• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* netstat.c - Display Linux networking subsystem.
2  *
3  * Copyright 2012 Ranjan Kumar <ranjankumar.bth@gmail.com>
4  * Copyright 2013 Kyungwan Han <asura321@gmail.com>
5  *
6  * Not in SUSv4.
7  *
8 USE_NETSTAT(NEWTOY(netstat, "pWrxwutneal", TOYFLAG_BIN))
9 config NETSTAT
10   bool "netstat"
11   default y
12   help
13     usage: netstat [-pWrxwutneal]
14 
15     Display networking information. Default is netstat -tuwx
16 
17     -r	Routing table
18     -a	All sockets (not just connected)
19     -l	Listening server sockets
20     -t	TCP sockets
21     -u	UDP sockets
22     -w	Raw sockets
23     -x	Unix sockets
24     -e	Extended info
25     -n	Don't resolve names
26     -W	Wide display
27     -p	Show PID/program name of sockets
28 */
29 
30 #define FOR_netstat
31 #include "toys.h"
32 #include <net/route.h>
33 
34 GLOBALS(
35   struct num_cache *inodes;
36   int wpad;
37 );
38 
39 // convert address into text format.
addr2str(int af,void * addr,unsigned port,char * buf,int len,char * proto)40 static void addr2str(int af, void *addr, unsigned port, char *buf, int len,
41   char *proto)
42 {
43   int pos, count;
44   struct servent *ser = 0;
45 
46   // Convert to numeric address
47   if (!inet_ntop(af, addr, buf, 256)) {
48     *buf = 0;
49 
50     return;
51   }
52   buf[len] = 0;
53   pos = strlen(buf);
54 
55   // If there's no port number, it's a local :* binding, nothing to look up.
56   if (!port) {
57     if (len-pos<2) pos = len-2;
58     strcpy(buf+pos, ":*");
59 
60     return;
61   }
62 
63   if (!(toys.optflags & FLAG_n)) {
64     struct addrinfo hints, *result, *rp;
65     char cut[4];
66 
67     memset(&hints, 0, sizeof(struct addrinfo));
68     hints.ai_family = af;
69 
70     if (!getaddrinfo(buf, NULL, &hints, &result)) {
71       socklen_t sock_len = (af == AF_INET) ? sizeof(struct sockaddr_in)
72         : sizeof(struct sockaddr_in6);
73 
74       // We assume that a failing getnameinfo dosn't stomp "buf" here.
75       for (rp = result; rp; rp = rp->ai_next)
76         if (!getnameinfo(rp->ai_addr, sock_len, buf, 256, 0, 0, 0)) break;
77       freeaddrinfo(result);
78       buf[len] = 0;
79       pos = strlen(buf);
80     }
81 
82     // Doesn't understand proto "tcp6", so truncate
83     memcpy(cut, proto, 3);
84     cut[3] = 0;
85     ser = getservbyport(htons(port), cut);
86   }
87 
88   // Append :service
89   count = snprintf(0, 0, ":%u", port);
90   if (ser) {
91     count = snprintf(0, 0, ":%s", ser->s_name);
92     // sheer paranoia
93     if (count>=len) {
94       count = len-1;
95       ser->s_name[count] = 0;
96     }
97   }
98   if (len-pos<count) pos = len-count;
99   if (ser) sprintf(buf+pos, ":%s", ser->s_name);
100   else sprintf(buf+pos, ":%u", port);
101 }
102 
103 // Display info for tcp/udp/raw
show_ip(char * fname)104 static void show_ip(char *fname)
105 {
106   char *ss_state = "UNKNOWN", buf[12], *s, *label = strrchr(fname, '/')+1;
107   char *state_label[] = {"", "ESTABLISHED", "SYN_SENT", "SYN_RECV", "FIN_WAIT1",
108                          "FIN_WAIT2", "TIME_WAIT", "CLOSE", "CLOSE_WAIT",
109                          "LAST_ACK", "LISTEN", "CLOSING", "UNKNOWN"};
110   struct passwd *pw;
111   FILE *fp = fopen(fname, "r");
112 
113   if (!fp) {
114      perror_msg("'%s'", fname);
115      return;
116   }
117 
118   if(!fgets(toybuf, sizeof(toybuf), fp)) return; //skip header.
