1 /* netstat.c - Display Linux networking subsystem.
2 *
3 * Copyright 2012 Ranjan Kumar <[email protected]>
4 * Copyright 2013 Kyungwan Han <[email protected]>
5 *
6 * Not in SUSv4.
7 *
8 USE_NETSTAT(NEWTOY(netstat, "pWrxwutneal", TOYFLAG_BIN))
9 config NETSTAT
10 bool "netstat"
11 default y
12 help
13 usage: netstat [-pWrxwutneal]
14
15 Display networking information. Default is netstat -tuwx
16
17 -r Routing table
18 -a All sockets (not just connected)
19 -l Listening server sockets
20 -t TCP sockets
21 -u UDP sockets
22 -w Raw sockets
23 -x Unix sockets
24 -e Extended info
25 -n Don't resolve names
26 -W Wide display
27 -p Show PID/program name of sockets
28 */
29
30 #define FOR_netstat
31 #include "toys.h"
32 #include <net/route.h>
33
34 GLOBALS(
35 struct num_cache *inodes;
36 int wpad;
37 )
38
39 struct num_cache {
40 struct num_cache *next;
41 long long num;
42 char data[];
43 };
44
45 // Find num in cache
get_num_cache(struct num_cache * cache,long long num)46 static struct num_cache *get_num_cache(struct num_cache *cache, long long num)
47 {
48 while (cache) {
49 if (num==cache->num) return cache;
50 cache = cache->next;
51 }
52
53 return 0;
54 }
55
56 // Uniquely add num+data to cache. Updates *cache, returns pointer to existing
57 // entry if it was already there.
add_num_cache(struct num_cache ** cache,long long num,void * data,int len)58 static struct num_cache *add_num_cache(struct num_cache **cache, long long num,
59 void *data, int len)
60 {
61 struct num_cache *old = get_num_cache(*cache, num);
62
63 if (old) return old;
64
65 old = xzalloc(sizeof(struct num_cache)+len);
66 old->next = *cache;
67 old->num = num;
68 memcpy(old->data, data, len);
69
70 *cache = old;
71
72 return 0;
73 }
74
addr2str(int af,void * addr,unsigned port,char * buf,int len,char * proto)75 static void addr2str(int af, void *addr, unsigned port, char *buf, int len,
76 char *proto)
77 {
78 char pres[INET6_ADDRSTRLEN];
79 struct servent *se = 0;
80 int pos, count;
81
82 if (!inet_ntop(af, addr, pres, sizeof(pres))) perror_exit("inet_ntop");
83
84 if (FLAG(n) || !port) {
85 strcpy(buf, pres);
86 } else {
87 struct addrinfo hints, *result, *rp;
88 char cut[4];
89
90 memset(&hints, 0, sizeof(struct addrinfo));
91 hints.ai_family = af;
92
93 if (!getaddrinfo(pres, NULL, &hints, &result)) {
94 socklen_t sock_len = (af == AF_INET) ? sizeof(struct sockaddr_in)
95 : sizeof(struct sockaddr_in6);
96
97 // We assume that a failing getnameinfo dosn't stomp "buf" here.
98 for (rp = result; rp; rp = rp->ai_next)
99 if (!getnameinfo(rp->ai_addr, sock_len, buf, 256, 0, 0, 0)) break;
100 freeaddrinfo(result);
101 buf[len] = 0;
102 }
103
104 // getservbyport() doesn't understand proto "tcp6", so truncate
105 memcpy(cut, proto, 3);
106 cut[3] = 0;
107 se = getservbyport(htons(port), cut);
108 }
109
110 if (!strcmp(buf, "::")) strcpy(buf, "[::]");
111
112 // Append :service or :* if port == 0.
113 if (se) {
114 count = snprintf(0, 0, ":%s", se->s_name);
115 // NI_MAXSERV == 32, which is greater than our minimum field width.
116 // (Although the longest service name on Debian in 2021 is only 16 bytes.)
