1 /* netstat.c - Display Linux networking subsystem.
2 *
3 * Copyright 2012 Ranjan Kumar <ranjankumar.bth@gmail.com>
4 * Copyright 2013 Kyungwan Han <asura321@gmail.com>
5 *
6 * Not in SUSv4.
7 *
8 USE_NETSTAT(NEWTOY(netstat, "pWrxwutneal", TOYFLAG_BIN))
9 config NETSTAT
10 bool "netstat"
11 default y
12 help
13 usage: netstat [-pWrxwutneal]
14
15 Display networking information. Default is netstat -tuwx
16
17 -r Routing table
18 -a All sockets (not just connected)
19 -l Listening server sockets
20 -t TCP sockets
21 -u UDP sockets
22 -w Raw sockets
23 -x Unix sockets
24 -e Extended info
25 -n Don't resolve names
26 -W Wide display
27 -p Show PID/program name of sockets
28 */
29
30 #define FOR_netstat
31 #include "toys.h"
32 #include <net/route.h>
33
GLOBALS(struct num_cache * inodes;int wpad;)34 GLOBALS(
35 struct num_cache *inodes;
36 int wpad;
37 )
38
39 static void addr2str(int af, void *addr, unsigned port, char *buf, int len,
40 char *proto)
41 {
42 char pres[INET6_ADDRSTRLEN];
43 struct servent *se = 0;
44 int pos, count;
45
46 if (!inet_ntop(af, addr, pres, sizeof(pres))) perror_exit("inet_ntop");
47
48 if (FLAG(n) || !port) {
49 strcpy(buf, pres);
50 } else {
51 struct addrinfo hints, *result, *rp;
52 char cut[4];
53
54 memset(&hints, 0, sizeof(struct addrinfo));
55 hints.ai_family = af;
56
57 if (!getaddrinfo(pres, NULL, &hints, &result)) {
58 socklen_t sock_len = (af == AF_INET) ? sizeof(struct sockaddr_in)
59 : sizeof(struct sockaddr_in6);
60
61 // We assume that a failing getnameinfo dosn't stomp "buf" here.
62 for (rp = result; rp; rp = rp->ai_next)
63 if (!getnameinfo(rp->ai_addr, sock_len, buf, 256, 0, 0, 0)) break;
64 freeaddrinfo(result);
65 buf[len] = 0;
66 }
67
68 // getservbyport() doesn't understand proto "tcp6", so truncate
69 memcpy(cut, proto, 3);
70 cut[3] = 0;
71 se = getservbyport(htons(port), cut);
72 }
73
74 if (!strcmp(buf, "::")) strcpy(buf, "[::]");
75
76 // Append :service or :* if port == 0.
77 if (se) {
78 count = snprintf(0, 0, ":%s", se->s_name);
79 // NI_MAXSERV == 32, which is greater than our minimum field width.
80 // (Although the longest service name on Debian in 2021 is only 16 bytes.)
81 if (count>=len) {
82 count = len-1;
83 se->s_name[count] = 0;
84 }
85 } else count = port ? snprintf(0, 0, ":%u", port) : 2;
86 // We always show the port, even if that means clobbering the end of the host.
87 pos = strlen(buf);
88 if (len-pos<count) pos = len-count;
89 if (se) sprintf(buf+pos, ":%s", se->s_name);
90 else sprintf(buf+pos, port ? ":%u" : ":*", port);
91 }
92
93 // Display info for tcp/udp/raw
show_ip(char * fname)94 static void show_ip(char *fname)
95 {
96 char *ss_state = "UNKNOWN", buf[12], *s, *label = strrchr(fname, '/')+1;
97 char *state_label[] = {"", "ESTABLISHED", "SYN_SENT", "SYN_RECV", "FIN_WAIT1",
98 "FIN_WAIT2", "TIME_WAIT", "CLOSE", "CLOSE_WAIT",
99 "LAST_ACK", "LISTEN", "CLOSING", "UNKNOWN"};
100 FILE *fp = xfopen(fname, "r");
101
102 // Skip header.
