[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

netstat inet.c inetprint()



Hi,

when an rpc service dynamically allocates a known port, the following
can happen:

$ netstat -a | grep ^udp
udp        0      0  localhost.2323         *.*
udp        0      0  xxxxx.xxxxx.xxxx.domai *.*
udp        0      0  localhost.domain       *.*
udp        0      0  xxxxx.xxxxx.xxxx.netbi *.*
udp        0      0  xxxxx.xxxxx.xxxx.netbi *.*
udp        0      0  *.netbios-             *.*
udp        0      0  *.netbios-             *.*
udp        0      0  *.bootps               *.*
udp        0      0  *.695[nlockmgr]        *.*
udp        0      0  *.nfsd                 *.*
udp        0      0  *.imaps                *.*
udp        0      0  localhost.sunrpc       *.*
udp        0      0  *.sunrpc               *.*
udp        0      0  *.syslog               *.*
$ grep imaps /etc/services
imaps           993/tcp                         # imap4 protocol over TLS/SSL
imaps           993/udp                         # imap4 protocol over TLS/SSL
$ fstat | grep 993
root     mountd     12895    3* internet dgram udp *:993
$

There is no imap service running, as you can see mountd uses port 993.

The following patch against -current changes this behavior. I haven't
tested it well, and i cannot even say that it is 100% correct, but it
does the job for me.

--- usr.bin/netstat/inet.c.orig Thu Jan  2 16:30:28 2003
+++ usr.bin/netstat/inet.c      Thu Jan  2 17:48:00 2003
@@ -625,17 +625,17 @@
        snprintf(line, sizeof line, "%.*s.", (Aflag && !nflag) ? 12 : 16,
            inetname(in));
        cp = strchr(line, '\0');
        if (!nflag && port)
                sp = getservbyport((int)port, proto);
-       if (sp || port == 0)
-               snprintf(cp, line + sizeof line - cp, "%.8s",
-                   sp ? sp->s_name : "*");
-       else if (local && !nflag && (nam = getrpcportnam(ntohs(port),
+       if (local && !nflag && (nam = getrpcportnam(ntohs(port),
            (strcmp(proto, "tcp") == 0 ? IPPROTO_TCP : IPPROTO_UDP))))
                snprintf(cp, line + sizeof line - cp, "%d[%.8s]",
                    ntohs(port), nam);
+       else if (sp || port == 0)
+               snprintf(cp, line + sizeof line - cp, "%.8s",
+               sp ? sp->s_name : "*");
        else
                snprintf(cp, line + sizeof line - cp, "%d", ntohs(port));
        width = Aflag ? 18 : 22;
        printf(" %-*.*s", width, width, line);
 }

Now the output now looks like this:

$ netstat2 -a | grep ^udp
udp        0      0  localhost.2323         *.*
udp        0      0  kenny.lopht.spoi.domai *.*
udp        0      0  localhost.domain       *.*
udp        0      0  kenny.lopht.spoi.netbi *.*
udp        0      0  kenny.lopht.spoi.netbi *.*
udp        0      0  *.netbios-             *.*
udp        0      0  *.netbios-             *.*
udp        0      0  *.bootps               *.*
udp        0      0  *.695[nlockmgr]        *.*
udp        0      0  *.2049[nfs]            *.*
udp        0      0  *.993[mountd]          *.*
udp        0      0  localhost.111[portmapp *.*
udp        0      0  *.111[portmapp]        *.*
udp        0      0  *.syslog               *.*
$

Caveat: Do to the patch the servicename returned by getrpcportnam()
	takes precedence over the name returned by getservbyport().
	So 'sunrpc' is now displayed as '[portmapp]', as in:
	
	$ rpcinfo -p 127.0.0.1
	   program vers proto   port
	    100000    2   tcp    111  portmapper
	    100000    2   udp    111  portmapper
	    100005    1   udp    993  mountd
	    100005    3   udp    993  mountd
	    100005    1   tcp    816  mountd
	    100005    3   tcp    816  mountd
	    100003    2   udp   2049  nfs
	    100003    3   udp   2049  nfs
	    100003    2   tcp   2049  nfs
	    100003    3   tcp   2049  nfs
	    100021    1   udp    695  nlockmgr
	    100021    3   udp    695  nlockmgr
	    100021    1   tcp    691  nlockmgr
	    100021    3   tcp    691  nlockmgr
	$
	
	I personally think this is an advantage, but YMMV.

PS: Happy new year!

regards...
fabian