2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 static const char copyright[] =
38 "@(#) Copyright (c) 1989, 1993\n\
39 The Regents of the University of California. All rights reserved.\n";
43 static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93";
46 #include <sys/cdefs.h>
47 __FBSDID("$FreeBSD$");
52 * Using the Internet Control Message Protocol (ICMP) "ECHO" facility,
53 * measure round-trip-delays and packet loss across network paths.
57 * U. S. Army Ballistic Research Laboratory
61 * Public Domain. Distribution Unlimited.
63 * More statistics could always be gathered.
64 * This program has to run SUID to ROOT to access the ICMP socket.
67 #include <sys/param.h> /* NB: we rely on this for <sys/types.h> */
68 #include <sys/capsicum.h>
69 #include <sys/socket.h>
70 #include <sys/sysctl.h>
74 #include <netinet/in.h>
75 #include <netinet/in_systm.h>
76 #include <netinet/ip.h>
77 #include <netinet/ip_icmp.h>
78 #include <netinet/ip_var.h>
79 #include <arpa/inet.h>
81 #include <libcasper.h>
82 #include <casper/cap_dns.h>
85 #include <netipsec/ipsec.h>
100 #define INADDR_LEN ((int)sizeof(in_addr_t))
101 #define TIMEVAL_LEN ((int)sizeof(struct tv32))
102 #define MASK_LEN (ICMP_MASKLEN - ICMP_MINLEN)
103 #define TS_LEN (ICMP_TSLEN - ICMP_MINLEN)
104 #define DEFDATALEN 56 /* default data length */
105 #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */
106 /* runs out of buffer space */
107 #define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN)
108 #define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN)
109 #define MAXWAIT 10000 /* max ms to wait for response */
110 #define MAXALARM (60 * 60) /* max seconds for alarm timeout */
113 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */
114 #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */
115 #define SET(bit) (A(bit) |= B(bit))
116 #define CLR(bit) (A(bit) &= (~B(bit)))
117 #define TST(bit) (A(bit) & B(bit))
124 /* various options */
126 #define F_FLOOD 0x0001
127 #define F_INTERVAL 0x0002
128 #define F_NUMERIC 0x0004
129 #define F_PINGFILLED 0x0008
130 #define F_QUIET 0x0010
131 #define F_RROUTE 0x0020
132 #define F_SO_DEBUG 0x0040
133 #define F_SO_DONTROUTE 0x0080
134 #define F_VERBOSE 0x0100
135 #define F_QUIET2 0x0200
136 #define F_NOLOOP 0x0400
137 #define F_MTTL 0x0800
139 #define F_AUDIBLE 0x2000
141 #ifdef IPSEC_POLICY_IPSEC
142 #define F_POLICY 0x4000
143 #endif /*IPSEC_POLICY_IPSEC*/
146 #define F_MISSED 0x10000
147 #define F_ONCE 0x20000
148 #define F_HDRINCL 0x40000
149 #define F_MASK 0x80000
150 #define F_TIME 0x100000
151 #define F_SWEEP 0x200000
152 #define F_WAITTIME 0x400000
155 * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum
156 * number of received sequence numbers we can keep track of. Change 128
157 * to 8192 for complete accuracy...
159 #define MAX_DUP_CHK (8 * 128)
160 static int mx_dup_ck = MAX_DUP_CHK;
161 static char rcvd_tbl[MAX_DUP_CHK / 8];
163 static struct sockaddr_in whereto; /* who to ping */
164 static int datalen = DEFDATALEN;
165 static int maxpayload;
166 static int ssend; /* send socket file descriptor */
167 static int srecv; /* receive socket file descriptor */
168 static u_char outpackhdr[IP_MAXPACKET], *outpack;
169 static char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */
170 static char BSPACE = '\b'; /* characters written for flood */
171 static char DOT = '.';
172 static char *hostname;
173 static char *shostname;
174 static int ident; /* process id to identify our packets */
175 static int uid; /* cached uid for micro-optimization */
176 static u_char icmp_type = ICMP_ECHO;
177 static u_char icmp_type_rsp = ICMP_ECHOREPLY;
178 static int phdr_len = 0;
182 static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */
183 static long npackets; /* max packets to transmit */
184 static long nreceived; /* # of packets we got back */
185 static long nrepeats; /* number of duplicates */
186 static long ntransmitted; /* sequence # for outbound packets = #sent */
187 static long snpackets; /* max packets to transmit in one sweep */
188 static long sntransmitted; /* # of packets we sent in this sweep */
189 static int sweepmax; /* max value of payload in sweep */
190 static int sweepmin = 0; /* start value of payload in sweep */
191 static int sweepincr = 1; /* payload increment in sweep */
192 static int interval = 1000; /* interval between packets, ms */
193 static int waittime = MAXWAIT; /* timeout for each packet */
194 static long nrcvtimeout = 0; /* # of packets we got back after waittime */
197 static int timing; /* flag to do timing */
198 static double tmin = 999999999.0; /* minimum round trip time */
199 static double tmax = 0.0; /* maximum round trip time */
200 static double tsum = 0.0; /* sum of all times, for doing average */
201 static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */
203 /* nonzero if we've been told to finish up */
204 static volatile sig_atomic_t finish_up;
205 static volatile sig_atomic_t siginfo_p;
207 static cap_channel_t *capdns;
209 static void fill(char *, char *);
210 static u_short in_cksum(u_short *, int);
211 static cap_channel_t *capdns_setup(void);
