) {
851 return (knownname(p->p_name));
861 (void)xo_error("%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n",
862 "usage: netstat [-46AaLnRSTWx] [-f protocol_family | -p protocol]\n"
863 " [-M core] [-N system]",
864 " netstat -i | -I interface [-46abdhnW] [-f address_family]\n"
865 " [-M core] [-N system]",
866 " netstat -w wait [-I interface] [-46d] [-M core] [-N system]\n"
868 " netstat -s [-46sz] [-f protocol_family | -p protocol]\n"
869 " [-M core] [-N system]",
870 " netstat -i | -I interface -s [-46s]\n"
871 " [-f protocol_family | -p protocol] [-M core] [-N system]",
872 " netstat -m [-M core] [-N system]",
873 " netstat -B [-z] [-I interface]",
874 " netstat -r [-46AnW] [-F fibnum] [-f address_family]\n"
875 " [-M core] [-N system]",
876 " netstat -rs [-s] [-M core] [-N system]",
877 " netstat -g [-46W] [-f address_family] [-M core] [-N system]",
878 " netstat -gs [-46s] [-f address_family] [-M core] [-N system]",