mirror of https://github.com/tailscale/tailscale/
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
179 lines
4.1 KiB
Go
179 lines
4.1 KiB
Go
4 years ago
|
// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
|
||
|
// Use of this source code is governed by a BSD-style
|
||
|
// license that can be found in the LICENSE file.
|
||
|
|
||
|
// Package netstat returns the local machine's network connection table.
|
||
|
package netstat
|
||
|
|
||
|
import (
|
||
|
"encoding/binary"
|
||
|
"errors"
|
||
|
"fmt"
|
||
|
"syscall"
|
||
|
"unsafe"
|
||
|
|
||
|
"golang.org/x/sys/windows"
|
||
|
"inet.af/netaddr"
|
||
|
)
|
||
|
|
||
|
// See https://docs.microsoft.com/en-us/windows/win32/api/iphlpapi/nf-iphlpapi-getextendedtcptable
|
||
|
|
||
|
// TCP_TABLE_OWNER_PID_ALL means to include the PID info. The table type
|
||
|
// we get back from Windows depends on AF_INET vs AF_INET6:
|
||
|
// MIB_TCPTABLE_OWNER_PID for v4 or MIB_TCP6TABLE_OWNER_PID for v6.
|
||
|
const tcpTableOwnerPidAll = 5
|
||
|
|
||
|
var (
|
||
|
iphlpapi = syscall.NewLazyDLL("iphlpapi.dll")
|
||
|
getTCPTable = iphlpapi.NewProc("GetExtendedTcpTable")
|
||
|
// TODO: GetExtendedUdpTable also? if/when needed.
|
||
|
)
|
||
|
|
||
|
type _MIB_TCPROW_OWNER_PID struct {
|
||
|
state uint32
|
||
|
localAddr uint32
|
||
|
localPort uint32
|
||
|
remoteAddr uint32
|
||
|
remotePort uint32
|
||
|
pid uint32
|
||
|
}
|
||
|
|
||
|
type _MIB_TCP6ROW_OWNER_PID struct {
|
||
|
localAddr [16]byte
|
||
|
localScope uint32
|
||
|
localPort uint32
|
||
|
remoteAddr [16]byte
|
||
|
remoteScope uint32
|
||
|
remotePort uint32
|
||
|
state uint32
|
||
|
pid uint32
|
||
|
}
|
||
|
|
||
|
func get() (*Table, error) {
|
||
|
t := new(Table)
|
||
|
if err := t.addEntries(windows.AF_INET); err != nil {
|
||
|
return nil, fmt.Errorf("failed to get IPv4 entries: %w", err)
|
||
|
}
|
||
|
if err := t.addEntries(windows.AF_INET6); err != nil {
|
||
|
return nil, fmt.Errorf("failed to get IPv6 entries: %w", err)
|
||
|
}
|
||
|
return t, nil
|
||
|
}
|
||
|
|
||
|
func (t *Table) addEntries(fam int) error {
|
||
|
var size uint32
|
||
|
var addr unsafe.Pointer
|
||
|
var buf []byte
|
||
|
for {
|
||
|
err, _, _ := getTCPTable.Call(
|
||
|
uintptr(addr),
|
||
|
uintptr(unsafe.Pointer(&size)),
|
||
|
1, // sorted
|
||
|
uintptr(fam),
|
||
|
tcpTableOwnerPidAll,
|
||
|
0, // reserved; "must be zero"
|
||
|
)
|
||
|
if err == 0 {
|
||
|
break
|
||
|
}
|
||
|
if err == uintptr(syscall.ERROR_INSUFFICIENT_BUFFER) {
|
||
|
const maxSize = 10 << 20
|
||
|
if size > maxSize || size < 4 {
|
||
|
return fmt.Errorf("unreasonable kernel-reported size %d", size)
|
||
|
}
