11eaf0ac3Slogwang /*-
2*22ce4affSfengbojiang * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3*22ce4affSfengbojiang *
41eaf0ac3Slogwang * Copyright (c) 2005 Christian S.J. Peron
51eaf0ac3Slogwang * All rights reserved.
61eaf0ac3Slogwang *
71eaf0ac3Slogwang * Redistribution and use in source and binary forms, with or without
81eaf0ac3Slogwang * modification, are permitted provided that the following conditions
91eaf0ac3Slogwang * are met:
101eaf0ac3Slogwang * 1. Redistributions of source code must retain the above copyright
111eaf0ac3Slogwang * notice, this list of conditions and the following disclaimer.
121eaf0ac3Slogwang * 2. Redistributions in binary form must reproduce the above copyright
131eaf0ac3Slogwang * notice, this list of conditions and the following disclaimer in the
141eaf0ac3Slogwang * documentation and/or other materials provided with the distribution.
151eaf0ac3Slogwang *
161eaf0ac3Slogwang * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
171eaf0ac3Slogwang * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
181eaf0ac3Slogwang * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
191eaf0ac3Slogwang * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
201eaf0ac3Slogwang * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
211eaf0ac3Slogwang * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
221eaf0ac3Slogwang * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
231eaf0ac3Slogwang * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
241eaf0ac3Slogwang * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
251eaf0ac3Slogwang * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
261eaf0ac3Slogwang * SUCH DAMAGE.
271eaf0ac3Slogwang */
281eaf0ac3Slogwang
291eaf0ac3Slogwang #include <sys/cdefs.h>
301eaf0ac3Slogwang __FBSDID("$FreeBSD$");
311eaf0ac3Slogwang
321eaf0ac3Slogwang #include <sys/types.h>
331eaf0ac3Slogwang #include <sys/protosw.h>
341eaf0ac3Slogwang #include <sys/socket.h>
351eaf0ac3Slogwang #include <sys/socketvar.h>
361eaf0ac3Slogwang #include <sys/sysctl.h>
371eaf0ac3Slogwang #include <sys/param.h>
381eaf0ac3Slogwang #include <sys/user.h>
391eaf0ac3Slogwang
401eaf0ac3Slogwang #include <net/if.h>
411eaf0ac3Slogwang #include <net/bpf.h>
421eaf0ac3Slogwang #include <net/bpfdesc.h>
431eaf0ac3Slogwang #include <arpa/inet.h>
441eaf0ac3Slogwang
451eaf0ac3Slogwang #include <err.h>
461eaf0ac3Slogwang #include <errno.h>
471eaf0ac3Slogwang #include <stdint.h>
481eaf0ac3Slogwang #include <stdio.h>
491eaf0ac3Slogwang #include <stdlib.h>
501eaf0ac3Slogwang #include <stdbool.h>
511eaf0ac3Slogwang #include <string.h>
521eaf0ac3Slogwang #include <unistd.h>
531eaf0ac3Slogwang #include <libxo/xo.h>
541eaf0ac3Slogwang
551eaf0ac3Slogwang #include "netstat.h"
561eaf0ac3Slogwang
571eaf0ac3Slogwang /* print bpf stats */
581eaf0ac3Slogwang
591eaf0ac3Slogwang static char *
bpf_pidname(pid_t pid)601eaf0ac3Slogwang bpf_pidname(pid_t pid)
611eaf0ac3Slogwang {
621eaf0ac3Slogwang struct kinfo_proc newkp;
631eaf0ac3Slogwang int error, mib[4];
641eaf0ac3Slogwang size_t size;
651eaf0ac3Slogwang
661eaf0ac3Slogwang mib[0] = CTL_KERN;
671eaf0ac3Slogwang mib[1] = KERN_PROC;
681eaf0ac3Slogwang mib[2] = KERN_PROC_PID;
691eaf0ac3Slogwang mib[3] = pid;
701eaf0ac3Slogwang size = sizeof(newkp);
711eaf0ac3Slogwang error = sysctl(mib, 4, &newkp, &size, NULL, 0);
721eaf0ac3Slogwang if (error < 0) {
731eaf0ac3Slogwang xo_warn("kern.proc.pid failed");
741eaf0ac3Slogwang return (strdup("??????"));
751eaf0ac3Slogwang }
761eaf0ac3Slogwang return (strdup(newkp.ki_comm));
771eaf0ac3Slogwang }
781eaf0ac3Slogwang
791eaf0ac3Slogwang static void
bpf_flags(struct xbpf_d * bd,char * flagbuf)801eaf0ac3Slogwang bpf_flags(struct xbpf_d *bd, char *flagbuf)
811eaf0ac3Slogwang {
821eaf0ac3Slogwang
831eaf0ac3Slogwang *flagbuf++ = bd->bd_promisc ? 'p' : '-';
841eaf0ac3Slogwang *flagbuf++ = bd->bd_immediate ? 'i' : '-';
851eaf0ac3Slogwang *flagbuf++ = bd->bd_hdrcmplt ? '-' : 'f';
861eaf0ac3Slogwang *flagbuf++ = (bd->bd_direction == BPF_D_IN) ? '-' :
871eaf0ac3Slogwang ((bd->bd_direction == BPF_D_OUT) ? 'o' : 's');
881eaf0ac3Slogwang *flagbuf++ = bd->bd_feedback ? 'b' : '-';
891eaf0ac3Slogwang *flagbuf++ = bd->bd_async ? 'a' : '-';
901eaf0ac3Slogwang *flagbuf++ = bd->bd_locked ? 'l' : '-';
911eaf0ac3Slogwang *flagbuf++ = '\0';
921eaf0ac3Slogwang
931eaf0ac3Slogwang if (bd->bd_promisc)
941eaf0ac3Slogwang xo_emit("{e:promiscuous/}");
951eaf0ac3Slogwang if (bd->bd_immediate)
961eaf0ac3Slogwang xo_emit("{e:immediate/}");
971eaf0ac3Slogwang if (bd->bd_hdrcmplt)
981eaf0ac3Slogwang xo_emit("{e:header-complete/}");
991eaf0ac3Slogwang xo_emit("{e:direction}", (bd->bd_direction == BPF_D_IN) ? "input" :
1001eaf0ac3Slogwang (bd->bd_direction == BPF_D_OUT) ? "output" : "bidirectional");
1011eaf0ac3Slogwang if (bd->bd_feedback)
1021eaf0ac3Slogwang xo_emit("{e:feedback/}");
1031eaf0ac3Slogwang if (bd->bd_async)
1041eaf0ac3Slogwang xo_emit("{e:async/}");
1051eaf0ac3Slogwang if (bd->bd_locked)
1061eaf0ac3Slogwang xo_emit("{e:locked/}");
1071eaf0ac3Slogwang }
1081eaf0ac3Slogwang
1091eaf0ac3Slogwang void
bpf_stats(char * ifname)1101eaf0ac3Slogwang bpf_stats(char *ifname)
1111eaf0ac3Slogwang {
1121eaf0ac3Slogwang struct xbpf_d *d, *bd, zerostat;
1131eaf0ac3Slogwang char *pname, flagbuf[12];
1141eaf0ac3Slogwang size_t size;
1151eaf0ac3Slogwang
1161eaf0ac3Slogwang if (zflag) {
1171eaf0ac3Slogwang bzero(&zerostat, sizeof(zerostat));
1181eaf0ac3Slogwang if (sysctlbyname("net.bpf.stats", NULL, NULL,
1191eaf0ac3Slogwang &zerostat, sizeof(zerostat)) < 0)
1201eaf0ac3Slogwang xo_warn("failed to zero bpf counters");
1211eaf0ac3Slogwang return;
1221eaf0ac3Slogwang }
1231eaf0ac3Slogwang if (sysctlbyname("net.bpf.stats", NULL, &size,
1241eaf0ac3Slogwang NULL, 0) < 0) {
1251eaf0ac3Slogwang xo_warn("net.bpf.stats");
1261eaf0ac3Slogwang return;
1271eaf0ac3Slogwang }
1281eaf0ac3Slogwang if (size == 0)
1291eaf0ac3Slogwang return;
1301eaf0ac3Slogwang bd = malloc(size);
1311eaf0ac3Slogwang if (bd == NULL) {
1321eaf0ac3Slogwang xo_warn("malloc failed");
1331eaf0ac3Slogwang return;
1341eaf0ac3Slogwang }
1351eaf0ac3Slogwang if (sysctlbyname("net.bpf.stats", bd, &size,
1361eaf0ac3Slogwang NULL, 0) < 0) {
1371eaf0ac3Slogwang xo_warn("net.bpf.stats");
1381eaf0ac3Slogwang free(bd);
1391eaf0ac3Slogwang return;
1401eaf0ac3Slogwang }
1411eaf0ac3Slogwang xo_emit("{T:/%5s} {T:/%6s} {T:/%7s} {T:/%9s} {T:/%9s} {T:/%9s} "
1421eaf0ac3Slogwang "{T:/%5s} {T:/%5s} {T:/%s}\n",
1431eaf0ac3Slogwang "Pid", "Netif", "Flags", "Recv", "Drop", "Match",
1441eaf0ac3Slogwang "Sblen", "Hblen", "Command");
1451eaf0ac3Slogwang xo_open_container("bpf-statistics");
1461eaf0ac3Slogwang xo_open_list("bpf-entry");
1471eaf0ac3Slogwang for (d = &bd[0]; d < &bd[size / sizeof(*d)]; d++) {
1481eaf0ac3Slogwang if (d->bd_structsize != sizeof(*d)) {
1491eaf0ac3Slogwang xo_warnx("bpf_stats_extended: version mismatch");
1501eaf0ac3Slogwang return;
1511eaf0ac3Slogwang }
1521eaf0ac3Slogwang if (ifname && strcmp(ifname, d->bd_ifname) != 0)
1531eaf0ac3Slogwang continue;
1541eaf0ac3Slogwang xo_open_instance("bpf-entry");
1551eaf0ac3Slogwang pname = bpf_pidname(d->bd_pid);
1561eaf0ac3Slogwang xo_emit("{k:pid/%5d} {k:interface-name/%6s} ",
1571eaf0ac3Slogwang d->bd_pid, d->bd_ifname);
1581eaf0ac3Slogwang bpf_flags(d, flagbuf);
1591eaf0ac3Slogwang xo_emit("{d:flags/%7s} {:received-packets/%9ju} "
1601eaf0ac3Slogwang "{:dropped-packets/%9ju} {:filter-packets/%9ju} "
1611eaf0ac3Slogwang "{:store-buffer-length/%5d} {:hold-buffer-length/%5d} "
1621eaf0ac3Slogwang "{:process/%s}\n",
1631eaf0ac3Slogwang flagbuf, (uintmax_t)d->bd_rcount, (uintmax_t)d->bd_dcount,
1641eaf0ac3Slogwang (uintmax_t)d->bd_fcount, d->bd_slen, d->bd_hlen, pname);
1651eaf0ac3Slogwang free(pname);
1661eaf0ac3Slogwang xo_close_instance("bpf-entry");
1671eaf0ac3Slogwang }
1681eaf0ac3Slogwang xo_close_list("bpf-entry");
1691eaf0ac3Slogwang xo_close_container("bpf-statistics");
1701eaf0ac3Slogwang free(bd);
1711eaf0ac3Slogwang }
172