usr.sbin/trpt/trpt.c

204076Spjd/*
204076Spjd * Copyright (c) 1983, 1988, 1993
219351Spjd *	The Regents of the University of California.  All rights reserved.
204076Spjd *
204076Spjd * Redistribution and use in source and binary forms, with or without
204076Spjd * modification, are permitted provided that the following conditions
204076Spjd * are met:
204076Spjd * 1. Redistributions of source code must retain the above copyright
204076Spjd *    notice, this list of conditions and the following disclaimer.
204076Spjd * 2. Redistributions in binary form must reproduce the above copyright
204076Spjd *    notice, this list of conditions and the following disclaimer in the
204076Spjd *    documentation and/or other materials provided with the distribution.
204076Spjd * 3. All advertising materials mentioning features or use of this software
204076Spjd *    must display the following acknowledgement:
204076Spjd *	This product includes software developed by the University of
204076Spjd *	California, Berkeley and its contributors.
204076Spjd * 4. Neither the name of the University nor the names of its contributors
204076Spjd *    may be used to endorse or promote products derived from this software
204076Spjd *    without specific prior written permission.
204076Spjd *
204076Spjd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
204076Spjd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
204076Spjd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
204076Spjd * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
204076Spjd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
204076Spjd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
204076Spjd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
204076Spjd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
204076Spjd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
204076Spjd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
204076Spjd * SUCH DAMAGE.
204076Spjd */
204076Spjd
204076Spjd#ifndef lint
204076Spjdstatic const char copyright[] =
204076Spjd"@(#) Copyright (c) 1983, 1988, 1993\n\
204076Spjd	The Regents of the University of California.  All rights reserved.\n";
204076Spjd#endif /* not lint */
204076Spjd
204076Spjd#ifndef lint
204076Spjd#if 0
204076Spjdstatic char sccsid[] = "@(#)trpt.c	8.1 (Berkeley) 6/6/93";
204076Spjd#endif
204076Spjdstatic const char rcsid[] =
204076Spjd  "$FreeBSD: head/usr.sbin/trpt/trpt.c 73732 2001-03-05 12:13:12Z dwmalone $";
204076Spjd#endif /* not lint */
211982Spjd
204076Spjd#include <sys/param.h>
204076Spjd#include <sys/queue.h>
204076Spjd#include <sys/socket.h>
204076Spjd#include <sys/socketvar.h>
204076Spjd#define PRUREQUESTS
204076Spjd#include <sys/protosw.h>
204076Spjd#include <sys/file.h>
204076Spjd#include <sys/time.h>
204076Spjd
204076Spjd#include <net/route.h>
204076Spjd#include <net/if.h>
212038Spjd
204076Spjd#include <netinet/in.h>
204076Spjd#include <netinet/in_systm.h>
204076Spjd#include <netinet/ip.h>
211886Spjd#ifdef INET6
204076Spjd#include <netinet/ip6.h>
204076Spjd#endif
204076Spjd#include <netinet/ip_var.h>
246922Spjd#include <netinet/tcp.h>
204076Spjd#define TCPSTATES
204076Spjd#include <netinet/tcp_fsm.h>
204076Spjd#include <netinet/tcp_seq.h>
210886Spjd#define	TCPTIMERS
210886Spjd#include <netinet/tcp_timer.h>
210886Spjd#include <netinet/tcp_var.h>
204076Spjd#include <netinet/tcpip.h>
204076Spjd#define	TANAMES