|
||
|
buf = make([]byte, size)
|
||
|
addr = unsafe.Pointer(&buf[0])
|
||
|
continue
|
||
|
}
|
||
|
return syscall.Errno(err)
|
||
|
}
|
||
|
if len(buf) < int(size) {
|
||
|
return errors.New("unexpected size growth from system call")
|
||
|
}
|
||
|
buf = buf[:size]
|
||
|
|
||
|
numEntries := *(*uint32)(unsafe.Pointer(&buf[0]))
|
||
|
buf = buf[4:]
|
||
|
|
||
|
var recSize int
|
||
|
switch fam {
|
||
|
case windows.AF_INET:
|
||
|
recSize = 6 * 4
|
||
|
case windows.AF_INET6:
|
||
|
recSize = 6*4 + 16*2
|
||
|
}
|
||
|
dataLen := numEntries * uint32(recSize)
|
||
|
if uint32(len(buf)) > dataLen {
|
||
|
buf = buf[:dataLen]
|
||
|
}
|
||
|
for len(buf) >= recSize {
|
||
|
switch fam {
|
||
|
case windows.AF_INET:
|
||
|
row := (*_MIB_TCPROW_OWNER_PID)(unsafe.Pointer(&buf[0]))
|
||
|
t.Entries = append(t.Entries, Entry{
|
||
|
Local: ipport4(row.localAddr, port(&row.localPort)),
|
||
|
Remote: ipport4(row.remoteAddr, port(&row.remotePort)),
|
||
|
Pid: int(row.pid),
|
||
|
State: state(row.state),
|
||
|
})
|
||
|
case windows.AF_INET6:
|
||
|
row := (*_MIB_TCP6ROW_OWNER_PID)(unsafe.Pointer(&buf[0]))
|
||
|
t.Entries = append(t.Entries, Entry{
|
||
|
Local: ipport6(row.localAddr, row.localScope, port(&row.localPort)),
|
||
|
Remote: ipport6(row.remoteAddr, row.remoteScope, port(&row.remotePort)),
|
||
|
Pid: int(row.pid),
|
||
|
State: state(row.state),
|
||
|
})
|
||
|
}
|
||
|
buf = buf[recSize:]
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
var states = []string{
|
||
|
"",
|
||
|
"CLOSED",
|
||
|
"LISTEN",
|
||
|
"SYN-SENT",
|
||
|
"SYN-RECEIVED",
|
||
|
"ESTABLISHED",
|
||
|
"FIN-WAIT-1",
|
||
|
"FIN-WAIT-2",
|
||
|
"CLOSE-WAIT",
|
||
|
"CLOSING",
|
||
|
"LAST-ACK",
|
||
|
"DELETE-TCB",
|
||
|
}
|
||
|
|
||
|
func state(v uint32) string {
|
||
|
if v < uint32(len(states)) {
|
||
|
return states[v]
|
||
|
}
|
||
|
return fmt.Sprintf("unknown-state-%d", v)
|
||
|
}
|
||
|
|
||
|
func ipport4(addr uint32, port uint16) netaddr.IPPort {
|
||
|
a4 := (*[4]byte)(unsafe.Pointer(&addr))
|
||
|
return netaddr.IPPort{
|
||
|
IP: netaddr.IPv4(a4[0], a4[1], a4[2], a4[3]),
|
||
|
Port: port,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func ipport6(addr [16]byte, scope uint32, port uint16) netaddr.IPPort {
|
||
|
ip := netaddr.IPFrom16(addr)
|
||
|
if scope != 0 {
|
||
|
// TODO: something better here?
|
||
|
ip = ip.WithZone(fmt.Sprint(scope))
|
||
|
}
|
||
|
return netaddr.IPPort{
|
||
|
IP: ip,
|
||
|
Port: port,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func port(v *uint32) uint16 {
|
||
|
p := (*[4]byte)(unsafe.Pointer(v))
|
||
|
return binary.BigEndian.Uint16(p[:2])
|
||
|
}
|