1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-29 12:03:03 +00:00
freebsd/usr.bin/netstat/pfkey.c
John Baldwin feda1a4372 Restore netstat -M functionality for most statistics on core dumps. In
general, when support was added to netstat for fetching data using sysctl,
no provision was left for fetching equivalent data from a core dump, and
in fact, netstat would _always_ fetch data from the live kernel using
sysctl even when -M was specified resulting in the user believing they
were getting data from coredumps when they actually weren't.  Some specific
changes:
- Add a global 'live' variable that is true if netstat is running against
  the live kernel and false if -M has been specified.
- Stop abusing the sysctl flag in the protocol tables to hold the protocol
  number.  Instead, the protocol is now its own field in the tables, and
  it is passed as a separate parameter to the PCB and stat routines rather
  than overloading the KVM offset parameter.
- Don't run PCB or stats functions who don't have a namelist offset if we
  are being run against a crash dump (!live).
- For the inet and unix PCB routines, we generate the same buffer from KVM
  that the sysctl usually generates complete with the header and trailer.
- Don't run bpf stats for !live (before it would just silently always run
  live).
- kread() no longer trashes memory when opening the buffer if there is an
  error on open and the passed in buffer is smaller than _POSIX2_LINE_MAX.
- The multicast routing code doesn't fallback to kvm on live kernels if
  the sysctl fails.  Keeping this made the code rather hairy, and netstat
  is already tied to the kernel ABI anyway (even when using sysctl's since
  things like xinpcb contain an inpcb) so any kernels this is run against
  that have the multicast routing stuff should have the sysctls.
- Don't try to dig around in the kernel linker in the netgraph PCB routine
  for core dumps.

Other notes:
- sctp's PCB routine only works on live kernels, it looked rather
  complicated to generate all the same stuff via KVM.  Someone can always
  add it later if desired though.
- Fix the ipsec removal bug where N_xxx for IPSEC stats weren't renumbered.
- Use sysctlbyname() everywhere rather than hardcoded mib values.

MFC after:	1 week
Approved by:	re (rwatson)
2007-07-16 17:15:55 +00:00

184 lines
6.8 KiB
C

/* $FreeBSD$ */
/* $NetBSD: inet.c,v 1.35.2.1 1999/04/29 14:57:08 perry Exp $ */
/* $KAME: ipsec.c,v 1.25 2001/03/12 09:04:39 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (c) 1983, 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#ifndef lint
/*
static char sccsid[] = "@(#)inet.c 8.5 (Berkeley) 5/24/95";
*/
static const char rcsid[] =
"$FreeBSD$";
#endif /* not lint */
#include <sys/param.h>
#include <sys/queue.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <netinet/in.h>
#ifdef IPSEC
#include <netipsec/keysock.h>
#endif
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "netstat.h"
#ifdef IPSEC
static const char *pfkey_msgtypenames[] = {
"reserved", "getspi", "update", "add", "delete",
"get", "acquire", "register", "expire", "flush",
"dump", "x_promisc", "x_pchange", "x_spdupdate", "x_spdadd",
"x_spddelete", "x_spdget", "x_spdacquire", "x_spddump", "x_spdflush",
"x_spdsetidx", "x_spdexpire", "x_spddelete2"
};
static const char *pfkey_msgtype_names (int);
static const char *
pfkey_msgtype_names(int x)
{
const int max =
sizeof(pfkey_msgtypenames)/sizeof(pfkey_msgtypenames[0]);
static char buf[20];
if (x < max && pfkey_msgtypenames[x])
return pfkey_msgtypenames[x];
snprintf(buf, sizeof(buf), "#%d", x);
return buf;
}
void
pfkey_stats(u_long off, const char *name, int family __unused,
int proto __unused)
{
struct pfkeystat pfkeystat;
unsigned first, type;
if (off == 0)
return;
printf ("%s:\n", name);
kread(off, (char *)&pfkeystat, sizeof(pfkeystat));
#define p(f, m) if (pfkeystat.f || sflag <= 1) \
printf(m, (uintmax_t)pfkeystat.f, plural(pfkeystat.f))
/* userland -> kernel */
p(out_total, "\t%ju request%s sent from userland\n");
p(out_bytes, "\t%ju byte%s sent from userland\n");
for (first = 1, type = 0;
type < sizeof(pfkeystat.out_msgtype)/sizeof(pfkeystat.out_msgtype[0]);
type++) {
if (pfkeystat.out_msgtype[type] <= 0)
continue;
if (first) {
printf("\thistogram by message type:\n");
first = 0;
}
printf("\t\t%s: %ju\n", pfkey_msgtype_names(type),
(uintmax_t)pfkeystat.out_msgtype[type]);
}
p(out_invlen, "\t%ju message%s with invalid length field\n");
p(out_invver, "\t%ju message%s with invalid version field\n");
p(out_invmsgtype, "\t%ju message%s with invalid message type field\n");
p(out_tooshort, "\t%ju message%s too short\n");
p(out_nomem, "\t%ju message%s with memory allocation failure\n");
p(out_dupext, "\t%ju message%s with duplicate extension\n");
p(out_invexttype, "\t%ju message%s with invalid extension type\n");
p(out_invsatype, "\t%ju message%s with invalid sa type\n");
p(out_invaddr, "\t%ju message%s with invalid address extension\n");
/* kernel -> userland */
p(in_total, "\t%ju request%s sent to userland\n");
p(in_bytes, "\t%ju byte%s sent to userland\n");
for (first = 1, type = 0;
type < sizeof(pfkeystat.in_msgtype)/sizeof(pfkeystat.in_msgtype[0]);
type++) {
if (pfkeystat.in_msgtype[type] <= 0)
continue;
if (first) {
printf("\thistogram by message type:\n");
first = 0;
}
printf("\t\t%s: %ju\n", pfkey_msgtype_names(type),
(uintmax_t)pfkeystat.in_msgtype[type]);
}
p(in_msgtarget[KEY_SENDUP_ONE],
"\t%ju message%s toward single socket\n");
p(in_msgtarget[KEY_SENDUP_ALL],
"\t%ju message%s toward all sockets\n");
p(in_msgtarget[KEY_SENDUP_REGISTERED],
"\t%ju message%s toward registered sockets\n");
p(in_nomem, "\t%ju message%s with memory allocation failure\n");
#undef p
}
#endif /* IPSEC */