Skip to content

Netstat:Example:C

netstat의 c 예제.

Source code

#include <stdio.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <string.h>
#include <sys/socket.h>
#include <unistd.h>
#include <stdlib.h>
#include <pwd.h>

const char *TCPFILE = "/proc/net/tcp";
const char *FORMAT ="%s%s%s%s%s%s%s%s%s%s";
static char states[16][20] = { "UNKNOWN" ,"ESTABLISHED", "SYN_SENT", "SYN_RECV", "FIN_WAIT1", "FIN_WAIT2", "TIME_WAIT", "CLOSE", 
"CLOSE_WAIT", "LAST_ACK", "LISTEN", "CLOSING", "MAX_STATES"};

struct netinfo
{
  FILE *tcpfp;
  char localaddr[24];
  char localport[16];
  char remaddr[24];
  char remport[16];
  char stat[16];
  int  txq;
  int  rxq;
  int   uid;
  int  idx;
  char uname[24];
};

typedef struct netinfo TCPINFO;

TCPINFO *nsopen()
{
  TCPINFO *ltcpinfo;
  if(access(TCPFILE,F_OK) !=0)
  {
    perror("ACCESS Error");
    return (TCPINFO *)NULL; 
  }
  ltcpinfo = (TCPINFO *)malloc(sizeof(*ltcpinfo)); 
  memset((void *)ltcpinfo, 0x00, sizeof(*ltcpinfo));

  ltcpinfo->tcpfp = NULL;
  ltcpinfo->tcpfp = fopen(TCPFILE, "r");
  if (ltcpinfo == NULL)
  {
    perror("ACCESS Error");
    free(ltcpinfo);
    return (TCPINFO *)NULL;
  }
  ltcpinfo->uid = -1;
  ltcpinfo->idx = 0;

  return ltcpinfo;
}

void nsclose(TCPINFO *tf)
{
  if (tf->tcpfp == NULL)
    fclose(tf->tcpfp);
  free(tf);
}

char *getuname(char *uname, int uid, int size)
{
  struct passwd *pass_info = NULL;
  while((pass_info = getpwent()) != NULL)
  {
    if (pass_info->pw_uid == uid)
    {
      strncpy(uname, pass_info->pw_name, size);
      return uname;
    }
  }
  return (char *)NULL;
}


TCPINFO *nsread(TCPINFO *info)
{
  char buf[256];
  char *tr;
  char null[16];
  char localaddr[24];
  char remaddr[24];
  char st[4];
  char trxqueue[20];
  char uid[8];
  char uname[36] = {0x00,};
  int  fnum;
  int  snum;
  struct in_addr in;
  char *addr;

  if (info->idx == 0)
  {
    if (fgets(buf, 256, info->tcpfp) == NULL)
    {
      return (TCPINFO *)NULL;
    }
    info->idx=1;
  }
  if (fgets(buf, 256, info->tcpfp) == NULL)
    return (TCPINFO *)NULL;
  // sl  local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode
  // 0: 0100007F:A56F 00000000:0000 0A 00000000:00000000 00:00000000 00000000   105        0 10282 1 c34a1c00 3000 0 0 2 -1
  sscanf(buf,"%s %s %s %s %s %s %s %s %s %s", 
                  null,      // sl : 미 사용 
                  localaddr, // local_address 
                  remaddr,   // rem_address
                  st,        // status
                  trxqueue,  // tx_queue & rx_queue
                  null,      // tr & tm->when : 미 사용
                  null,      // retrnsmt : 미사용
                  uid,       // uid
                  null,      // timeout : 미사용
                  null);     // inde : 미사용
  // get localaddr
  sscanf(localaddr, "%x%[:]%x", &fnum, null, &snum);
  in.s_addr = fnum;
  addr = inet_ntoa(in);
  sprintf(info->localaddr, "%s", addr); 
  sprintf(info->localport, "%d", snum); 

  // get remaddr
  sscanf(remaddr, "%x%[:]%x", &fnum, null, &snum);
  in.s_addr = fnum;
  addr = inet_ntoa(in);
  sprintf(info->remaddr, "%s", addr); 
  sprintf(info->remport, "%d", snum); 

  // Status
  sscanf(st, "%x", &fnum);
  sprintf(info->stat,"%s", states[fnum]);

  // User Infomation
  if (getuname(uname, atoi(uid), 32) == NULL)
  {
    sprintf(info->uname,"%s", "");
  }
  else
    sprintf(info->uname,"%s", uname);
  info->uid = atoi(uid);
  return info; 

}

int main(int argc, char **argv)
{
  TCPINFO *tf;
  tf = nsopen();
  while (nsread(tf) != (TCPINFO *)NULL)
  {
    printf("%s:%s ---> %s:%s\t%s\t%s\n", tf->localaddr, tf->localport, 
                    tf->remaddr, tf->remport, tf->stat, tf->uname);
  }
  nsclose(tf);
}

실행 결과는 아래와 같다.

127.0.0.1:37382 ---> 0.0.0.0:0  CLOSING hplip
127.0.0.1:34641 ---> 0.0.0.0:0  CLOSING
127.0.0.1:631 ---> 0.0.0.0:0    CLOSING
203.229.213.133:39600 ---> 207.46.27.62:1863    SYN_SENT
203.229.213.133:33609 ---> 203.229.213.91:22    SYN_SENT
203.229.213.133:44665 ---> 65.54.228.33:1863    SYN_SENT
203.229.213.133:45402 ---> 211.117.61.247:6667  SYN_SENT
203.229.213.133:50398 ---> 207.46.26.112:1863   SYN_SENT
203.229.213.133:37614 ---> 207.46.26.162:1863   SYN_SENT
203.229.213.133:48312 ---> 207.46.111.89:1863   SYN_SENT
127.0.0.1:43480 ---> 127.0.0.1:34641    SYN_SENT
127.0.0.1:34641 ---> 127.0.0.1:43480    SYN_SENT

See also

Favorite site