119 
120   while (fgets(toybuf, sizeof(toybuf), fp)) {
121     char lip[256], rip[256];
122     union {
123       struct {unsigned u; unsigned char b[4];} i4;
124       struct {struct {unsigned a, b, c, d;} u; unsigned char b[16];} i6;
125     } laddr, raddr;
126     unsigned lport, rport, state, txq, rxq, num, uid, nitems;
127     unsigned long inode;
128 
129     // Try ipv6, then try ipv4
130     nitems = sscanf(toybuf,
131       " %d: %8x%8x%8x%8x:%x %8x%8x%8x%8x:%x %x %x:%x %*X:%*X %*X %d %*d %ld",
132       &num, &laddr.i6.u.a, &laddr.i6.u.b, &laddr.i6.u.c,
133       &laddr.i6.u.d, &lport, &raddr.i6.u.a, &raddr.i6.u.b,
134       &raddr.i6.u.c, &raddr.i6.u.d, &rport, &state, &txq, &rxq,
135       &uid, &inode);
136 
137     if (nitems!=16) {
138       nitems = sscanf(toybuf,
139         " %d: %x:%x %x:%x %x %x:%x %*X:%*X %*X %d %*d %ld",
140         &num, &laddr.i4.u, &lport, &raddr.i4.u, &rport, &state, &txq,
141         &rxq, &uid, &inode);
142 
143       if (nitems!=10) continue;
144       nitems = AF_INET;
145     } else nitems = AF_INET6;
146 
147     // Should we display this? (listening or all or TCP/UDP/RAW)
148     if (!((toys.optflags & FLAG_l) && (!rport && (state & 0xA)))
149       && !(toys.optflags & FLAG_a) && !(rport & (0x10 | 0x20 | 0x40)))
150         continue;
151 
152     addr2str(nitems, &laddr, lport, lip, TT.wpad, label);
153     addr2str(nitems, &raddr, rport, rip, TT.wpad, label);
154 
155     // Display data
156     s = label;
157     if (strstart(&s, "tcp")) {
158       int sz = ARRAY_LEN(state_label);
159       if (!state || state >= sz) state = sz-1;
160       ss_state = state_label[state];
161     } else if (strstart(&s, "udp")) {
162       if (state == 1) ss_state = state_label[state];
163       else if (state == 7) ss_state = "";
164     } else if (strstart(&s, "raw")) sprintf(ss_state = buf, "%u", state);
165 
166     if (!(toys.optflags & FLAG_n) && (pw = bufgetpwuid(uid)))
167       snprintf(toybuf, sizeof(toybuf), "%s", pw->pw_name);
168     else snprintf(toybuf, sizeof(toybuf), "%d", uid);
169 
170     printf("%-6s%6d%7d ", label, rxq, txq);
171     printf("%*.*s %*.*s ", -TT.wpad, TT.wpad, lip, -TT.wpad, TT.wpad, rip);
172     printf("%-11s", ss_state);
173     if ((toys.optflags & FLAG_e)) printf(" %-10s %-11ld", toybuf, inode);
174     if ((toys.optflags & FLAG_p)) {
175       struct num_cache *nc = get_num_cache(TT.inodes, inode);
176 
177       printf(" %s", nc ? nc->data : "-");
178     }
179     xputc('\n');
180   }
181   fclose(fp);
182 }
183 
show_unix_sockets(void)184 static void show_unix_sockets(void)
185 {
186   char *types[] = {"","STREAM","DGRAM","RAW","RDM","SEQPACKET","DCCP","PACKET"},
187        *states[] = {"","LISTENING","CONNECTING","CONNECTED","DISCONNECTING"},
188        *s, *ss;
189   unsigned long refcount, flags, type, state, inode;
190   FILE *fp = xfopen("/proc/net/unix", "r");
191 
192   if(!fgets(toybuf, sizeof(toybuf), fp)) return; //skip header.
