From owner-freebsd-hackers Wed Apr 12 2:35:31 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from citadel.cequrux.com (citadel.cdsec.com [192.96.22.18]) by hub.freebsd.org (Postfix) with ESMTP id F3F1B37B899 for ; Wed, 12 Apr 2000 02:35:23 -0700 (PDT) (envelope-from gram@cequrux.com) Received: (from nobody@localhost) by citadel.cequrux.com (8.9.3/8.9.3) id LAA07240 for ; Wed, 12 Apr 2000 11:35:17 +0200 (SAST) Received: by citadel.cequrux.com via recvmail id 7236; Wed Apr 12 11:34:37 2000 Message-ID: <38F44460.391BD4B9@cequrux.com> Date: Wed, 12 Apr 2000 11:39:44 +0200 From: Graham Wheeler Organization: Cequrux Technologies X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 2.2.8-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: hackers@freebsd.org Subject: Re: Determining traffic on a socket References: <53045.955453206@axl.ops.uunet.co.za> <38F31395.68EFE3EF@cequrux.com> Content-Type: multipart/mixed; boundary="------------3CFD167A7F705579A183D517" Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. --------------3CFD167A7F705579A183D517 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I've managed to write a program to do what I want, which works fine on 2.2.8 but doesn't work with elf kernels it appears. Is there an equivalent interface for elf kernels to the kvm interface for a.out kernels? If anyone is interested, I've attached the program. -- Dr Graham Wheeler E-mail: gram@cequrux.com Director, Research and Development WWW: http://www.cequrux.com CEQURUX Technologies Phone: +27(21)423-6065 Firewalls/VPN Specialists Fax: +27(21)424-3656 --------------3CFD167A7F705579A183D517 Content-Type: text/plain; charset=us-ascii; name="showtraf.c" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="showtraf.c" #include #include #include #include #include #include #include #include #include #include #include #include #define TCPSTATES #include #define TCPTIMERS #include #include struct nlist nml[] = { #define N_TCB 0 { "_tcb" }, 0 }; //---------------------------------------------------------------- void Process_IP_CB(kvm_t *kmem, struct inpcb *inpcb) { struct tcpcb tcpcb; if (kvm_read(kmem, (long)inpcb->inp_ppcb, (char*)&tcpcb, sizeof(tcpcb))>0) { if (tcpcb.t_state >= TCPS_ESTABLISHED && tcpcb.t_state < TCP_NSTATES) { printf("%17s:%-5d ", inet_ntoa(inpcb->inp_laddr.s_addr), ntohs(inpcb->inp_lport)); printf("%17s:%-5d ", inet_ntoa(inpcb->inp_faddr.s_addr), ntohs(inpcb->inp_fport)); printf("[%10s] tx: %10lu rx: %10lu\n", tcpstates[tcpcb.t_state], (u_long)tcpcb.snd_nxt - (u_long)tcpcb.iss, (u_long)tcpcb.rcv_nxt - (u_long)tcpcb.irs); } } } void Process_IP_CBs(kvm_t *kvm) { struct inpcb in_pcb; long off = nml[N_TCB].n_value; if (kvm_read(kvm, off, (char *) &in_pcb, sizeof (struct inpcb))>0) { long prev = off; while (in_pcb.inp_list.le_next != (struct inpcb *)off) { long next = (long)in_pcb.inp_list.le_next; if (kvm_read(kvm, next, (char*)&in_pcb, sizeof(struct inpcb)) < 0 || (long)in_pcb.inp_list.le_prev != prev) // lost sync break; Process_IP_CB(kvm, &in_pcb); prev = next; } } } main(int argc, char **argv) { kvm_t *kvm = kvm_open(0,0,0,0,0); if (kvm) { if (kvm_nlist(kvm, nml) < 0) perror("kvm_nlist"); else { Process_IP_CBs(kvm); kvm_close(kvm); } } else perror("kvm_open"); } --------------3CFD167A7F705579A183D517-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message