204076Spjd#include <netinet/tcp_debug.h>
204076Spjd
204076Spjd#include <arpa/inet.h>
204076Spjd
204076Spjd#include <err.h>
249969Sed#include <nlist.h>
204076Spjd#include <paths.h>
204076Spjd#include <stdio.h>
204076Spjd#include <stdlib.h>
204076Spjd#include <unistd.h>
204076Spjd
204076Spjdstruct nlist nl[] = {
204076Spjd#define	N_TCP_DEBUG	0
219818Spjd	{ "_tcp_debug" },
204076Spjd#define	N_TCP_DEBX	1
204076Spjd	{ "_tcp_debx" },
226859Spjd	{ "" },
226859Spjd};
226859Spjd
226859Spjdstatic caddr_t tcp_pcbs[TCP_NDEBUG];
226859Spjdstatic n_time ntime;
226859Spjdstatic int aflag, kflag, memf, follow, sflag, tflag;
226859Spjd
226859Spjdvoid dotrace __P((caddr_t));
226859Spjdvoid klseek __P((int, off_t, int));
204076Spjdint numeric __P((const void *, const void *));
204076Spjdvoid tcp_trace __P((short, short, struct tcpcb *, struct tcpcb *,
204076Spjd			int, void *, struct tcphdr *, int));
204076Spjdstatic void usage __P((void));
204076Spjd
204076Spjdint
204076Spjdmain(argc, argv)
204076Spjd	int argc;
204076Spjd	char **argv;
204076Spjd{
204076Spjd	int ch, i, jflag, npcbs;
204076Spjd	char *system, *core;
204076Spjd
204076Spjd	jflag = npcbs = 0;
204076Spjd	while ((ch = getopt(argc, argv, "afjp:st")) != -1)
204076Spjd		switch (ch) {
204076Spjd		case 'a':
204076Spjd			++aflag;
204076Spjd			break;
204076Spjd		case 'f':
204076Spjd			++follow;
204076Spjd			setlinebuf(stdout);
204076Spjd			break;
204076Spjd		case 'j':
204076Spjd			++jflag;
204076Spjd			break;
204076Spjd		case 'p':
204076Spjd			if (npcbs >= TCP_NDEBUG)
204076Spjd				errx(1, "too many pcb's specified");
204076Spjd			(void)sscanf(optarg, "%x", (int *)&tcp_pcbs[npcbs++]);
204076Spjd			break;
204076Spjd		case 's':
204076Spjd			++sflag;
204076Spjd			break;
204076Spjd		case 't':
204076Spjd			++tflag;
204076Spjd			break;
204076Spjd		case '?':
204076Spjd		default:
204076Spjd			usage();
204076Spjd		}
204076Spjd	argc -= optind;
204076Spjd	argv += optind;
204076Spjd
204076Spjd	core = _PATH_KMEM;
204076Spjd	if (argc > 0) {
204076Spjd		system = *argv;
204076Spjd		argc--, argv++;
204076Spjd		if (argc > 0) {
204076Spjd			core = *argv;
204076Spjd			argc--, argv++;
204076Spjd			++kflag;
204076Spjd		}
204076Spjd		/*
204076Spjd		 * Discard setgid privileges if not the running kernel so that
204076Spjd		 * bad guys can't print interesting stuff from kernel memory.
204076Spjd		 */
204076Spjd		setgid(getgid());
204076Spjd	}
204076Spjd	else
204076Spjd		system = (char *)getbootfile();
204076Spjd
204076Spjd	if (nlist(system, nl) < 0 || !nl[0].n_value)
204076Spjd		errx(1, "%s: no namelist", system);
204076Spjd	if ((memf = open(core, O_RDONLY)) < 0)
204076Spjd		err(2, "%s", core);
204076Spjd	if (kflag)
204076Spjd		errx(1, "can't do core files yet");
204076Spjd	(void)klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET);
204076Spjd	if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) !=
204076Spjd	    sizeof(tcp_debx))
204076Spjd		err(3, "tcp_debx");
204076Spjd	(void)klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET);
204076Spjd	if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) !=
204076Spjd	    sizeof(tcp_debug))
204076Spjd		err(3, "tcp_debug");
204076Spjd	/*
204076Spjd	 * If no control blocks have been specified, figure
204076Spjd	 * out how many distinct one we have and summarize
204076Spjd	 * them in tcp_pcbs for sorting the trace records
204076Spjd	 * below.