117 if (count>=len) {
118 count = len-1;
119 se->s_name[count] = 0;
120 }
121 } else count = port ? snprintf(0, 0, ":%u", port) : 2;
122 // We always show the port, even if that means clobbering the end of the host.
123 pos = strlen(buf);
124 if (len-pos<count) pos = len-count;
125 if (se) sprintf(buf+pos, ":%s", se->s_name);
126 else sprintf(buf+pos, port ? ":%u" : ":*", port);
127 }
128
129 // Display info for tcp/udp/raw
show_ip(char * fname)130 static void show_ip(char *fname)
131 {
132 char *ss_state = "UNKNOWN", buf[12], *s, *label = strrchr(fname, '/')+1;
133 char *state_label[] = {"", "ESTABLISHED", "SYN_SENT", "SYN_RECV", "FIN_WAIT1",
134 "FIN_WAIT2", "TIME_WAIT", "CLOSE", "CLOSE_WAIT",
135 "LAST_ACK", "LISTEN", "CLOSING", "UNKNOWN"};
136 FILE *fp = xfopen(fname, "r");
137
138 // Skip header.
139 (void)fgets(toybuf, sizeof(toybuf), fp);
140
141 while (fgets(toybuf, sizeof(toybuf), fp)) {
142 char lip[256], rip[256];
143 union {
144 struct {unsigned u; unsigned char b[4];} i4;
145 struct {struct {unsigned a, b, c, d;} u; unsigned char b[16];} i6;
146 } laddr, raddr;
147 unsigned lport, rport, state, txq, rxq, num, uid, af = AF_INET6;
148 unsigned long inode;
149
150 // Try ipv6, then try ipv4
151 if (16 != sscanf(toybuf,
152 " %d: %8x%8x%8x%8x:%x %8x%8x%8x%8x:%x %x %x:%x %*X:%*X %*X %d %*d %ld",
153 &num, &laddr.i6.u.a, &laddr.i6.u.b, &laddr.i6.u.c,
154 &laddr.i6.u.d, &lport, &raddr.i6.u.a, &raddr.i6.u.b,
155 &raddr.i6.u.c, &raddr.i6.u.d, &rport, &state, &txq, &rxq,
156 &uid, &inode))
157 {
158 af = AF_INET;
159 if (10 != sscanf(toybuf,
160 " %d: %x:%x %x:%x %x %x:%x %*X:%*X %*X %d %*d %ld",
161 &num, &laddr.i4.u, &lport, &raddr.i4.u, &rport, &state, &txq,
162 &rxq, &uid, &inode)) continue;
163 }
164
165 // Should we display this? (listening or all or TCP/UDP/RAW)
166 if (!(FLAG(l) && (!rport && (state&0xA))) && !FLAG(a) && !(rport&0x70))
167 continue;
168
169 addr2str(af, &laddr, lport, lip, TT.wpad, label);
170 addr2str(af, &raddr, rport, rip, TT.wpad, label);
171
172 // Display data
173 s = label;
174 if (strstart(&s, "tcp")) {
175 int sz = ARRAY_LEN(state_label);
176 if (!state || state >= sz) state = sz-1;
177 ss_state = state_label[state];
178 } else if (strstart(&s, "udp")) {
179 if (state == 1) ss_state = state_label[state];
180 else if (state == 7) ss_state = "";
181 } else if (strstart(&s, "raw")) sprintf(ss_state = buf, "%u", state);
182
183 printf("%-6s%6d%7d %*.*s %*.*s %-11s", label, rxq, txq, -TT.wpad, TT.wpad,
184 lip, -TT.wpad, TT.wpad, rip, ss_state);
185 if (FLAG(e)) {
186 if (FLAG(n)) sprintf(s = toybuf, "%d", uid);
187 else s = getusername(uid);
188 printf(" %-10s %-11ld", s, inode);
189 }
190 if (FLAG(p)) {
191 struct num_cache *nc = get_num_cache(TT.inodes, inode);
192
193 printf(" %s", nc ? nc->data : "-");
194 }
195 xputc('\n');
196 }
197 fclose(fp);
198 }
199
show_unix_sockets(void)200 static void show_unix_sockets(void)
201 {
202 char *types[] = {"","STREAM","DGRAM","RAW","RDM","SEQPACKET","DCCP","PACKET"},
203 *states[] = {"","LISTENING","CONNECTING","CONNECTED","DISCONNECTING"},
204 *filename = 0;
205 unsigned long refcount, flags, type, state, inode;
206 FILE *fp = xfopen("/proc/net/unix", "r");
207
208 // Skip header.