212 static void check_status(void);
213 static void finish(void) __dead2;
214 static void pinger(void);
215 static char *pr_addr(struct in_addr);
216 static char *pr_ntime(n_time);
217 static void pr_icmph(struct icmp *);
218 static void pr_iph(struct ip *);
219 static void pr_pack(char *, int, struct sockaddr_in *, struct timeval *);
220 static void pr_retip(struct ip *);
221 static void status(int);
222 static void stopit(int);
223 static void tvsub(struct timeval *, const struct timeval *);
224 static void usage(void) __dead2;
227 main(int argc, char *const *argv)
229 struct sockaddr_in from, sock_in;
230 struct in_addr ifaddr;
231 struct timeval last, intvl;
235 struct sigaction si_sa;
237 u_char *datap, packet[IP_MAXPACKET] __aligned(4);
238 char *ep, *source, *target, *payload;
240 #ifdef IPSEC_POLICY_IPSEC
241 char *policy_in, *policy_out;
243 struct sockaddr_in *to;
247 int almost_done, ch, df, hold, i, icmp_len, mib[4], preload;
248 int ssend_errno, srecv_errno, tos, ttl;
249 char ctrl[CMSG_SPACE(sizeof(struct timeval))];
250 char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN];
252 char rspace[MAX_IPOPTLEN]; /* record route space */
254 unsigned char loop, mttl;
256 payload = source = NULL;
257 #ifdef IPSEC_POLICY_IPSEC
258 policy_in = policy_out = NULL;
264 * Do the stuff that we need root priv's for *first*, and
265 * then drop our setuid bit. Save error reporting for
268 * Historicaly ping was using one socket 's' for sending and for
269 * receiving. After capsicum(4) related changes we use two
270 * sockets. It was done for special ping use case - when user
271 * issue ping on multicast or broadcast address replies come
272 * from different addresses, not from the address we
273 * connect(2)'ed to, and send socket do not receive those
276 ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
278 srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
281 if (setuid(getuid()) != 0)
282 err(EX_NOPERM, "setuid() failed");
287 err(EX_OSERR, "ssend socket");
292 err(EX_OSERR, "srecv socket");
295 alarmtimeout = df = preload = tos = 0;
297 outpack = outpackhdr + sizeof(struct ip);
298 while ((ch = getopt(argc, argv,
299 "Aac:DdfG:g:h:I:i:Ll:M:m:nop:QqRrS:s:T:t:vW:z:"
301 #ifdef IPSEC_POLICY_IPSEC
303 #endif /*IPSEC_POLICY_IPSEC*/
312 options |= F_AUDIBLE;
315 ltmp = strtol(optarg, &ep, 0);
316 if (*ep || ep == optarg || ltmp <= 0)
318 "invalid count of packets to transmit: `%s'",
323 options |= F_HDRINCL;
327 options |= F_SO_DEBUG;
332 err(EX_NOPERM, "-f flag");
335 setbuf(stdout, (char *)NULL);
337 case 'G': /* Maximum packet size for ping sweep */
338 ltmp = strtol(optarg, &ep, 0);
339 if (*ep || ep == optarg || ltmp <= 0)
340 errx(EX_USAGE, "invalid packet size: `%s'",
342 if (uid != 0 && ltmp > DEFDATALEN) {
345 "packet size too large: %ld > %u",
351 case 'g': /* Minimum packet size for ping sweep */
352 ltmp = strtol(optarg, &ep, 0);
353 if (*ep || ep == optarg || ltmp <= 0)
354 errx(EX_USAGE, "invalid packet size: `%s'",
356 if (uid != 0 && ltmp > DEFDATALEN) {
359 "packet size too large: %ld > %u",
365 case 'h': /* Packet size increment for ping sweep */
366 ltmp = strtol(optarg, &ep, 0);
367 if (*ep || ep == optarg || ltmp < 1)
368 errx(EX_USAGE, "invalid increment size: `%s'",
370 if (uid != 0 && ltmp > DEFDATALEN) {
373 "packet size too large: %ld > %u",
379 case 'I': /* multicast interface */
380 if (inet_aton(optarg, &ifaddr) == 0)
382 "invalid multicast interface: `%s'",
386 case 'i': /* wait between sending packets */
387 t = strtod(optarg, &ep) * 1000.0;
388 if (*ep || ep == optarg || t > (double)INT_MAX)
389 errx(EX_USAGE, "invalid timing interval: `%s'",
391 options |= F_INTERVAL;
393 if (uid && interval < 1000) {
395 err(EX_NOPERM, "-i interval too short");
403 ltmp = strtol(optarg, &ep, 0);
404 if (*ep || ep == optarg || ltmp > INT_MAX || ltmp < 0)
406 "invalid preload value: `%s'", optarg);
409 err(EX_NOPERM, "-l flag");
424 errx(EX_USAGE, "invalid message: `%c'", optarg[0]);
429 ltmp = strtol(optarg, &ep, 0);
430 if (*ep || ep == optarg || ltmp > MAXTTL || ltmp < 0)
431 errx(EX_USAGE, "invalid TTL: `%s'", optarg);
436 options |= F_NUMERIC;
442 #ifdef IPSEC_POLICY_IPSEC
445 if (!strncmp("in", optarg, 2))
446 policy_in = strdup(optarg);
447 else if (!strncmp("out", optarg, 3))
448 policy_out = strdup(optarg);
450 errx(1, "invalid security policy");
452 #endif /*IPSEC_POLICY_IPSEC*/
454 case 'p': /* fill buffer with user pattern */
455 options |= F_PINGFILLED;
468 options |= F_SO_DONTROUTE;
473 case 's': /* size of packet to send */
474 ltmp = strtol(optarg, &ep, 0);
475 if (*ep || ep == optarg || ltmp < 0)
476 errx(EX_USAGE, "invalid packet size: `%s'",
478 if (uid != 0 && ltmp > DEFDATALEN) {
481 "packet size too large: %ld > %u",
486 case 'T': /* multicast TTL */
487 ltmp = strtol(optarg, &ep, 0);
488 if (*ep || ep == optarg || ltmp > MAXTTL || ltmp < 0)
489 errx(EX_USAGE, "invalid multicast TTL: `%s'",
495 alarmtimeout = strtoul(optarg, &ep, 0);
496 if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX))
497 errx(EX_USAGE, "invalid timeout: `%s'",
499 if (alarmtimeout > MAXALARM)