193 
194   while (fgets(toybuf, sizeof(toybuf), fp)) {
195     unsigned offset = 0;
196 
197     // count = 6 or 7 (first field ignored, sockets don't always have filenames)
198     if (6<sscanf(toybuf, "%*p: %lX %*X %lX %lX %lX %lu %n",
199       &refcount, &flags, &type, &state, &inode, &offset))
200         continue;
201 
202     // Linux exports only SO_ACCEPTCON since 2.3.15pre3 in 1999, but let's
203     // filter in case they add more someday.
204     flags &= 1<<16;
205 
206     // Only show unconnected listening sockets with -a
207     if (state==1 && flags && !(toys.optflags&FLAG_a)) continue;
208 
209     if (type==10) type = 7; // move SOCK_PACKET into line
210     if (type>ARRAY_LEN(types)) type = 0;
211     if (state>ARRAY_LEN(states) || (state==1 && !flags)) state = 0;
212     sprintf(toybuf, "[ %s]", flags ? "ACC " : "");
213 
214     printf("unix  %-6ld %-11s %-10s %-13s %8lu ",
215       refcount, toybuf, types[type], states[state], inode);
216     if (toys.optflags & FLAG_p) {
217       struct num_cache *nc = get_num_cache(TT.inodes, inode);
218 
219       printf("%-19.19s", nc ? nc->data : "-");
220     }
221 
222     if (offset) {
223       if ((ss = strrchr(s = toybuf+offset, '\n'))) *ss = 0;
224       printf("%s", s);
225     }
226     xputc('\n');
227   }
228 
229   fclose(fp);
230 }
231 
scan_pids(struct dirtree * node)232 static int scan_pids(struct dirtree *node)
233 {
234   char *s = toybuf+256;
235   struct dirent *entry;
236   DIR *dp;
237   int pid, dirfd;
238 
239   if (!node->parent) return DIRTREE_RECURSE;
240   if (!(pid = atol(node->name))) return 0;
241 
242   sprintf(toybuf, "/proc/%d/cmdline", pid);
243   if (!(readfile(toybuf, toybuf, 256))) return 0;
244 
245   sprintf(s, "%d/fd", pid);
246   if (-1==(dirfd = openat(dirtree_parentfd(node), s, O_RDONLY))) return 0;
247   if (!(dp = fdopendir(dirfd))) {
248     close(dirfd);
249 
250     return 0;
251   }
252 
253   while ((entry = readdir(dp))) {
254     s = toybuf+256;
255     if (!readlinkat0(dirfd, entry->d_name, s, sizeof(toybuf)-256)) continue;
256     // Can the "[0000]:" happen in a modern kernel?
257     if (strstart(&s, "socket:[") || strstart(&s, "[0000]:")) {
258       long long ll = atoll(s);
259 
260       sprintf(s, "%d/%s", pid, getbasename(toybuf));
261       add_num_cache(&TT.inodes, ll, s, strlen(s)+1);
262     }
263   }
264   closedir(dp);
265 
266   return 0;
267 }
268 
269 /*
270  * extract inet4 route info from /proc/net/route file and display it.
271  */
display_routes(void)272 static void display_routes(void)
273 {
274   static const char flagchars[] = "GHRDMDAC";
275   static const unsigned flagarray[] = {
276     RTF_GATEWAY, RTF_HOST, RTF_REINSTATE, RTF_DYNAMIC, RTF_MODIFIED
277   };
278   unsigned dest, gate, mask;
279   int flags, ref, use, metric, mss, win, irtt;
280   char *out = toybuf, *flag_val;
281   char iface[64]={0};
282   FILE *fp = xfopen("/proc/net/route", "r");
283 
284   if(!fgets(toybuf, sizeof(toybuf), fp)) return; //skip header.
285 
286   printf("Kernel IP routing table\n"
287           "Destination\tGateway \tGenmask \tFlags %s Iface\n",
288           !(toys.optflags&FLAG_e) ? "  MSS Window  irtt" : "Metric Ref    Use");
289 
290   while (fgets(toybuf, sizeof(toybuf), fp)) {
291      char *destip = 0, *gateip = 0, *maskip = 0;
292 
293      if (11 != sscanf(toybuf, "%63s%x%x%X%d%d%d%x%d%d%d", iface, &dest,
294        &gate, &flags, &ref, &use, &metric, &mask, &mss, &win, &irtt))
295          break;
296 
297     // skip down interfaces.
