Commit | Line | Data |
---|---|---|
342c141e A |
1 | /* |
2 | * Copyright (c) 2013-2014 Apple Inc. All rights reserved. | |
3 | * | |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ | |
5 | * | |
6 | * This file contains Original Code and/or Modifications of Original Code | |
7 | * as defined in and that are subject to the Apple Public Source License | |
8 | * Version 2.0 (the 'License'). You may not use this file except in | |
9 | * compliance with the License. The rights granted to you under the License | |
10 | * may not be used to create, or enable the creation or redistribution of, | |
11 | * unlawful or unlicensed copies of an Apple operating system, or to | |
12 | * circumvent, violate, or enable the circumvention or violation of, any | |
13 | * terms of an Apple operating system software license agreement. | |
14 | * | |
15 | * Please obtain a copy of the License at | |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. | |
17 | * | |
18 | * The Original Code and all software distributed under the License are | |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
23 | * Please see the License for the specific language governing rights and | |
24 | * limitations under the License. | |
25 | * | |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ | |
27 | */ | |
28 | ||
29 | #include <sys/errno.h> | |
30 | #include <sys/sysctl.h> | |
31 | #include <net/content_filter.h> | |
213b8c4f | 32 | #include <libproc.h> |
342c141e A |
33 | #include <stdio.h> |
34 | #include <stdlib.h> | |
35 | #include <err.h> | |
36 | #include <unistd.h> | |
37 | #include <string.h> | |
38 | ||
213b8c4f A |
39 | #define IPPROTOCOL_TCP 6 |
40 | #define IPPROTOCOL_UDP 17 | |
41 | ||
342c141e A |
42 | void |
43 | print_filter_list() | |
44 | { | |
45 | size_t total_len, curr_len; | |
46 | void *buffer = NULL; | |
47 | void *ptr; | |
48 | uint32_t line = 0; | |
49 | ||
50 | if (sysctlbyname("net.cfil.filter_list", NULL, &total_len, NULL, 0) == -1) | |
51 | err(1, "sysctlbyname(net.cfil.filter_list)"); | |
52 | ||
53 | buffer = malloc(total_len); | |
54 | if (buffer == NULL) | |
55 | err(1, "malloc()"); | |
56 | if (sysctlbyname("net.cfil.filter_list", buffer, &total_len, NULL, 0) == -1) | |
57 | err(1, "sysctlbyname(net.cfil.filter_list)"); | |
58 | ||
59 | ptr = buffer; | |
60 | curr_len = 0; | |
61 | do { | |
62 | struct cfil_filter_stat *filter_stat; | |
63 | ||
64 | filter_stat = (struct cfil_filter_stat *)ptr; | |
65 | ||
66 | if (curr_len + filter_stat->cfs_len > total_len || | |
67 | filter_stat->cfs_len < sizeof(struct cfil_filter_stat)) | |
68 | break; | |
69 | ||
70 | if (line % 16 == 0) | |
71 | printf("%10s %10s %10s %10s\n", | |
72 | "filter", "flags", "count", "necpunit"); | |
73 | ||
74 | printf("%10u 0x%08x %10u %10u\n", | |
75 | filter_stat->cfs_filter_id, | |
76 | filter_stat->cfs_flags, | |
77 | filter_stat->cfs_sock_count, | |
78 | filter_stat->cfs_necp_control_unit); | |