500 errx(EX_USAGE, "invalid timeout: `%s' > %d",
502 alarm((int)alarmtimeout);
505 options |= F_VERBOSE;
507 case 'W': /* wait ms for answer */
508 t = strtod(optarg, &ep);
509 if (*ep || ep == optarg || t > (double)INT_MAX)
510 errx(EX_USAGE, "invalid timing interval: `%s'",
512 options |= F_WAITTIME;
516 options |= F_HDRINCL;
517 ltmp = strtol(optarg, &ep, 0);
518 if (*ep || ep == optarg || ltmp > MAXTOS || ltmp < 0)
519 errx(EX_USAGE, "invalid TOS: `%s'", optarg);
527 if (argc - optind != 1)
529 target = argv[optind];
531 switch (options & (F_MASK|F_TIME)) {
534 icmp_type = ICMP_MASKREQ;
535 icmp_type_rsp = ICMP_MASKREPLY;
537 if (!(options & F_QUIET))
538 (void)printf("ICMP_MASKREQ\n");
541 icmp_type = ICMP_TSTAMP;
542 icmp_type_rsp = ICMP_TSTAMPREPLY;
544 if (!(options & F_QUIET))
545 (void)printf("ICMP_TSTAMP\n");
548 errx(EX_USAGE, "ICMP_TSTAMP and ICMP_MASKREQ are exclusive.");
551 icmp_len = sizeof(struct ip) + ICMP_MINLEN + phdr_len;
552 if (options & F_RROUTE)
553 icmp_len += MAX_IPOPTLEN;
554 maxpayload = IP_MAXPACKET - icmp_len;
555 if (datalen > maxpayload)
556 errx(EX_USAGE, "packet size too large: %d > %d", datalen,
558 send_len = icmp_len + datalen;
559 datap = &outpack[ICMP_MINLEN + phdr_len + TIMEVAL_LEN];
560 if (options & F_PINGFILLED) {
561 fill((char *)datap, payload);
563 capdns = capdns_setup();
565 bzero((char *)&sock_in, sizeof(sock_in));
566 sock_in.sin_family = AF_INET;
567 if (inet_aton(source, &sock_in.sin_addr) != 0) {
570 hp = cap_gethostbyname2(capdns, source, AF_INET);
572 errx(EX_NOHOST, "cannot resolve %s: %s",
573 source, hstrerror(h_errno));
575 sock_in.sin_len = sizeof sock_in;
576 if ((unsigned)hp->h_length > sizeof(sock_in.sin_addr) ||
578 errx(1, "gethostbyname2: illegal address");
579 memcpy(&sock_in.sin_addr, hp->h_addr_list[0],
580 sizeof(sock_in.sin_addr));
581 (void)strncpy(snamebuf, hp->h_name,
582 sizeof(snamebuf) - 1);
583 snamebuf[sizeof(snamebuf) - 1] = '\0';
584 shostname = snamebuf;
586 if (bind(ssend, (struct sockaddr *)&sock_in, sizeof sock_in) ==
591 bzero(&whereto, sizeof(whereto));
593 to->sin_family = AF_INET;
594 to->sin_len = sizeof *to;
595 if (inet_aton(target, &to->sin_addr) != 0) {
598 hp = cap_gethostbyname2(capdns, target, AF_INET);
600 errx(EX_NOHOST, "cannot resolve %s: %s",
601 target, hstrerror(h_errno));
603 if ((unsigned)hp->h_length > sizeof(to->sin_addr))
604 errx(1, "gethostbyname2 returned an illegal address");
605 memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr);
606 (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1);
607 hnamebuf[sizeof(hnamebuf) - 1] = '\0';
611 /* From now on we will use only reverse DNS lookups. */
612 if (capdns != NULL) {
613 const char *types[1];
615 types[0] = "ADDR2NAME";
616 if (cap_dns_type_limit(capdns, types, 1) < 0)
617 err(1, "unable to limit access to system.dns service");
620 if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0)
623 if (options & F_FLOOD && options & F_INTERVAL)
624 errx(EX_USAGE, "-f and -i: incompatible options");
626 if (options & F_FLOOD && IN_MULTICAST(ntohl(to->sin_addr.s_addr)))
628 "-f flag cannot be used with multicast destination");
629 if (options & (F_MIF | F_NOLOOP | F_MTTL)
630 && !IN_MULTICAST(ntohl(to->sin_addr.s_addr)))
632 "-I, -L, -T flags cannot be used with unicast destination");
634 if (datalen >= TIMEVAL_LEN) /* can we time transfer */
637 if (!(options & F_PINGFILLED))
638 for (i = TIMEVAL_LEN; i < datalen; ++i)
641 ident = getpid() & 0xFFFF;
644 if (options & F_SO_DEBUG) {
645 (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold,
647 (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold,
650 if (options & F_SO_DONTROUTE)
651 (void)setsockopt(ssend, SOL_SOCKET, SO_DONTROUTE, (char *)&hold,
654 #ifdef IPSEC_POLICY_IPSEC
655 if (options & F_POLICY) {
657 if (policy_in != NULL) {
658 buf = ipsec_set_policy(policy_in, strlen(policy_in));
660 errx(EX_CONFIG, "%s", ipsec_strerror());
661 if (setsockopt(srecv, IPPROTO_IP, IP_IPSEC_POLICY,
662 buf, ipsec_get_policylen(buf)) < 0)
664 "ipsec policy cannot be configured");
668 if (policy_out != NULL) {
669 buf = ipsec_set_policy(policy_out, strlen(policy_out));
671 errx(EX_CONFIG, "%s", ipsec_strerror());
672 if (setsockopt(ssend, IPPROTO_IP, IP_IPSEC_POLICY,
673 buf, ipsec_get_policylen(buf)) < 0)
675 "ipsec policy cannot be configured");
679 #endif /*IPSEC_POLICY_IPSEC*/
682 if (options & F_HDRINCL) {
683 ip = (struct ip*)outpackhdr;
684 if (!(options & (F_TTL | F_MTTL))) {
688 mib[3] = IPCTL_DEFTTL;
690 if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1)
691 err(1, "sysctl(net.inet.ip.ttl)");
693 setsockopt(ssend, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold));
694 ip->ip_v = IPVERSION;
695 ip->ip_hl = sizeof(struct ip) >> 2;
698 ip->ip_off = htons(df ? IP_DF : 0);
700 ip->ip_p = IPPROTO_ICMP;
701 ip->ip_src.s_addr = source ? sock_in.sin_addr.s_addr : INADDR_ANY;
702 ip->ip_dst = to->sin_addr;
705 if (options & F_NUMERIC)
707 else if (capdns != NULL)
708 cansandbox = CASPER_SUPPORT;
713 * Here we enter capability mode. Further down access to global
714 * namespaces (e.g filesystem) is restricted (see capsicum(4)).
