Date: Wed, 12 Apr 2000 11:39:44 +0200 From: Graham Wheeler <gram@cequrux.com> To: hackers@freebsd.org Subject: Re: Determining traffic on a socket Message-ID: <38F44460.391BD4B9@cequrux.com> References: <53045.955453206@axl.ops.uunet.co.za> <38F31395.68EFE3EF@cequrux.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] I've managed to write a program to do what I want, which works fine on 2.2.8 but doesn't work with elf kernels it appears. Is there an equivalent interface for elf kernels to the kvm interface for a.out kernels? If anyone is interested, I've attached the program. -- Dr Graham Wheeler E-mail: gram@cequrux.com Director, Research and Development WWW: http://www.cequrux.com CEQURUX Technologies Phone: +27(21)423-6065 Firewalls/VPN Specialists Fax: +27(21)424-3656 [-- Attachment #2 --] #include <stdio.h> #include <fcntl.h> #include <kvm.h> #include <nlist.h> #include <sys/types.h> #include <sys/socket.h> #include <net/route.h> #include <netinet/in.h> #include <netinet/in_pcb.h> #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/tcp.h> #define TCPSTATES #include <netinet/tcp_fsm.h> #define TCPTIMERS #include <netinet/tcp_timer.h> #include <netinet/tcp_var.h> struct nlist nml[] = { #define N_TCB 0 { "_tcb" }, 0 }; //---------------------------------------------------------------- void Process_IP_CB(kvm_t *kmem, struct inpcb *inpcb) { struct tcpcb tcpcb; if (kvm_read(kmem, (long)inpcb->inp_ppcb, (char*)&tcpcb, sizeof(tcpcb))>0) { if (tcpcb.t_state >= TCPS_ESTABLISHED && tcpcb.t_state < TCP_NSTATES) { printf("%17s:%-5d ", inet_ntoa(inpcb->inp_laddr.s_addr), ntohs(inpcb->inp_lport)); printf("%17s:%-5d ", inet_ntoa(inpcb->inp_faddr.s_addr), ntohs(inpcb->inp_fport)); printf("[%10s] tx: %10lu rx: %10lu\n", tcpstates[tcpcb.t_state], (u_long)tcpcb.snd_nxt - (u_long)tcpcb.iss, (u_long)tcpcb.rcv_nxt - (u_long)tcpcb.irs); } } } void Process_IP_CBs(kvm_t *kvm) { struct inpcb in_pcb; long off = nml[N_TCB].n_value; if (kvm_read(kvm, off, (char *) &in_pcb, sizeof (struct inpcb))>0) { long prev = off; while (in_pcb.inp_list.le_next != (struct inpcb *)off) { long next = (long)in_pcb.inp_list.le_next; if (kvm_read(kvm, next, (char*)&in_pcb, sizeof(struct inpcb)) < 0 || (long)in_pcb.inp_list.le_prev != prev) // lost sync break; Process_IP_CB(kvm, &in_pcb); prev = next; } } } main(int argc, char **argv) { kvm_t *kvm = kvm_open(0,0,0,0,0); if (kvm) { if (kvm_nlist(kvm, nml) < 0) perror("kvm_nlist"); else { Process_IP_CBs(kvm); kvm_close(kvm); } } else perror("kvm_open"); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38F44460.391BD4B9>