204076Spjd	 */
204076Spjd	if (!npcbs) {
204076Spjd		for (i = 0; i < TCP_NDEBUG; i++) {
204076Spjd			register struct tcp_debug *td = &tcp_debug[i];
204076Spjd			register int j;
214692Spjd
214692Spjd			if (td->td_tcb == 0)
214692Spjd				continue;
204076Spjd			for (j = 0; j < npcbs; j++)
214692Spjd				if (tcp_pcbs[j] == td->td_tcb)
214692Spjd					break;
214692Spjd			if (j >= npcbs)
214692Spjd				tcp_pcbs[npcbs++] = td->td_tcb;
219864Spjd		}
214692Spjd		if (!npcbs)
204076Spjd			exit(0);
214692Spjd	}
214692Spjd	qsort(tcp_pcbs, npcbs, sizeof(caddr_t), numeric);
214692Spjd	if (jflag) {
214692Spjd		for (i = 0;;) {
204076Spjd			printf("%x", (int)tcp_pcbs[i]);
204076Spjd			if (++i == npcbs)
204076Spjd				break;
204076Spjd			fputs(", ", stdout);
204076Spjd		}
204076Spjd		putchar('\n');
204076Spjd	}
204076Spjd	else for (i = 0; i < npcbs; i++) {
204076Spjd		printf("\n%x:\n", (int)tcp_pcbs[i]);
204076Spjd		dotrace(tcp_pcbs[i]);
204076Spjd	}
204076Spjd	exit(0);
209183Spjd}
209183Spjd
209183Spjdstatic void
209183Spjdusage()
204076Spjd{
204076Spjd	(void)fprintf(stderr,
204076Spjd		"usage: trpt [-afjst] [-p hex-address] [system [core]]\n");
204076Spjd	exit(1);
204076Spjd}
204076Spjd
204076Spjdvoid
204076Spjddotrace(tcpcb)
204076Spjd	register caddr_t tcpcb;
204076Spjd{
204076Spjd	register struct tcp_debug *td;
204076Spjd	register int i;
204076Spjd	int prev_debx = tcp_debx, family;
220898Spjd
204076Spjdagain:	if (--tcp_debx < 0)
204076Spjd		tcp_debx = TCP_NDEBUG - 1;
204076Spjd	for (i = prev_debx % TCP_NDEBUG; i < TCP_NDEBUG; i++) {
204076Spjd		td = &tcp_debug[i];
204076Spjd		if (tcpcb && td->td_tcb != tcpcb)
204076Spjd			continue;
204076Spjd		ntime = ntohl(td->td_time);
204076Spjd#ifdef INET6
204076Spjd		family = td->td_family;
211982Spjd#else
204076Spjd		family = AF_INET;
204076Spjd#endif
204076Spjd		switch(family) {
204076Spjd		case AF_INET:
204076Spjd			tcp_trace(td->td_act, td->td_ostate,
204076Spjd				  (struct tcpcb *)td->td_tcb,
204076Spjd				  &td->td_cb, td->td_family, &td->td_ti.ti_i,
204076Spjd				  &td->td_ti.ti_t, td->td_req);
204076Spjd			break;
204076Spjd#ifdef INET6
204076Spjd		case AF_INET6:
213533Spjd			tcp_trace(td->td_act, td->td_ostate,
204076Spjd				  (struct tcpcb *)td->td_tcb,
204076Spjd				  &td->td_cb, td->td_family, &td->td_ti6.ip6,
204076Spjd				  &td->td_ti6.th, td->td_req);
229945Spjd			break;
213531Spjd#endif
213531Spjd		}
204076Spjd		if (i == tcp_debx)
204076Spjd			goto done;
204076Spjd	}
204076Spjd	for (i = 0; i <= tcp_debx % TCP_NDEBUG; i++) {
204076Spjd		td = &tcp_debug[i];
204076Spjd		if (tcpcb && td->td_tcb != tcpcb)
204076Spjd			continue;
204076Spjd		ntime = ntohl(td->td_time);
204076Spjd#ifdef INET6
212899Spjd		family = td->td_family;
204076Spjd#else
204076Spjd		family = AF_INET;
204076Spjd#endif
204076Spjd		switch(family) {
218138Spjd		case AF_INET:
204076Spjd			tcp_trace(td->td_act, td->td_ostate,
204076Spjd				  (struct tcpcb *)td->td_tcb,
204076Spjd				  &td->td_cb, td->td_family, &td->td_ti.ti_i,
204076Spjd				  &td->td_ti.ti_t, td->td_req);