715 * We must connect(2) our socket before this point.
717 if (cansandbox && cap_enter() < 0 && errno != ENOSYS)
720 cap_rights_init(&rights, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT);
721 if (cap_rights_limit(srecv, &rights) < 0 && errno != ENOSYS)
722 err(1, "cap_rights_limit srecv");
724 cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT);
725 if (cap_rights_limit(ssend, &rights) < 0 && errno != ENOSYS)
726 err(1, "cap_rights_limit ssend");
728 /* record route option */
729 if (options & F_RROUTE) {
731 bzero(rspace, sizeof(rspace));
732 rspace[IPOPT_OPTVAL] = IPOPT_RR;
733 rspace[IPOPT_OLEN] = sizeof(rspace) - 1;
734 rspace[IPOPT_OFFSET] = IPOPT_MINOFF;
735 rspace[sizeof(rspace) - 1] = IPOPT_EOL;
736 if (setsockopt(ssend, IPPROTO_IP, IP_OPTIONS, rspace,
738 err(EX_OSERR, "setsockopt IP_OPTIONS");
741 "record route not available in this implementation");
742 #endif /* IP_OPTIONS */
745 if (options & F_TTL) {
746 if (setsockopt(ssend, IPPROTO_IP, IP_TTL, &ttl,
748 err(EX_OSERR, "setsockopt IP_TTL");
751 if (options & F_NOLOOP) {
752 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_LOOP, &loop,
754 err(EX_OSERR, "setsockopt IP_MULTICAST_LOOP");
757 if (options & F_MTTL) {
758 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_TTL, &mttl,
760 err(EX_OSERR, "setsockopt IP_MULTICAST_TTL");
763 if (options & F_MIF) {
764 if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_IF, &ifaddr,
765 sizeof(ifaddr)) < 0) {
766 err(EX_OSERR, "setsockopt IP_MULTICAST_IF");
771 if (setsockopt(srecv, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on)) < 0)
772 err(EX_OSERR, "setsockopt SO_TIMESTAMP");
776 if (sweepmin > sweepmax)
777 errx(EX_USAGE, "Maximum packet size must be no less than the minimum packet size");
779 if (datalen != DEFDATALEN)
780 errx(EX_USAGE, "Packet size and ping sweep are mutually exclusive");
783 snpackets = npackets;
788 send_len = icmp_len + sweepmin;
790 if (options & F_SWEEP && !sweepmax)
791 errx(EX_USAGE, "Maximum sweep size must be specified");
794 * When pinging the broadcast address, you can get a lot of answers.
795 * Doing something so evil is useful if you are trying to stress the
796 * ethernet, or just want to fill the arp cache to get some stuff for
797 * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast
798 * or multicast pings if they wish.
802 * XXX receive buffer needs undetermined space for mbuf overhead
805 hold = IP_MAXPACKET + 128;
806 (void)setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold,
808 /* CAP_SETSOCKOPT removed */
809 cap_rights_init(&rights, CAP_RECV, CAP_EVENT);
810 if (cap_rights_limit(srecv, &rights) < 0 && errno != ENOSYS)
811 err(1, "cap_rights_limit srecv setsockopt");
813 (void)setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, (char *)&hold,
815 /* CAP_SETSOCKOPT removed */
816 cap_rights_init(&rights, CAP_SEND);
817 if (cap_rights_limit(ssend, &rights) < 0 && errno != ENOSYS)
818 err(1, "cap_rights_limit ssend setsockopt");
820 if (to->sin_family == AF_INET) {
821 (void)printf("PING %s (%s)", hostname,
822 inet_ntoa(to->sin_addr));
824 (void)printf(" from %s", shostname);
826 (void)printf(": (%d ... %d) data bytes\n",
829 (void)printf(": %d data bytes\n", datalen);
833 (void)printf("PING %s: (%d ... %d) data bytes\n",
834 hostname, sweepmin, sweepmax);
836 (void)printf("PING %s: %d data bytes\n", hostname, datalen);
840 * Use sigaction() instead of signal() to get unambiguous semantics,
841 * in particular with SA_RESTART not set.