79 | ||
80 | ptr += filter_stat->cfs_len; | |
81 | curr_len += filter_stat->cfs_len; | |
82 | } while (1); | |
83 | ||
84 | free(buffer); | |
85 | } | |
86 | ||
87 | void | |
88 | sprint_offset(char *str, size_t len, const char *fmt, uint64_t offset) | |
89 | { | |
90 | if (offset == CFM_MAX_OFFSET) | |
91 | snprintf(str, len, "%s", "MAX"); | |
92 | else | |
93 | snprintf(str, len, fmt, offset); | |
94 | } | |
95 | ||
96 | void | |
97 | print_socket_list() | |
98 | { | |
99 | size_t total_len, curr_len; | |
100 | void *buffer = NULL; | |
101 | void *ptr; | |
102 | int i; | |
103 | ||
104 | if (sysctlbyname("net.cfil.sock_list", NULL, &total_len, NULL, 0) == -1) | |
105 | err(1, "sysctlbyname(net.cfil.sock_list)"); | |
106 | ||
107 | buffer = malloc(total_len); | |
108 | if (buffer == NULL) | |
109 | err(1, "malloc()"); | |
110 | if (sysctlbyname("net.cfil.sock_list", buffer, &total_len, NULL, 0) == -1) | |
111 | err(1, "sysctlbyname(net.cfil.sock_list)"); | |
112 | ||
113 | ptr = buffer; | |
114 | curr_len = 0; | |
115 | do { | |
116 | struct cfil_sock_stat *sock_stat; | |
117 | char opass[32]; | |
118 | char ipass[32]; | |
213b8c4f A |
119 | char namebuffer[256]; |
120 | char *procName = "<not found>"; | |
121 | ||
342c141e A |
122 | sock_stat = (struct cfil_sock_stat *)ptr; |
123 | ||
124 | if (curr_len + sock_stat->cfs_len > total_len || | |
125 | sock_stat->cfs_len < sizeof(struct cfil_sock_stat)) | |
126 | break; | |
127 | ||
213b8c4f A |
128 | if (proc_name(sock_stat->cfs_e_pid, namebuffer, sizeof(namebuffer)) > 0) { |
129 | procName = namebuffer; | |
130 | } | |
131 | ||
342c141e A |
132 | sprint_offset(opass, 32, "%8llu", sock_stat->cfs_snd.cbs_pass_offset); |
133 | sprint_offset(ipass, 32, "%8llu", sock_stat->cfs_rcv.cbs_pass_offset); | |
134 | ||
213b8c4f | 135 | printf("%16s %5s %10s " |
342c141e A |
136 | "%8s %8s %8s %8s %8s %8s %8s " |
137 | "%8s %8s %8s %8s %8s %8s %8s " | |
213b8c4f A |
138 | "%8s %8s %15s\n", |
139 | "sockid", "proto", "flags", | |
342c141e A |
140 | "ofirst", "olast", "oqlen", " ", "opass", " ", " ", |
141 | "ifirst", "ilast", "iqlen", " ", "ipass", " ", " ", | |
213b8c4f | 142 | "pid", "epid", "eprocname"); |
342c141e | 143 | |
213b8c4f | 144 | printf("%016llu %5s 0x%08llx " |
342c141e A |
145 | "%8llu %8llu %8llu %8s %8s %8s %8s " |
146 | "%8llu %8llu %8llu %8s %8s %8s %8s " | |
213b8c4f | 147 | "%8u %8u %15s\n", |
342c141e A |
148 | |
149 | sock_stat->cfs_sock_id, | |
213b8c4f | 150 | sock_stat->cfs_sock_protocol == IPPROTOCOL_TCP ? "TCP" : "UDP", |
342c141e A |
151 | sock_stat->cfs_flags, |
152 | ||
153 | sock_stat->cfs_snd.cbs_pending_first, | |
154 | sock_stat->cfs_snd.cbs_pending_last, | |
155 | sock_stat->cfs_snd.cbs_inject_q_len, | |
156 | " ", | |
157 | opass, | |
158 | " ", | |
159 | " ", | |
160 | ||
161 | sock_stat->cfs_rcv.cbs_pending_first, | |
162 | sock_stat->cfs_rcv.cbs_pending_last, | |