204076Spjd			break;
204076Spjd#ifdef INET6
204076Spjd		case AF_INET6:
212899Spjd			tcp_trace(td->td_act, td->td_ostate,
204076Spjd				  (struct tcpcb *)td->td_tcb,
204076Spjd				  &td->td_cb, td->td_family, &td->td_ti6.ip6,
204076Spjd				  &td->td_ti6.th, td->td_req);
204076Spjd			break;
204076Spjd#endif
204076Spjd		}
204076Spjd	}
204076Spjddone:	if (follow) {
204076Spjd		prev_debx = tcp_debx + 1;
204076Spjd		if (prev_debx >= TCP_NDEBUG)
204076Spjd			prev_debx = 0;
204076Spjd		do {
204076Spjd			sleep(1);
204076Spjd			(void)klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET);
204076Spjd			if (read(memf, (char *)&tcp_debx, sizeof(tcp_debx)) !=
204076Spjd			    sizeof(tcp_debx))
204076Spjd				err(3, "tcp_debx");
204076Spjd		} while (tcp_debx == prev_debx);
218138Spjd		(void)klseek(memf, (off_t)nl[N_TCP_DEBUG].n_value, L_SET);
218138Spjd		if (read(memf, (char *)tcp_debug, sizeof(tcp_debug)) !=
204076Spjd		    sizeof(tcp_debug))
204076Spjd			err(3, "tcp_debug");
225786Spjd		goto again;
247281Strociny	}
204076Spjd}
204076Spjd
225830Spjd/*
225830Spjd * Tcp debug routines
225830Spjd */
225830Spjd/*ARGSUSED*/
225830Spjdvoid
225830Spjdtcp_trace(act, ostate, atp, tp, family, ip, th, req)
225830Spjd	short act, ostate;
225830Spjd	struct tcpcb *atp, *tp;
247281Strociny	int family;
225830Spjd	void *ip;
225830Spjd	struct tcphdr *th;
225830Spjd	int req;
204076Spjd{
204076Spjd	tcp_seq seq, ack;
204076Spjd	int flags, len, win, timer;
210881Spjd	struct ip *ip4;
210881Spjd#ifdef INET6
210881Spjd	int isipv6, nopkt = 1;
210881Spjd	struct ip6_hdr *ip6;
210881Spjd	char ntop_buf[INET6_ADDRSTRLEN];
210881Spjd#endif
210881Spjd
204076Spjd#ifdef INET6
204076Spjd	switch (family) {
204076Spjd	case AF_INET:
204076Spjd		nopkt = 0;
204076Spjd		isipv6 = 0;
204076Spjd		ip4 = (struct ip *)ip;
204076Spjd		break;
204076Spjd	case AF_INET6:
204076Spjd		nopkt = 0;
204076Spjd		isipv6 = 1;
204076Spjd		ip6 = (struct ip6_hdr *)ip;
204076Spjd	case 0:
204076Spjd	default:
204076Spjd		break;
204076Spjd	}
204076Spjd#else
204076Spjd	ip4 = (struct ip *)ip;
204076Spjd#endif
204076Spjd	printf("%03ld %s:%s ",(ntime/10) % 1000, tcpstates[ostate],
204076Spjd	    tanames[act]);
204076Spjd	switch (act) {
204076Spjd	case TA_INPUT:
204076Spjd	case TA_OUTPUT:
204076Spjd	case TA_DROP:
204076Spjd#ifdef INET6
204076Spjd		if (nopkt != 0)
204076Spjd			break;
204076Spjd#endif
204076Spjd		if (aflag) {
204076Spjd			printf("(src=%s,%u, ",
204076Spjd
204076Spjd#ifdef INET6
204076Spjd			       isipv6
204076Spjd			       ? inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf,
204076Spjd					   sizeof(ntop_buf)) :
204076Spjd#endif
204076Spjd			       inet_ntoa(ip4->ip_src),
204076Spjd			       ntohs(th->th_sport));
204076Spjd			printf("dst=%s,%u)",
204076Spjd#ifdef INET6
204076Spjd			       isipv6
204076Spjd			       ? inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf,
204076Spjd					   sizeof(ntop_buf)) :
204076Spjd#endif
204076Spjd			       inet_ntoa(ip4->ip_dst),
204076Spjd			       ntohs(th->th_dport));