844 sigemptyset(&si_sa.sa_mask);
847 si_sa.sa_handler = stopit;
848 if (sigaction(SIGINT, &si_sa, 0) == -1) {
849 err(EX_OSERR, "sigaction SIGINT");
852 si_sa.sa_handler = status;
853 if (sigaction(SIGINFO, &si_sa, 0) == -1) {
854 err(EX_OSERR, "sigaction");
857 if (alarmtimeout > 0) {
858 si_sa.sa_handler = stopit;
859 if (sigaction(SIGALRM, &si_sa, 0) == -1)
860 err(EX_OSERR, "sigaction SIGALRM");
863 bzero(&msg, sizeof(msg));
864 msg.msg_name = (caddr_t)&from;
868 msg.msg_control = (caddr_t)ctrl;
870 iov.iov_base = packet;
871 iov.iov_len = IP_MAXPACKET;
874 pinger(); /* send the first ping */
876 if (npackets != 0 && preload > npackets)
878 while (preload--) /* fire off them quickies */
881 (void)gettimeofday(&last, NULL);
883 if (options & F_FLOOD) {
885 intvl.tv_usec = 10000;
887 intvl.tv_sec = interval / 1000;
888 intvl.tv_usec = interval % 1000 * 1000;
893 struct timeval now, timeout;
898 if ((unsigned)srecv >= FD_SETSIZE)
899 errx(EX_OSERR, "descriptor too large");
901 FD_SET(srecv, &rfds);
902 (void)gettimeofday(&now, NULL);
903 timeout.tv_sec = last.tv_sec + intvl.tv_sec - now.tv_sec;
904 timeout.tv_usec = last.tv_usec + intvl.tv_usec - now.tv_usec;
905 while (timeout.tv_usec < 0) {
906 timeout.tv_usec += 1000000;
909 while (timeout.tv_usec >= 1000000) {
910 timeout.tv_usec -= 1000000;
913 if (timeout.tv_sec < 0)
914 timerclear(&timeout);
915 n = select(srecv + 1, &rfds, NULL, NULL, &timeout);
917 continue; /* Must be EINTR. */
919 struct timeval *tv = NULL;
921 struct cmsghdr *cmsg = (struct cmsghdr *)&ctrl;
923 msg.msg_controllen = sizeof(ctrl);
925 msg.msg_namelen = sizeof(from);
926 if ((cc = recvmsg(srecv, &msg, 0)) < 0) {
933 if (cmsg->cmsg_level == SOL_SOCKET &&
934 cmsg->cmsg_type == SCM_TIMESTAMP &&
935 cmsg->cmsg_len == CMSG_LEN(sizeof *tv)) {
936 /* Copy to avoid alignment problems: */
937 memcpy(&now, CMSG_DATA(cmsg), sizeof(now));
942 (void)gettimeofday(&now, NULL);
945 pr_pack((char *)packet, cc, &from, tv);
946 if ((options & F_ONCE && nreceived) ||
947 (npackets && nreceived >= npackets))
950 if (n == 0 || options & F_FLOOD) {
951 if (sweepmax && sntransmitted == snpackets) {
952 for (i = 0; i < sweepincr ; ++i)
954 datalen += sweepincr;
955 if (datalen > sweepmax)
957 send_len = icmp_len + datalen;
960 if (!npackets || ntransmitted < npackets)
968 intvl.tv_sec = 2 * tmax / 1000;
972 intvl.tv_sec = waittime / 1000;
973 intvl.tv_usec = waittime % 1000 * 1000;
976 (void)gettimeofday(&last, NULL);
977 if (ntransmitted - nreceived - 1 > nmissedmax) {
978 nmissedmax = ntransmitted - nreceived - 1;
979 if (options & F_MISSED)
980 (void)write(STDOUT_FILENO, &BBELL, 1);
986 exit(0); /* Make the compiler happy */
991 * Set the global bit that causes the main loop to quit.
992 * Do NOT call finish() from here, since finish() does far too much
993 * to be called from a signal handler.
996 stopit(int sig __unused)
1000 * When doing reverse DNS lookups, the finish_up flag might not
1001 * be noticed for a while. Just exit if we get a second SIGINT.
1003 if (!(options & F_NUMERIC) && finish_up)
1004 _exit(nreceived ? 0 : 2);
1010 * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet
1011 * will be added on by the kernel. The ID field is our UNIX process ID,
1012 * and the sequence number is an ascending integer. The first TIMEVAL_LEN
1013 * bytes of the data portion are used to hold a UNIX "timeval" struct in
1014 * host byte-order, to compute the round-trip time.
1027 icp = (struct icmp *)outpack;
1028 icp->icmp_type = icmp_type;
1030 icp->icmp_cksum = 0;
1031 icp->icmp_seq = htons(ntransmitted);
1032 icp->icmp_id = ident; /* ID */
1034 CLR(ntransmitted % mx_dup_ck);
1036 if ((options & F_TIME) || timing) {
1037 (void)gettimeofday(&now, NULL);
1039 tv32.tv32_sec = htonl(now.tv_sec);
1040 tv32.tv32_usec = htonl(now.tv_usec);
1041 if (options & F_TIME)
1042 icp->icmp_otime = htonl((now.tv_sec % (24*60*60))
1043 * 1000 + now.tv_usec / 1000);
1045 bcopy((void *)&tv32,
1046 (void *)&outpack[ICMP_MINLEN + phdr_len],
1050 cc = ICMP_MINLEN + phdr_len + datalen;
1052 /* compute ICMP checksum here */
1053 icp->icmp_cksum = in_cksum((u_short *)icp, cc);
1055 if (options & F_HDRINCL) {
1056 cc += sizeof(struct ip);
1057 ip = (struct ip *)outpackhdr;
1058 ip->ip_len = htons(cc);
1059 ip->ip_sum = in_cksum((u_short *)outpackhdr, cc);
1060 packet = outpackhdr;
1062 i = send(ssend, (char *)packet, cc, 0);
1063 if (i < 0 || i != cc) {
1065 if (options & F_FLOOD && errno == ENOBUFS) {
1066 usleep(FLOOD_BACKOFF);
1071 warn("%s: partial write: %d of %d bytes",
1077 if (!(options & F_QUIET) && options & F_FLOOD)
1078 (void)write(STDOUT_FILENO, &DOT, 1);
1083 * Print out the packet, if it came from us. This logic is necessary
1084 * because ALL readers of the ICMP socket get a copy of ALL ICMP packets
1085 * which arrive ('tis only fair). This permits multiple copies of this
1086 * program to be run without having intermingled output (or statistics!).
