tninfo provides an interface to retrieve and display kernel-level network information and statistics.
tninfo is intended to be run at
ADMIN_HIGH and effective user ID 0. The exceptions are the -h, -i, and -t options with an argument, which can be run at any label as any
For those options that have restrictions, the restrictions can be overridden by these privileges:
file_dac_read. The tninfo
executable should be maintained with a sensitivity label of
See attributes(5) for descriptions of the following attributes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
Print the default security structures associated with each socket or stream.
Print the network statistics. This is the default option.
Print the cache statistics.
Turn on verbose mode.
Display the security structure for the specified interface in the kernel cache. The output should reflect what is specified in the tnidb database. If if_name is not specified, display the entire interface cache.
Display the security structure for the specified host in the kernel remote-host cache. The output should reflect what is specified in the tnrhdb and tnrhtp databases.
Display the structure associated with the specified template_name. The output should reflect what is specified in the tnrhtp database. If template_name is not specified, display the entire remote-host template cache. If a field within an entry is not specified (for example, def_uid=empty;), then that field will not be displayed.
Trusted network interface-control database
Trusted network remote-host database
Trusted network remote-host templates
The kernel's tables can change while tninfo is examining them; the result is incorrect or partial displays.