209 (void)fgets(toybuf, sizeof(toybuf), fp);
210
211 while (fscanf(fp, "%*p: %lX %*X %lX %lX %lX %lu%m[^\n]", &refcount, &flags,
212 &type, &state, &inode, &filename) >= 5) {
213 // Linux exports only SO_ACCEPTCON since 2.3.15pre3 in 1999, but let's
214 // filter in case they add more someday.
215 flags &= 1<<16;
216
217 // Only show unconnected listening sockets with -a or -l.
218 if (state==1 && flags && !(FLAG(a) || FLAG(l))) continue;
219
220 if (type==10) type = 7; // move SOCK_PACKET into line
221 if (type>=ARRAY_LEN(types)) type = 0;
222 if (state>=ARRAY_LEN(states) || (state==1 && !flags)) state = 0;
223
224 if (state!=1 && FLAG(l)) continue;
225
226 sprintf(toybuf, "[ %s]", flags ? "ACC " : "");
227 printf("unix %-6ld %-11s %-10s %-13s %-8lu ",
228 refcount, toybuf, types[type], states[state], inode);
229 if (FLAG(p)) {
230 struct num_cache *nc = get_num_cache(TT.inodes, inode);
231
232 printf("%-19.19s ", nc ? nc->data : "-");
233 }
234
235 if (filename) {
236 printf("%s\n", filename+!FLAG(p));
237 free(filename);
238 filename = 0;
239 } else xputc('\n');
240 }
241 fclose(fp);
242 }
243
scan_pids(struct dirtree * node)244 static int scan_pids(struct dirtree *node)
245 {
246 char *s = toybuf+256;
247 struct dirent *entry;
248 DIR *dp;
249 int pid, dirfd;
250
251 if (!node->parent) return DIRTREE_RECURSE;
252 if (!(pid = atol(node->name))) return 0;
253
254 sprintf(toybuf, "/proc/%d/cmdline", pid);
255 if (!(readfile(toybuf, toybuf, 256))) return 0;
256
257 sprintf(s, "%d/fd", pid);
258 if (-1==(dirfd = openat(dirtree_parentfd(node), s, O_RDONLY))) return 0;
259 if (!(dp = fdopendir(dirfd))) close(dirfd);
260 else while ((entry = readdir(dp))) {
261 s = toybuf+256;
262 if (!readlinkat0(dirfd, entry->d_name, s, sizeof(toybuf)-256)) continue;
263 // Can the "[0000]:" happen in a modern kernel?
264 if (strstart(&s, "socket:[") || strstart(&s, "[0000]:")) {
265 long long ll = atoll(s);
266
267 sprintf(s, "%d/%s", pid, getbasename(toybuf));
268 add_num_cache(&TT.inodes, ll, s, strlen(s)+1);
269 }
270 }
271 closedir(dp);
272
273 return 0;
274 }
275
276 // extract inet4 route info from /proc/net/route file and display it.
display_routes(void)277 static void display_routes(void)
278 {
279 static const char flagchars[] = "GHRDMDAC";
280 static const unsigned flagarray[] = {
281 RTF_GATEWAY, RTF_HOST, RTF_REINSTATE, RTF_DYNAMIC, RTF_MODIFIED
282 };
283 unsigned dest, gate, mask;
284 int flags, ref, use, metric, mss, win, irtt;
285 char *out = toybuf, *flag_val;
286 char iface[64]={0};
287 FILE *fp = xfopen("/proc/net/route", "r");
288
289 // Skip header.