1089 pr_pack(char *buf, int cc, struct sockaddr_in *from, struct timeval *tv)
1097 int dupflag, hlen, i, j, recv_len, seq;
1098 static int old_rrlen;
1099 static char old_rr[MAX_IPOPTLEN];
1101 /* Check the IP header */
1102 ip = (struct ip *)buf;
1103 hlen = ip->ip_hl << 2;
1105 if (cc < hlen + ICMP_MINLEN) {
1106 if (options & F_VERBOSE)
1107 warn("packet too short (%d bytes) from %s", cc,
1108 inet_ntoa(from->sin_addr));
1112 /* Now the ICMP part */
1114 icp = (struct icmp *)(buf + hlen);
1115 if (icp->icmp_type == icmp_type_rsp) {
1116 if (icp->icmp_id != ident)
1117 return; /* 'Twas not our ECHO */
1126 tp = icp->icmp_data;
1128 tp = (const char *)tp + phdr_len;
1130 if ((size_t)(cc - ICMP_MINLEN - phdr_len) >=
1132 /* Copy to avoid alignment problems: */
1133 memcpy(&tv32, tp, sizeof(tv32));
1134 tv1.tv_sec = ntohl(tv32.tv32_sec);
1135 tv1.tv_usec = ntohl(tv32.tv32_usec);
1137 triptime = ((double)tv->tv_sec) * 1000.0 +
1138 ((double)tv->tv_usec) / 1000.0;
1140 tsumsq += triptime * triptime;
1141 if (triptime < tmin)
1143 if (triptime > tmax)
1149 seq = ntohs(icp->icmp_seq);
1151 if (TST(seq % mx_dup_ck)) {
1156 SET(seq % mx_dup_ck);
1160 if (options & F_QUIET)
1163 if (options & F_WAITTIME && triptime > waittime) {
1168 if (options & F_FLOOD)
1169 (void)write(STDOUT_FILENO, &BSPACE, 1);
1171 (void)printf("%d bytes from %s: icmp_seq=%u", cc,
1172 inet_ntoa(*(struct in_addr *)&from->sin_addr.s_addr),
1174 (void)printf(" ttl=%d", ip->ip_ttl);
1176 (void)printf(" time=%.3f ms", triptime);
1178 (void)printf(" (DUP!)");
1179 if (options & F_AUDIBLE)
1180 (void)write(STDOUT_FILENO, &BBELL, 1);
1181 if (options & F_MASK) {
1182 /* Just prentend this cast isn't ugly */
1183 (void)printf(" mask=%s",
1184 inet_ntoa(*(struct in_addr *)&(icp->icmp_mask)));
1186 if (options & F_TIME) {
1187 (void)printf(" tso=%s", pr_ntime(icp->icmp_otime));
1188 (void)printf(" tsr=%s", pr_ntime(icp->icmp_rtime));
1189 (void)printf(" tst=%s", pr_ntime(icp->icmp_ttime));
1191 if (recv_len != send_len) {
1193 "\nwrong total length %d instead of %d",
1194 recv_len, send_len);
1196 /* check the data */
1197 cp = (u_char*)&icp->icmp_data[phdr_len];
1198 dp = &outpack[ICMP_MINLEN + phdr_len];
1199 cc -= ICMP_MINLEN + phdr_len;
1201 if (timing) { /* don't check variable timestamp */
1207 for (; i < datalen && cc > 0; ++i, ++cp, ++dp, --cc) {
1209 (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x",
1211 (void)printf("\ncp:");
1212 cp = (u_char*)&icp->icmp_data[0];
1213 for (i = 0; i < datalen; ++i, ++cp) {
1215 (void)printf("\n\t");
1216 (void)printf("%2x ", *cp);
1218 (void)printf("\ndp:");
1219 cp = &outpack[ICMP_MINLEN];
1220 for (i = 0; i < datalen; ++i, ++cp) {
1222 (void)printf("\n\t");
1223 (void)printf("%2x ", *cp);
1231 * We've got something other than an ECHOREPLY.
1232 * See if it's a reply to something that we sent.
1233 * We can compare IP destination, protocol,
1234 * and ICMP type and ID.
1236 * Only print all the error messages if we are running
1237 * as root to avoid leaking information not normally
1238 * available to those not running as root.
1241 struct ip *oip = &icp->icmp_ip;
1243 struct ip *oip = (struct ip *)icp->icmp_data;
1245 struct icmp *oicmp = (struct icmp *)(oip + 1);
1247 if (((options & F_VERBOSE) && uid == 0) ||
1248 (!(options & F_QUIET2) &&
1249 (oip->ip_dst.s_addr == whereto.sin_addr.s_addr) &&
1250 (oip->ip_p == IPPROTO_ICMP) &&
1251 (oicmp->icmp_type == ICMP_ECHO) &&
1252 (oicmp->icmp_id == ident))) {
1253 (void)printf("%d bytes from %s: ", cc,
1254 pr_addr(from->sin_addr));
1260 /* Display any IP options */
1261 cp = (u_char *)buf + sizeof(struct ip);
1263 for (; hlen > (int)sizeof(struct ip); --hlen, ++cp)
1270 (void)printf(*cp == IPOPT_LSRR ?
1271 "\nLSRR: " : "\nSSRR: ");
1272 j = cp[IPOPT_OLEN] - IPOPT_MINOFF + 1;
1275 if (j >= INADDR_LEN &&
1276 j <= hlen - (int)sizeof(struct ip)) {
1278 bcopy(++cp, &ina.s_addr, INADDR_LEN);
1279 if (ina.s_addr == 0)
1280 (void)printf("\t0.0.0.0");
1282 (void)printf("\t%s",
1285 cp += INADDR_LEN - 1;
1289 (void)putchar('\n');
1292 (void)printf("\t(truncated route)\n");
1295 j = cp[IPOPT_OLEN]; /* get length */
1296 i = cp[IPOPT_OFFSET]; /* and pointer */
1301 i = i - IPOPT_MINOFF + 1;
1302 if (i < 0 || i > (hlen - (int)sizeof(struct ip))) {
1307 && !bcmp((char *)cp, old_rr, i)
1308 && !(options & F_FLOOD)) {
1309 (void)printf("\t(same route)");
1315 bcopy((char *)cp, old_rr, i);
1316 (void)printf("\nRR: ");
1317 if (i >= INADDR_LEN &&
1318 i <= hlen - (int)sizeof(struct ip)) {
1320 bcopy(++cp, &ina.s_addr, INADDR_LEN);
1321 if (ina.s_addr == 0)
1322 (void)printf("\t0.0.0.0");
1324 (void)printf("\t%s",
1327 cp += INADDR_LEN - 1;
1331 (void)putchar('\n');
1334 (void)printf("\t(truncated route)");
1337 (void)printf("\nNOP");
1340 (void)printf("\nunknown option %x", *cp);
1343 if (!(options & F_FLOOD)) {
1344 (void)putchar('\n');
1345 (void)fflush(stdout);
1351 * Checksum routine for Internet Protocol family headers (C Version)
1354 in_cksum(u_short *addr, int len)
1369 * Our algorithm is simple, using a 32 bit accumulator (sum), we add
1370 * sequential 16 bit words to it, and at the end, fold back all the
1371 * carry bits from the top 16 bits into the lower 16 bits.