163 | sock_stat->cfs_rcv.cbs_inject_q_len, | |
164 | " ", | |
165 | ipass, | |
166 | " ", | |
167 | " ", | |
168 | sock_stat->cfs_pid, | |
213b8c4f A |
169 | sock_stat->cfs_e_pid, |
170 | procName); | |
171 | ||
342c141e A |
172 | |
173 | printf("%7s %10s %10s " | |
174 | "%8s %8s %8s %8s %8s %8s %8s " | |
175 | "%8s %8s %8s %8s %8s %8s %8s\n", | |
176 | " ", | |
177 | "filter", "flags", | |
178 | "octlfrst", "octllast", "opndfrst", "opndlast", "opass", "opked", "opeek", | |
179 | "ictlfrst", "ictllast", "ipndfrst", "ipndlast", "ipass", "ipked", "ipeek"); | |
180 | for (i = 0; i < CFIL_MAX_FILTER_COUNT; i++) { | |
181 | struct cfil_entry_stat *estat; | |
182 | char spass[32]; | |
183 | char speek[32]; | |
184 | char spked[32]; | |
185 | char rpass[32]; | |
186 | char rpeek[32]; | |
187 | char rpked[32]; | |
188 | ||
189 | estat = &sock_stat->ces_entries[i]; | |
190 | ||
191 | sprint_offset(spass, 32, "%8llu", estat->ces_snd.cbs_pass_offset); | |
192 | sprint_offset(speek, 32, "%8llu", estat->ces_snd.cbs_peek_offset); | |
193 | sprint_offset(spked, 32, "%8llu", estat->ces_snd.cbs_peeked); | |
194 | ||
195 | sprint_offset(rpass, 32, "%8llu", estat->ces_rcv.cbs_pass_offset); | |
196 | sprint_offset(rpeek, 32, "%8llu", estat->ces_rcv.cbs_peek_offset); | |
197 | sprint_offset(rpked, 32, "%8llu", estat->ces_rcv.cbs_peeked); | |
198 | ||
199 | printf("%7s %10u 0x%08x " | |
200 | "%8llu %8llu %8llu %8llu %8s %8s %8s " | |
201 | "%8llu %8llu %8llu %8llu %8s %8s %8s\n", | |
202 | ||
203 | " ", | |
204 | estat->ces_filter_id, | |
205 | estat->ces_flags, | |
206 | ||
207 | estat->ces_snd.cbs_ctl_first, | |
208 | estat->ces_snd.cbs_ctl_last, | |
209 | estat->ces_snd.cbs_pending_first, | |
210 | estat->ces_snd.cbs_pending_last, | |
211 | spass, | |
212 | spked, | |
213 | speek, | |
214 | ||
215 | estat->ces_rcv.cbs_ctl_first, | |
216 | estat->ces_rcv.cbs_ctl_last, | |
217 | estat->ces_rcv.cbs_pending_first, | |
218 | estat->ces_rcv.cbs_pending_last, | |
219 | rpass, | |
220 | rpked, | |
221 | rpeek); | |
222 | } | |
223 | ||
224 | ||
225 | ptr += sock_stat->cfs_len; | |
226 | curr_len += sock_stat->cfs_len; | |
227 | } while (1); | |
228 | ||
229 | free(buffer); | |
230 | } | |
231 | ||
232 | ||
233 | #define PR32(x) printf(#x " %u\n", stats-> x) | |
234 | #define PR64(x) printf(#x " %llu\n", stats-> x) | |
235 | void | |
236 | print_cfil_stats() | |
237 | { | |
238 | size_t len, alloc_len; | |
239 | void *buffer = NULL; | |
240 | struct cfil_stats *stats; | |
241 | ||
242 | if (sysctlbyname("net.cfil.stats", NULL, &len, NULL, 0) == -1) | |
243 | err(1, "sysctlbyname(net.cfil.stats)"); | |
244 | ||
245 | if (len < sizeof(struct cfil_stats)) | |
246 | alloc_len = sizeof(struct cfil_stats); | |
247 | else | |
248 | alloc_len = len; | |
249 | ||
250 | buffer = malloc(alloc_len); | |
251 | if (buffer == NULL) | |
252 | err(1, "malloc()"); | |
253 | if (sysctlbyname("net.cfil.stats", buffer, &len, NULL, 0) == -1) | |