298     if (!(flags & RTF_UP)) continue;
299 
300 // TODO /proc/net/ipv6_route
301 
302     if (dest) {
303       if (inet_ntop(AF_INET, &dest, out, 16)) destip = out;
304     } else destip = (toys.optflags&FLAG_n) ? "0.0.0.0" : "default";
305     out += 16;
306 
307     if (gate) {
308       if (inet_ntop(AF_INET, &gate, out, 16)) gateip = out;
309     } else gateip = (toys.optflags&FLAG_n) ? "0.0.0.0" : "*";
310     out += 16;
311 
312 // TODO /24
313     //For Mask
314     if (inet_ntop(AF_INET, &mask, out, 16)) maskip = out;
315     else maskip = "?";
316     out += 16;
317 
318     //Get flag Values
319     flag_val = out;
320     *out++ = 'U';
321     for (dest = 0; dest < ARRAY_LEN(flagarray); dest++)
322       if (flags&flagarray[dest]) *out++ = flagchars[dest];
323     *out = 0;
324     if (flags & RTF_REJECT) *flag_val = '!';
325 
326     printf("%-15.15s %-15.15s %-16s%-6s", destip, gateip, maskip, flag_val);
327     if (!(toys.optflags & FLAG_e))
328       printf("%5d %-5d %6d %s\n", mss, win, irtt, iface);
329     else printf("%-6d %-2d %7d %s\n", metric, ref, use, iface);
330   }
331 
332   fclose(fp);
333 }
334 
netstat_main(void)335 void netstat_main(void)
336 {
337   int tuwx = FLAG_t|FLAG_u|FLAG_w|FLAG_x;
338   char *type = "w/o";
339 
340   TT.wpad = (toys.optflags&FLAG_W) ? 51 : 23;
341   if (!(toys.optflags&(FLAG_r|tuwx))) toys.optflags |= tuwx;
342   if (toys.optflags & FLAG_r) display_routes();
343   if (!(toys.optflags&tuwx)) return;
344 
345   if (toys.optflags & FLAG_a) type = "established and";
346   else if (toys.optflags & FLAG_l) type = "only";
347 
348   if (toys.optflags & FLAG_p) dirtree_read("/proc", scan_pids);
349 
350   if (toys.optflags&(FLAG_t|FLAG_u|FLAG_w)) {
351     printf("Active %s (%s servers)\n", "Internet connections", type);
352     printf("Proto Recv-Q Send-Q %*s %*s State      ", -TT.wpad, "Local Address",
353       -TT.wpad, "Foreign Address");
354     if (toys.optflags & FLAG_e) printf(" User       Inode      ");
355     if (toys.optflags & FLAG_p) printf(" PID/Program Name");
356     xputc('\n');
357 
358     if (toys.optflags & FLAG_t) {
359       show_ip("/proc/net/tcp");
360       show_ip("/proc/net/tcp6");
361     }
362     if (toys.optflags & FLAG_u) {
363       show_ip("/proc/net/udp");
364       show_ip("/proc/net/udp6");
365     }
366     if (toys.optflags & FLAG_w) {
367       show_ip("/proc/net/raw");
368       show_ip("/proc/net/raw6");
369     }
370   }
371 
372   if (toys.optflags & FLAG_x) {
373     printf("Active %s (%s servers)\n", "UNIX domain sockets", type);
374 
375     printf("Proto RefCnt Flags\t Type\t    State\t    %s Path\n",
376       (toys.optflags&FLAG_p) ? "PID/Program Name" : "I-Node");
377     show_unix_sockets();
378   }
379 
380   if ((toys.optflags & FLAG_p) && CFG_TOYBOX_FREE)
381     llist_traverse(TT.inodes, free);
382   toys.exitval = 0;
383 }
384