1378 /* mop up an odd byte, if necessary */
1380 last.uc[0] = *(u_char *)w;
1385 /* add back carry outs from top 16 bits to low 16 bits */
1386 sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
1387 sum += (sum >> 16); /* add carry */
1388 answer = ~sum; /* truncate to 16 bits */
1394 * Subtract 2 timeval structs: out = out - in. Out is assumed to
1398 tvsub(struct timeval *out, const struct timeval *in)
1401 if ((out->tv_usec -= in->tv_usec) < 0) {
1403 out->tv_usec += 1000000;
1405 out->tv_sec -= in->tv_sec;
1410 * Print out statistics when SIGINFO is received.
1414 status(int sig __unused)
1426 (void)fprintf(stderr, "\r%ld/%ld packets received (%.1f%%)",
1427 nreceived, ntransmitted,
1428 ntransmitted ? nreceived * 100.0 / ntransmitted : 0.0);
1429 if (nreceived && timing)
1430 (void)fprintf(stderr, " %.3f min / %.3f avg / %.3f max",
1431 tmin, tsum / (nreceived + nrepeats), tmax);
1432 (void)fprintf(stderr, "\n");
1438 * Print out statistics, and give up.
1444 (void)signal(SIGINT, SIG_IGN);
1445 (void)signal(SIGALRM, SIG_IGN);
1446 (void)putchar('\n');
1447 (void)fflush(stdout);
1448 (void)printf("--- %s ping statistics ---\n", hostname);
1449 (void)printf("%ld packets transmitted, ", ntransmitted);
1450 (void)printf("%ld packets received, ", nreceived);
1452 (void)printf("+%ld duplicates, ", nrepeats);
1454 if (nreceived > ntransmitted)
1455 (void)printf("-- somebody's printing up packets!");
1457 (void)printf("%.1f%% packet loss",
1458 ((ntransmitted - nreceived) * 100.0) /
1462 (void)printf(", %ld packets out of wait time", nrcvtimeout);
1463 (void)putchar('\n');
1464 if (nreceived && timing) {
1465 double n = nreceived + nrepeats;
1466 double avg = tsum / n;
1467 double vari = tsumsq / n - avg * avg;
1469 "round-trip min/avg/max/stddev = %.3f/%.3f/%.3f/%.3f ms\n",
1470 tmin, avg, tmax, sqrt(vari));
1480 static char *ttab[] = {
1481 "Echo Reply", /* ip + seq + udata */
1482 "Dest Unreachable", /* net, host, proto, port, frag, sr + IP */
1483 "Source Quench", /* IP */
1484 "Redirect", /* redirect type, gateway, + IP */
1486 "Time Exceeded", /* transit, frag reassem + IP */
1487 "Parameter Problem", /* pointer + IP */
1488 "Timestamp", /* id + seq + three timestamps */
1489 "Timestamp Reply", /* " */
1490 "Info Request", /* id + sq */
1491 "Info Reply" /* " */
1497 * Print a descriptive string about an ICMP header.
1500 pr_icmph(struct icmp *icp)
1503 switch(icp->icmp_type) {
1504 case ICMP_ECHOREPLY:
1505 (void)printf("Echo Reply\n");
1506 /* XXX ID + Seq + Data */
1509 switch(icp->icmp_code) {
1510 case ICMP_UNREACH_NET:
1511 (void)printf("Destination Net Unreachable\n");
1513 case ICMP_UNREACH_HOST:
1514 (void)printf("Destination Host Unreachable\n");
1516 case ICMP_UNREACH_PROTOCOL:
1517 (void)printf("Destination Protocol Unreachable\n");
1519 case ICMP_UNREACH_PORT:
1520 (void)printf("Destination Port Unreachable\n");
1522 case ICMP_UNREACH_NEEDFRAG:
1523 (void)printf("frag needed and DF set (MTU %d)\n",
1524 ntohs(icp->icmp_nextmtu));
1526 case ICMP_UNREACH_SRCFAIL:
1527 (void)printf("Source Route Failed\n");
1529 case ICMP_UNREACH_FILTER_PROHIB:
1530 (void)printf("Communication prohibited by filter\n");
1533 (void)printf("Dest Unreachable, Bad Code: %d\n",
1537 /* Print returned IP header information */
1539 pr_retip(&icp->icmp_ip);
1541 pr_retip((struct ip *)icp->icmp_data);
1544 case ICMP_SOURCEQUENCH:
1545 (void)printf("Source Quench\n");
1547 pr_retip(&icp->icmp_ip);
1549 pr_retip((struct ip *)icp->icmp_data);
1553 switch(icp->icmp_code) {
1554 case ICMP_REDIRECT_NET:
1555 (void)printf("Redirect Network");
1557 case ICMP_REDIRECT_HOST:
1558 (void)printf("Redirect Host");
1560 case ICMP_REDIRECT_TOSNET:
1561 (void)printf("Redirect Type of Service and Network");
1563 case ICMP_REDIRECT_TOSHOST:
1564 (void)printf("Redirect Type of Service and Host");
1567 (void)printf("Redirect, Bad Code: %d", icp->icmp_code);
1570 (void)printf("(New addr: %s)\n", inet_ntoa(icp->icmp_gwaddr));
1572 pr_retip(&icp->icmp_ip);
1574 pr_retip((struct ip *)icp->icmp_data);
1578 (void)printf("Echo Request\n");
1579 /* XXX ID + Seq + Data */
1582 switch(icp->icmp_code) {
1583 case ICMP_TIMXCEED_INTRANS:
1584 (void)printf("Time to live exceeded\n");
1586 case ICMP_TIMXCEED_REASS:
1587 (void)printf("Frag reassembly time exceeded\n");
1590 (void)printf("Time exceeded, Bad Code: %d\n",
1595 pr_retip(&icp->icmp_ip);
1597 pr_retip((struct ip *)icp->icmp_data);
1600 case ICMP_PARAMPROB:
1601 (void)printf("Parameter problem: pointer = 0x%02x\n",
1602 icp->icmp_hun.ih_pptr);
1604 pr_retip(&icp->icmp_ip);
1606 pr_retip((struct ip *)icp->icmp_data);
1610 (void)printf("Timestamp\n");
1611 /* XXX ID + Seq + 3 timestamps */
1613 case ICMP_TSTAMPREPLY:
1614 (void)printf("Timestamp Reply\n");
1615 /* XXX ID + Seq + 3 timestamps */
1618 (void)printf("Information Request\n");
1621 case ICMP_IREQREPLY:
1622 (void)printf("Information Reply\n");
1626 (void)printf("Address Mask Request\n");
1628 case ICMP_MASKREPLY:
1629 (void)printf("Address Mask Reply\n");
1631 case ICMP_ROUTERADVERT:
1632 (void)printf("Router Advertisement\n");
1634 case ICMP_ROUTERSOLICIT:
1635 (void)printf("Router Solicitation\n");
1638 (void)printf("Bad ICMP type: %d\n", icp->icmp_type);
1644 * Print an IP header with options.