254 | err(1, "sysctlbyname(net.cfil.stats)"); | |
255 | stats = (struct cfil_stats *)buffer; | |
256 | ||
257 | PR32(cfs_ctl_connect_ok); | |
258 | PR32(cfs_ctl_connect_fail); | |
259 | PR32(cfs_ctl_connect_ok); | |
260 | PR32(cfs_ctl_connect_fail); | |
261 | PR32(cfs_ctl_disconnect_ok); | |
262 | PR32(cfs_ctl_disconnect_fail); | |
263 | PR32(cfs_ctl_send_ok); | |
264 | PR32(cfs_ctl_send_bad); | |
265 | PR32(cfs_ctl_rcvd_ok); | |
266 | PR32(cfs_ctl_rcvd_bad); | |
267 | PR32(cfs_ctl_rcvd_flow_lift); | |
268 | PR32(cfs_ctl_action_data_update); | |
269 | PR32(cfs_ctl_action_drop); | |
270 | PR32(cfs_ctl_action_bad_op); | |
271 | PR32(cfs_ctl_action_bad_len); | |
272 | ||
273 | PR32(cfs_sock_id_not_found); | |
274 | ||
275 | PR32(cfs_cfi_alloc_ok); | |
276 | PR32(cfs_cfi_alloc_fail); | |
277 | ||
278 | PR32(cfs_sock_userspace_only); | |
279 | PR32(cfs_sock_attach_in_vain); | |
280 | PR32(cfs_sock_attach_already); | |
281 | PR32(cfs_sock_attach_no_mem); | |
282 | PR32(cfs_sock_attach_failed); | |
283 | PR32(cfs_sock_attached); | |
284 | PR32(cfs_sock_detached); | |
285 | ||
286 | PR32(cfs_attach_event_ok); | |
287 | PR32(cfs_attach_event_flow_control); | |
288 | PR32(cfs_attach_event_fail); | |
289 | ||
290 | PR32(cfs_closed_event_ok); | |
291 | PR32(cfs_closed_event_flow_control); | |
292 | PR32(cfs_closed_event_fail); | |
293 | ||
294 | PR32(cfs_data_event_ok); | |
295 | PR32(cfs_data_event_flow_control); | |
296 | PR32(cfs_data_event_fail); | |
297 | ||
298 | PR32(cfs_disconnect_in_event_ok); | |
299 | PR32(cfs_disconnect_out_event_ok); | |
300 | PR32(cfs_disconnect_event_flow_control); | |
301 | PR32(cfs_disconnect_event_fail); | |
302 | ||
303 | PR32(cfs_ctl_q_not_started); | |
304 | ||
305 | PR32(cfs_close_wait); | |
306 | PR32(cfs_close_wait_timeout); | |
307 | ||
308 | PR32(cfs_flush_in_drop); | |
309 | PR32(cfs_flush_out_drop); | |
310 | PR32(cfs_flush_in_close); | |
311 | PR32(cfs_flush_out_close); | |
312 | PR32(cfs_flush_in_free); | |
313 | PR32(cfs_flush_out_free); | |
314 | ||
315 | PR32(cfs_inject_q_nomem); | |
316 | PR32(cfs_inject_q_nobufs); | |
317 | PR32(cfs_inject_q_detached); | |
318 | PR32(cfs_inject_q_in_fail); | |
319 | PR32(cfs_inject_q_out_fail); | |
320 | ||
321 | PR32(cfs_inject_q_in_retry); | |
322 | PR32(cfs_inject_q_out_retry); | |
323 | ||
324 | PR32(cfs_data_in_control); | |
325 | PR32(cfs_data_in_oob); | |
326 | PR32(cfs_data_out_control); | |
327 | PR32(cfs_data_out_oob); | |
328 | ||
329 | PR64(cfs_ctl_q_in_enqueued); | |
330 | PR64(cfs_ctl_q_out_enqueued); | |
331 | PR64(cfs_ctl_q_in_peeked); | |
332 | PR64(cfs_ctl_q_out_peeked); | |
333 | ||
334 | PR64(cfs_pending_q_in_enqueued); | |
335 | PR64(cfs_pending_q_out_enqueued); | |
336 | ||
337 | PR64(cfs_inject_q_in_enqueued); | |
338 | PR64(cfs_inject_q_out_enqueued); | |
339 | PR64(cfs_inject_q_in_passed); | |
340 | PR64(cfs_inject_q_out_passed); | |
341 | } |