From owner-freebsd-questions@freebsd.org  Tue Mar  7 03:00:54 2017
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E8A63D00C40
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Tue,  7 Mar 2017 03:00:54 +0000 (UTC)
 (envelope-from citrin+bsd@citrin.ru)
Received: from hz.citrin.ru (hz.citrin.ru [IPv6:2a01:4f8:d16:10c3::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id B32B517B4
 for <freebsd-questions@freebsd.org>; Tue,  7 Mar 2017 03:00:54 +0000 (UTC)
 (envelope-from citrin+bsd@citrin.ru)
Received: from x220.lan (unknown [IPv6:2601:18a:c301:8eee:9d7a:ec01:34de:8d3a])
 by hz.citrin.ru (Postfix) with ESMTPSA id EA7CA29A4B8
 for <freebsd-questions@freebsd.org>; Tue,  7 Mar 2017 03:00:51 +0000 (UTC)
Subject: Re: procstat(1) [-f], proto=stream without addresses
To: freebsd-questions@freebsd.org
References: <58BDBAF7.5000907@omnilan.de>
From: Anton Yuzhaninov <citrin+bsd@citrin.ru>
Message-ID: <611e5fe5-0a25-2058-96b2-51b1fe3ad7f9@citrin.ru>
Date: Mon, 6 Mar 2017 22:00:50 -0500
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101
 Thunderbird/45.6.0
MIME-Version: 1.0
In-Reply-To: <58BDBAF7.5000907@omnilan.de>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0;
 t=1488855652; bh=peCEHO5LNU/dSWDBdCHR6McTXNHNWF8hjorxn/4PC3Y=;
 h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding;
 b=14VuB8NVcS6GvYTizXBWQM3Q8nYT2Ofd8oY3pT3LM+ehOuUtLqGBap6qErBe8bCYC/mEQ7TmxyDoE2Fu/Qw5JKtd6jD9o5dvWvRJx3pqWvvkVBGp8TdVokI5v1TB0WS5bgLCSCrwTsh5wxWdpbLz49RzNV4nzfGAznRPuc4kLO0=
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Mar 2017 03:00:55 -0000

On 03/06/17 14:39, Harry Schmalzbauer wrote:
> One thing I noticed is that procstst(1) doesn't show any addresses for
> my evil process.
> Excerpt:
>
> USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
> squid negotiate_ 597 1 stream -> ??
> squid negotiate_ 596 0 stream -> ??
> squid negotiate_ 596 1 stream -> ??

1. It looks like output from sockstat(1), not procstat(1)

2. stream is Unix domain stream socket

String "??" probably mean, that this file descriptor is not connected 
(was closed by remote side, but not by this process).

May be it is a descriptor leak.