1647 pr_iph(struct ip *ip)
1653 hlen = ip->ip_hl << 2;
1654 cp = (u_char *)ip + 20; /* point to options */
1656 (void)printf("Vr HL TOS Len ID Flg off TTL Pro cks Src Dst\n");
1657 (void)printf(" %1x %1x %02x %04x %04x",
1658 ip->ip_v, ip->ip_hl, ip->ip_tos, ntohs(ip->ip_len),
1660 (void)printf(" %1lx %04lx",
1661 (u_long) (ntohl(ip->ip_off) & 0xe000) >> 13,
1662 (u_long) ntohl(ip->ip_off) & 0x1fff);
1663 (void)printf(" %02x %02x %04x", ip->ip_ttl, ip->ip_p,
1665 memcpy(&ina, &ip->ip_src.s_addr, sizeof ina);
1666 (void)printf(" %s ", inet_ntoa(ina));
1667 memcpy(&ina, &ip->ip_dst.s_addr, sizeof ina);
1668 (void)printf(" %s ", inet_ntoa(ina));
1669 /* dump any option bytes */
1670 while (hlen-- > 20) {
1671 (void)printf("%02x", *cp++);
1673 (void)putchar('\n');
1678 * Return an ascii host address as a dotted quad and optionally with
1682 pr_addr(struct in_addr ina)
1685 static char buf[16 + 3 + MAXHOSTNAMELEN];
1687 if (options & F_NUMERIC)
1688 return inet_ntoa(ina);
1690 hp = cap_gethostbyaddr(capdns, (char *)&ina, 4, AF_INET);
1693 return inet_ntoa(ina);
1695 (void)snprintf(buf, sizeof(buf), "%s (%s)", hp->h_name,
1702 * Dump some info on a returned (via ICMP) IP packet.
1705 pr_retip(struct ip *ip)
1711 hlen = ip->ip_hl << 2;
1712 cp = (u_char *)ip + hlen;
1715 (void)printf("TCP: from port %u, to port %u (decimal)\n",
1716 (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3)));
1717 else if (ip->ip_p == 17)
1718 (void)printf("UDP: from port %u, to port %u (decimal)\n",
1719 (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3)));
1723 pr_ntime(n_time timestamp)
1725 static char buf[10];
1728 sec = ntohl(timestamp) / 1000;
1729 hour = sec / 60 / 60;
1730 min = (sec % (60 * 60)) / 60;
1731 sec = (sec % (60 * 60)) % 60;
1733 (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d", hour, min, sec);
1739 fill(char *bp, char *patp)
1745 for (cp = patp; *cp; cp++) {
1748 "patterns must be specified as hex digits");
1752 "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x",
1753 &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6],
1754 &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12],
1755 &pat[13], &pat[14], &pat[15]);
1758 for (kk = 0; kk <= maxpayload - (TIMEVAL_LEN + ii); kk += ii)
1759 for (jj = 0; jj < ii; ++jj)
1760 bp[jj + kk] = pat[jj];
1761 if (!(options & F_QUIET)) {
1762 (void)printf("PATTERN: 0x");
1763 for (jj = 0; jj < ii; ++jj)
1764 (void)printf("%02x", bp[jj] & 0xFF);
1769 static cap_channel_t *
1772 cap_channel_t *capcas, *capdnsloc;
1773 const char *types[2];
1776 capcas = cap_init();
1778 err(1, "unable to create casper process");
1779 capdnsloc = cap_service_open(capcas, "system.dns");
1780 /* Casper capability no longer needed. */
1782 if (capdnsloc == NULL)
1783 err(1, "unable to open system.dns service");
1784 types[0] = "NAME2ADDR";
1785 types[1] = "ADDR2NAME";
1786 if (cap_dns_type_limit(capdnsloc, types, 2) < 0)
1787 err(1, "unable to limit access to system.dns service");
1788 families[0] = AF_INET;
1789 if (cap_dns_family_limit(capdnsloc, families, 1) < 0)
1790 err(1, "unable to limit access to system.dns service");
1795 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
1796 #define SECOPT " [-P policy]"
1804 (void)fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n",
1805 "usage: ping [-AaDdfnoQqRrv] [-c count] [-G sweepmaxsize] [-g sweepminsize]",
1806 " [-h sweepincrsize] [-i wait] [-l preload] [-M mask | time] [-m ttl]",
1807 " " SECOPT " [-p pattern] [-S src_addr] [-s packetsize] [-t timeout]",
1808 " [-W waittime] [-z tos] host",
1809 " ping [-AaDdfLnoQqRrv] [-c count] [-I iface] [-i wait] [-l preload]",
1810 " [-M mask | time] [-m ttl]" SECOPT " [-p pattern] [-S src_addr]",
1811 " [-s packetsize] [-T ttl] [-t timeout] [-W waittime]",
1812 " [-z tos] mcast-group");