103 fgets(toybuf, sizeof(toybuf), fp);
104
105 while (fgets(toybuf, sizeof(toybuf), fp)) {
106 char lip[256], rip[256];
107 union {
108 struct {unsigned u; unsigned char b[4];} i4;
109 struct {struct {unsigned a, b, c, d;} u; unsigned char b[16];} i6;
110 } laddr, raddr;
111 unsigned lport, rport, state, txq, rxq, num, uid, af = AF_INET6;
112 unsigned long inode;
113
114 // Try ipv6, then try ipv4
115 if (16 != sscanf(toybuf,
116 " %d: %8x%8x%8x%8x:%x %8x%8x%8x%8x:%x %x %x:%x %*X:%*X %*X %d %*d %ld",
117 &num, &laddr.i6.u.a, &laddr.i6.u.b, &laddr.i6.u.c,
118 &laddr.i6.u.d, &lport, &raddr.i6.u.a, &raddr.i6.u.b,
119 &raddr.i6.u.c, &raddr.i6.u.d, &rport, &state, &txq, &rxq,
120 &uid, &inode))
121 {
122 af = AF_INET;
123 if (10 != sscanf(toybuf,
124 " %d: %x:%x %x:%x %x %x:%x %*X:%*X %*X %d %*d %ld",
125 &num, &laddr.i4.u, &lport, &raddr.i4.u, &rport, &state, &txq,
126 &rxq, &uid, &inode)) continue;
127 }
128
129 // Should we display this? (listening or all or TCP/UDP/RAW)
130 if (!(FLAG(l) && (!rport && (state&0xA))) && !FLAG(a) && !(rport&0x70))
131 continue;
132
133 addr2str(af, &laddr, lport, lip, TT.wpad, label);
134 addr2str(af, &raddr, rport, rip, TT.wpad, label);
135
136 // Display data
137 s = label;
138 if (strstart(&s, "tcp")) {
139 int sz = ARRAY_LEN(state_label);
140 if (!state || state >= sz) state = sz-1;
141 ss_state = state_label[state];
142 } else if (strstart(&s, "udp")) {
143 if (state == 1) ss_state = state_label[state];
144 else if (state == 7) ss_state = "";
145 } else if (strstart(&s, "raw")) sprintf(ss_state = buf, "%u", state);
146
147 printf("%-6s%6d%7d %*.*s %*.*s %-11s", label, rxq, txq, -TT.wpad, TT.wpad,
148 lip, -TT.wpad, TT.wpad, rip, ss_state);
149 if (FLAG(e)) {
150 if (FLAG(n)) sprintf(s = toybuf, "%d", uid);
151 else s = getusername(uid);
152 printf(" %-10s %-11ld", s, inode);
153 }
154 if (FLAG(p)) {
155 struct num_cache *nc = get_num_cache(TT.inodes, inode);
156
157 printf(" %s", nc ? nc->data : "-");
158 }
159 xputc('\n');
160 }
161 fclose(fp);
162 }
163
show_unix_sockets(void)164 static void show_unix_sockets(void)
165 {
166 char *types[] = {"","STREAM","DGRAM","RAW","RDM","SEQPACKET","DCCP","PACKET"},
167 *states[] = {"","LISTENING","CONNECTING","CONNECTED","DISCONNECTING"},
168 *filename = 0;
169 unsigned long refcount, flags, type, state, inode;
170 FILE *fp = xfopen("/proc/net/unix", "r");
171
172 // Skip header.
173 fgets(toybuf, sizeof(toybuf), fp);
174
175 while (fscanf(fp, "%*p: %lX %*X %lX %lX %lX %lu%m[^\n]", &refcount, &flags,
176 &type, &state, &inode, &filename) >= 5) {
177 // Linux exports only SO_ACCEPTCON since 2.3.15pre3 in 1999, but let's
178 // filter in case they add more someday.
179 flags &= 1<<16;
180
181 // Only show unconnected listening sockets with -a or -l.
182 if (state==1 && flags && !(FLAG(a) || FLAG(l))) continue;
183
184 if (type==10) type = 7; // move SOCK_PACKET into line
185 if (type>ARRAY_LEN(types)) type = 0;
186 if (state>ARRAY_LEN(states) || (state==1 && !flags)) state = 0;
187
188 if (state!=1 && FLAG(l)) continue;
189
190 sprintf(toybuf, "[ %s]", flags ? "ACC " : "");
191 printf("unix %-6ld %-11s %-10s %-13s %-8lu ",
192 refcount, toybuf, types[type], states[state], inode);
193 if (FLAG(p)) {
194 struct num_cache *nc = get_num_cache(TT.inodes, inode);
195
196 printf("%-19.19s ", nc ? nc->data : "-");
197 }
198
199 if (filename) {
200 printf("%s\n", filename+!FLAG(p));
201 free(filename);
202 filename = 0;
203 } else xputc('\n');
204 }
205 fclose(fp);
206 }
207
scan_pids(struct dirtree * node)208 static int scan_pids(struct dirtree *node)
209 {
210 char *s = toybuf+256;
211 struct dirent *entry;
212 DIR *dp;
213 int pid, dirfd;
214
215 if (!node->parent) return DIRTREE_RECURSE;
216 if (!(pid = atol(node->name))) return 0;
217
218 sprintf(toybuf, "/proc/%d/cmdline", pid);
219 if (!(readfile(toybuf, toybuf, 256))) return 0;
220
221 sprintf(s, "%d/fd", pid);
222 if (-1==(dirfd = openat(dirtree_parentfd(node), s, O_RDONLY))) return 0;
223 if (!(dp = fdopendir(dirfd))) close(dirfd);
224 else while ((entry = readdir(dp))) {
225 s = toybuf+256;
226 if (!readlinkat0(dirfd, entry->d_name, s, sizeof(toybuf)-256)) continue;
227 // Can the "[0000]:" happen in a modern kernel?
