Ip_finish_output at net/ipv4/ip_output.c:284 Ip_finish_output2 at net/ipv4/ip_output.c:210 Neigh_hh_output at include/net/neighbour.h:467ĭst_neigh_output at include/net/dst.h:401 ![]() Tpacket_rcv at net/packet/af_packet.c:1962ĭev_queue_xmit_nit at net/core/dev.c:1862ĭev_hard_start_xmit at net/core/dev.c:2699 Unix_stream_recvmsg at net/unix/af_unix.c:2210 Unix_stream_sendmsg at net/unix/af_unix.c:1638Įntry_SYSCALL_64_fastpath at arch/x86/entry/entry_64.S:186 Lacking that, the best that can be done is syscall tracing.Īdditional information (for the interested reader), here are some backtraces (acquired with GDB breaking on unix_stream_* and rbreak packet.c., Linux in QEMU and socat on mainline Linux 4.2-rc5): # echo foo | socat - UNIX-LISTEN:/foo & Ideally there would be a libpcap format that has a header containing the source/dest PID (when available) followed by optional additional data (credentials, file descriptors) and finally the data. Unfortunately there are no perfect tracers at the moment for Unix domain sockets that produce pcaps (to my best knowledge). The suggested CONFIG_UNIX_DIAG option is unfortunately also not helpful here, it can only be used to collect statistics, not acquire realtime data as they flow by (see linux/unix_diag.h). Socat TCP-LISTEN:6000,reuseaddr,fork UNIX-CONNECT:some.sock You could write a quick multiplexer yourself or hack something like this that also outputs a pcap (beware of the limitations, for example AF_UNIX can pass file descriptors, AF_INET cannot): # fake TCP server connects to real Unix socket Requires kernel support and availability of debugging symbols. You can use SystemTap for setting such trace points, here is an example to monitor for outgoing messages.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |