#include "defs.h" #include <netinet/in.h> #include <sys/socket.h> #include <arpa/inet.h> #include <linux/netlink.h> #include <linux/sock_diag.h> #include <linux/inet_diag.h> #include <linux/unix_diag.h> #include <linux/rtnetlink.h> #if !defined NETLINK_SOCK_DIAG && defined NETLINK_INET_DIAG # define NETLINK_SOCK_DIAG NETLINK_INET_DIAG #endif #include <sys/un.h> #ifndef UNIX_PATH_MAX # define UNIX_PATH_MAX sizeof(((struct sockaddr_un *) 0)->sun_path) #endif static bool inet_send_query(const int fd, const int family, const int proto) { struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK }; struct { struct nlmsghdr nlh; struct inet_diag_req_v2 idr; } req = { .nlh = { .nlmsg_len = sizeof(req), .nlmsg_type = SOCK_DIAG_BY_FAMILY, .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST }, .idr = { .sdiag_family = family, .sdiag_protocol = proto, .idiag_states = -1 } }; struct iovec iov = { .iov_base = &req, .iov_len = sizeof(req) }; struct msghdr msg = { .msg_name = (void*)&nladdr, .msg_namelen = sizeof(nladdr), .msg_iov = &iov, .msg_iovlen = 1 }; for (;;) { if (sendmsg(fd, &msg, 0) < 0) { if (errno == EINTR) continue; return false; } return true; } } static bool inet_parse_response(const char *proto_name, const void *data, int data_len, const unsigned long inode) { const struct inet_diag_msg *diag_msg = data; static const char zero_addr[sizeof(struct in6_addr)]; socklen_t addr_size, text_size; if (diag_msg->idiag_inode != inode) return false; switch(diag_msg->idiag_family) { case AF_INET: addr_size = sizeof(struct in_addr); text_size = INET_ADDRSTRLEN; break; case AF_INET6: addr_size = sizeof(struct in6_addr); text_size = INET6_ADDRSTRLEN; break; default: return false; } char src_buf[text_size]; if (!inet_ntop(diag_msg->idiag_family, diag_msg->id.idiag_src, src_buf, text_size)) return false; if (diag_msg->id.idiag_dport || memcmp(zero_addr, diag_msg->id.idiag_dst, addr_size)) { char dst_buf[text_size]; if (!inet_ntop(diag_msg->idiag_family, diag_msg->id.idiag_dst, dst_buf, text_size)) return false; tprintf("%s:[%s:%u->%s:%u]", proto_name, src_buf, ntohs(diag_msg->id.idiag_sport), dst_buf, ntohs(diag_msg->id.idiag_dport)); } else { tprintf("%s:[%s:%u]", proto_name, src_buf, ntohs(diag_msg->id.idiag_sport)); } return true; } static bool receive_responses(const int fd, const unsigned long inode, const char *proto_name, bool (* parser) (const char *, const void *, int, const unsigned long)) { static long buf[8192 / sizeof(long)]; struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK }; struct iovec iov = { .iov_base = buf, .iov_len = sizeof(buf) }; for (;;) { ssize_t ret; struct nlmsghdr *h; struct msghdr msg = { .msg_name = (void*)&nladdr, .msg_namelen = sizeof(nladdr), .msg_iov = &iov, .msg_iovlen = 1 }; ret = recvmsg(fd, &msg, 0); if (ret < 0) { if (errno == EINTR) continue; return false; } if (!ret) return false; for (h = (struct nlmsghdr*)buf; NLMSG_OK(h, ret); h = NLMSG_NEXT(h, ret)) { switch (h->nlmsg_type) { case NLMSG_DONE: case NLMSG_ERROR: return false; } if (parser(proto_name, NLMSG_DATA(h), h->nlmsg_len, inode)) return true; } } } static bool inet_print(const int fd, const int family, const int protocol, const unsigned long inode, const char *proto_name) { return inet_send_query(fd, family, protocol) && receive_responses(fd, inode, proto_name, inet_parse_response); } static bool unix_send_query(const int fd, const unsigned long inode) { struct sockaddr_nl nladdr = { .nl_family = AF_NETLINK }; struct { struct nlmsghdr nlh; struct unix_diag_req udr; } req = { .nlh = { .nlmsg_len = sizeof(req), .nlmsg_type = SOCK_DIAG_BY_FAMILY, .