290 (void)fgets(toybuf, sizeof(toybuf), fp);
291
292 printf("Kernel IP routing table\n"
293 "Destination\tGateway \tGenmask \tFlags %s Iface\n",
294 !FLAG(e) ? " MSS Window irtt" : "Metric Ref Use");
295
296 while (fscanf(fp, "%63s%x%x%X%d%d%d%x%d%d%d", iface, &dest, &gate, &flags,
297 &ref, &use, &metric, &mask, &mss, &win, &irtt) == 11) {
298 char *destip = 0, *gateip = 0, *maskip = 0;
299
300 // skip down interfaces.
301 if (!(flags & RTF_UP)) continue;
302
303 // TODO /proc/net/ipv6_route
304
305 if (dest) {
306 if (inet_ntop(AF_INET, &dest, out, 16)) destip = out;
307 } else destip = FLAG(n) ? "0.0.0.0" : "default";
308 out += 16;
309
310 if (gate) {
311 if (inet_ntop(AF_INET, &gate, out, 16)) gateip = out;
312 } else gateip = FLAG(n) ? "0.0.0.0" : "*";
313 out += 16;
314
315 // TODO /24
316 //For Mask
317 if (inet_ntop(AF_INET, &mask, out, 16)) maskip = out;
318 else maskip = "?";
319 out += 16;
320
321 //Get flag Values
322 flag_val = out;
323 *out++ = 'U';
324 for (dest = 0; dest < ARRAY_LEN(flagarray); dest++)
325 if (flags&flagarray[dest]) *out++ = flagchars[dest];
326 *out = 0;
327 if (flags & RTF_REJECT) *flag_val = '!';
328
329 printf("%-15.15s %-15.15s %-16s%-6s", destip, gateip, maskip, flag_val);
330 if (!FLAG(e)) printf("%5d %-5d %6d %s\n", mss, win, irtt, iface);
331 else printf("%-6d %-2d %7d %s\n", metric, ref, use, iface);
332 }
333 fclose(fp);
334 }
335
netstat_main(void)336 void netstat_main(void)
337 {
338 int tuwx = FLAG_t|FLAG_u|FLAG_w|FLAG_x;
339 char *type = "w/o servers";
340
341 TT.wpad = FLAG(W) ? 51 : 23;
342 if (!(toys.optflags&(FLAG_r|tuwx))) toys.optflags |= tuwx;
343 if (FLAG(r)) display_routes();
344 if (!(toys.optflags&tuwx)) return;
345
346 if (FLAG(a)) type = "servers and established";
347 else if (FLAG(l)) type = "only servers";
348
349 if (FLAG(p)) dirtree_read("/proc", scan_pids);
350
351 if (toys.optflags&(FLAG_t|FLAG_u|FLAG_w)) {
352 printf("Active Internet connections (%s)\n", type);
353 printf("Proto Recv-Q Send-Q %*s %*s State ", -TT.wpad, "Local Address",
354 -TT.wpad, "Foreign Address");
355 if (FLAG(e)) printf(" User Inode ");
356 if (FLAG(p)) printf(" PID/Program Name");
357 xputc('\n');
358
359 if (FLAG(t)) {
360 show_ip("/proc/net/tcp");
361 show_ip("/proc/net/tcp6");
362 }
363 if (FLAG(u)) {
364 show_ip("/proc/net/udp");
365 show_ip("/proc/net/udp6");
366 }
367 if (FLAG(w)) {
368 show_ip("/proc/net/raw");
369 show_ip("/proc/net/raw6");
370 }
371 }
372
373 if (FLAG(x)) {
374 printf("Active UNIX domain sockets (%s)\n", type);
375 printf("Proto RefCnt Flags Type State I-Node%sPath\n",
376 FLAG(p) ? " PID/Program Name " : " ");
377 show_unix_sockets();
378 }
379
380 if (FLAG(p) && CFG_TOYBOX_FREE) llist_traverse(TT.inodes, free);
381 toys.exitval = 0;
382 }
383