228 if (strstart(&s, "socket:[") || strstart(&s, "[0000]:")) {
229 long long ll = atoll(s);
230
231 sprintf(s, "%d/%s", pid, getbasename(toybuf));
232 add_num_cache(&TT.inodes, ll, s, strlen(s)+1);
233 }
234 }
235 closedir(dp);
236
237 return 0;
238 }
239
240 // extract inet4 route info from /proc/net/route file and display it.
display_routes(void)241 static void display_routes(void)
242 {
243 static const char flagchars[] = "GHRDMDAC";
244 static const unsigned flagarray[] = {
245 RTF_GATEWAY, RTF_HOST, RTF_REINSTATE, RTF_DYNAMIC, RTF_MODIFIED
246 };
247 unsigned dest, gate, mask;
248 int flags, ref, use, metric, mss, win, irtt;
249 char *out = toybuf, *flag_val;
250 char iface[64]={0};
251 FILE *fp = xfopen("/proc/net/route", "r");
252
253 // Skip header.
254 fgets(toybuf, sizeof(toybuf), fp);
255
256 printf("Kernel IP routing table\n"
257 "Destination\tGateway \tGenmask \tFlags %s Iface\n",
258 !FLAG(e) ? " MSS Window irtt" : "Metric Ref Use");
259
260 while (fscanf(fp, "%63s%x%x%X%d%d%d%x%d%d%d", iface, &dest, &gate, &flags,
261 &ref, &use, &metric, &mask, &mss, &win, &irtt) == 11) {
262 char *destip = 0, *gateip = 0, *maskip = 0;
263
264 // skip down interfaces.
265 if (!(flags & RTF_UP)) continue;
266
267 // TODO /proc/net/ipv6_route
268
269 if (dest) {
270 if (inet_ntop(AF_INET, &dest, out, 16)) destip = out;
271 } else destip = FLAG(n) ? "0.0.0.0" : "default";
272 out += 16;
273
274 if (gate) {
275 if (inet_ntop(AF_INET, &gate, out, 16)) gateip = out;
276 } else gateip = FLAG(n) ? "0.0.0.0" : "*";
277 out += 16;
278
279 // TODO /24
280 //For Mask
281 if (inet_ntop(AF_INET, &mask, out, 16)) maskip = out;
282 else maskip = "?";
283 out += 16;
284
285 //Get flag Values
286 flag_val = out;
287 *out++ = 'U';
288 for (dest = 0; dest < ARRAY_LEN(flagarray); dest++)
289 if (flags&flagarray[dest]) *out++ = flagchars[dest];
290 *out = 0;
291 if (flags & RTF_REJECT) *flag_val = '!';
292
293 printf("%-15.15s %-15.15s %-16s%-6s", destip, gateip, maskip, flag_val);
294 if (!FLAG(e)) printf("%5d %-5d %6d %s\n", mss, win, irtt, iface);
295 else printf("%-6d %-2d %7d %s\n", metric, ref, use, iface);
296 }
297 fclose(fp);
298 }
299
netstat_main(void)300 void netstat_main(void)
301 {
302 int tuwx = FLAG_t|FLAG_u|FLAG_w|FLAG_x;
303 char *type = "w/o servers";
304
305 TT.wpad = FLAG(W) ? 51 : 23;
306 if (!(toys.optflags&(FLAG_r|tuwx))) toys.optflags |= tuwx;
307 if (FLAG(r)) display_routes();
308 if (!(toys.optflags&tuwx)) return;
309
310 if (FLAG(a)) type = "servers and established";
311 else if (FLAG(l)) type = "only servers";
312
313 if (FLAG(p)) dirtree_read("/proc", scan_pids);
314
315 if (toys.optflags&(FLAG_t|FLAG_u|FLAG_w)) {
316 printf("Active Internet connections (%s)\n", type);
317 printf("Proto Recv-Q Send-Q %*s %*s State ", -TT.wpad, "Local Address",
318 -TT.wpad, "Foreign Address");
319 if (FLAG(e)) printf(" User Inode ");
320 if (FLAG(p)) printf(" PID/Program Name");
321 xputc('\n');
322
323 if (FLAG(t)) {
324 show_ip("/proc/net/tcp");
325 show_ip("/proc/net/tcp6");
326 }
327 if (FLAG(u)) {
328 show_ip("/proc/net/udp");
329 show_ip("/proc/net/udp6");
330 }
331 if (FLAG(w)) {
332 show_ip("/proc/net/raw");
333 show_ip("/proc/net/raw6");
334 }
335 }
336
337 if (FLAG(x)) {
338 printf("Active UNIX domain sockets (%s)\n", type);
339 printf("Proto RefCnt Flags Type State I-Node%sPath\n",
340 FLAG(p) ? " PID/Program Name " : " ");
341 show_unix_sockets();
342 }
343
344 if (FLAG(p) && CFG_TOYBOX_FREE) llist_traverse(TT.inodes, free);
345 toys.exitval = 0;
346 }
347