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST }, .udr = { .sdiag_family = AF_UNIX, .udiag_ino = inode, .udiag_states = -1, .udiag_show = UDIAG_SHOW_NAME | UDIAG_SHOW_PEER } }; struct iovec iov = { .iov_base = &req, .iov_len = sizeof(req) }; struct msghdr msg = { .msg_name = (void*)&nladdr, .msg_namelen = sizeof(nladdr), .msg_iov = &iov, .msg_iovlen = 1 }; for (;;) { if (sendmsg(fd, &msg, 0) < 0) { if (errno == EINTR) continue; return false; } return true; } } static bool unix_parse_response(const char *proto_name, const void *data, int data_len, const unsigned long inode) { const struct unix_diag_msg *diag_msg = data; struct rtattr *attr; int rta_len = data_len - NLMSG_LENGTH(sizeof(*diag_msg)); uint32_t peer = 0; size_t path_len = 0; char path[UNIX_PATH_MAX + 1]; if (diag_msg->udiag_ino != inode) return false; if (diag_msg->udiag_family != AF_UNIX) return false; for (attr = (struct rtattr *) (diag_msg + 1); RTA_OK(attr, rta_len); attr = RTA_NEXT(attr, rta_len)) { switch (attr->rta_type) { case UNIX_DIAG_NAME: if (!path_len) { path_len = RTA_PAYLOAD(attr); if (path_len > UNIX_PATH_MAX) path_len = UNIX_PATH_MAX; memcpy(path, RTA_DATA(attr), path_len); path[path_len] = '\0'; } break; case UNIX_DIAG_PEER: if (RTA_PAYLOAD(attr) >= 4) peer = *(uint32_t *)RTA_DATA(attr); break; } } /* * print obtained information in the following format: * "UNIX:[" SELF_INODE [ "->" PEER_INODE ][ "," SOCKET_FILE ] "]" */ if (peer || path_len) { tprintf("%s:[%lu", proto_name, inode); if (peer) tprintf("->%u", peer); if (path_len) { if (path[0] == '\0') { tprints(",@"); print_quoted_string(path + 1, path_len, QUOTE_0_TERMINATED); } else { tprints(","); print_quoted_string(path, path_len + 1, QUOTE_0_TERMINATED); } } tprints("]"); return true; } else return false; } static bool unix_print(int fd, const unsigned long inode) { return unix_send_query(fd, inode) && receive_responses(fd, inode, "UNIX", unix_parse_response); } /* Given an inode number of a socket, print out the details * of the ip address and port. */ bool print_sockaddr_by_inode(const unsigned long inode, const char *proto_name) { int fd; bool r = false; fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_SOCK_DIAG); if (fd < 0) return false; if (proto_name) { if (strcmp(proto_name, "TCP") == 0) r = inet_print(fd, AF_INET, IPPROTO_TCP, inode, "TCP"); else if (strcmp(proto_name, "UDP") == 0) r = inet_print(fd, AF_INET, IPPROTO_UDP, inode, "UDP"); else if (strcmp(proto_name, "TCPv6") == 0) r = inet_print(fd, AF_INET6, IPPROTO_TCP, inode, "TCPv6"); else if (strcmp(proto_name, "UDPv6") == 0) r = inet_print(fd, AF_INET6, IPPROTO_UDP, inode, "UDPv6"); else if (strcmp(proto_name, "UNIX") == 0) r = unix_print(fd, inode); } else { const struct { const int family; const int protocol; const char *name; } protocols[] = { { AF_INET, IPPROTO_TCP, "TCP" }, { AF_INET, IPPROTO_UDP, "UDP" }, { AF_INET6, IPPROTO_TCP, "TCPv6" }, { AF_INET6, IPPROTO_UDP, "UDPv6" } }; size_t i; for (i = 0; i < ARRAY_SIZE(protocols); ++i) { if ((r = inet_print(fd, protocols[i].family, protocols[i].protocol, inode, protocols[i].name))) break; } } close(fd); return r; }