204076Spjd		}
204076Spjd		seq = th->th_seq;
204076Spjd		ack = th->th_ack;
204076Spjd
204076Spjd		len =
204076Spjd#ifdef INET6
204076Spjd			isipv6 ? ip6->ip6_plen :
204076Spjd#endif
204076Spjd			ip4->ip_len;
204076Spjd		win = th->th_win;
204076Spjd		if (act == TA_OUTPUT) {
204076Spjd			seq = ntohl(seq);
204076Spjd			ack = ntohl(ack);
204076Spjd			len = ntohs(len);
204076Spjd			win = ntohs(win);
204076Spjd		}
204076Spjd		if (act == TA_OUTPUT)
204076Spjd			len -= sizeof(struct tcphdr);
204076Spjd		if (len)
204076Spjd			printf("[%lx..%lx)", seq, seq + len);
204076Spjd		else
204076Spjd			printf("%lx", seq);
204076Spjd		printf("@%lx", ack);
204076Spjd		if (win)
204076Spjd			printf("(win=%x)", win);
204076Spjd		flags = th->th_flags;
204076Spjd		if (flags) {
204076Spjd			register char *cp = "<";
204076Spjd#define	pf(flag, string) { \
204076Spjd	if (th->th_flags&flag) { \
204076Spjd		(void)printf("%s%s", cp, string); \
204076Spjd		cp = ","; \
204076Spjd	} \
204076Spjd}
204076Spjd			pf(TH_SYN, "SYN");
204076Spjd			pf(TH_ACK, "ACK");
204076Spjd			pf(TH_FIN, "FIN");
204076Spjd			pf(TH_RST, "RST");
204076Spjd			pf(TH_PUSH, "PUSH");
204076Spjd			pf(TH_URG, "URG");
204076Spjd			printf(">");
249969Sed		}
204076Spjd		break;
204076Spjd	case TA_USER:
204076Spjd		timer = req >> 8;
204076Spjd		req &= 0xff;
204076Spjd		printf("%s", prurequests[req]);
204076Spjd		if (req == PRU_SLOWTIMO || req == PRU_FASTTIMO)
204076Spjd			printf("<%s>", tcptimers[timer]);
204076Spjd		break;
204076Spjd	}
204076Spjd	printf(" -> %s", tcpstates[tp->t_state]);
204076Spjd	/* print out internal state of tp !?! */
204076Spjd	printf("\n");
204076Spjd	if (sflag) {
204076Spjd		printf("\trcv_nxt %lx rcv_wnd %x snd_una %lx snd_nxt %lx snd_max %lx\n",
204076Spjd		    tp->rcv_nxt, tp->rcv_wnd, tp->snd_una, tp->snd_nxt,
204076Spjd		    tp->snd_max);
204076Spjd		printf("\tsnd_wl1 %lx snd_wl2 %lx snd_wnd %x\n", tp->snd_wl1,
204076Spjd		    tp->snd_wl2, tp->snd_wnd);
204076Spjd	}
204076Spjd	/* print out timers? */
204076Spjd#if 0
204076Spjd	/*
204076Spjd	 * XXX
204076Spjd	 * kernel now uses callouts, not integer time values.
204076Spjd	 */
214284Spjd	if (tflag) {
214284Spjd		register char *cp = "\t";
214284Spjd		register int i;
214284Spjd
214284Spjd		for (i = 0; i < TCPT_NTIMERS; i++) {
214284Spjd			if (tp->t_timer[i] == 0)
214284Spjd				continue;
214284Spjd			printf("%s%s=%d", cp, tcptimers[i], tp->t_timer[i]);
214284Spjd			if (i == TCPT_REXMT)
214284Spjd				printf(" (t_rxtshft=%d)", tp->t_rxtshift);
214284Spjd			cp = ", ";
214284Spjd		}
229945Spjd		if (*cp != '\t')
214284Spjd			putchar('\n');
214284Spjd	}
214284Spjd#endif
214284Spjd}
214284Spjd
204076Spjdint
204076Spjdnumeric(v1, v2)
204076Spjd	const void *v1, *v2;
204076Spjd{
204076Spjd	const caddr_t *c1 = v1, *c2 = v2;
204076Spjd	return(*c1 - *c2);
229945Spjd}
204076Spjd
204076Spjdvoid
204076Spjdklseek(fd, base, off)
229945Spjd	int fd, off;
204076Spjd	off_t base;
204076Spjd{
204076Spjd	(void)lseek(fd, base, off);
204076Spjd}
229945Spjd