File: connect_stat.stp

package info (click to toggle)
systemtap 3.1-2
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 32,860 kB
  • ctags: 12,513
  • sloc: cpp: 58,610; ansic: 58,189; exp: 37,322; sh: 10,633; xml: 7,771; perl: 2,252; python: 2,066; tcl: 1,305; makefile: 969; lisp: 105; java: 100; awk: 94; asm: 91; sed: 16
file content (31 lines) | stat: -rwxr-xr-x 1,024 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
#! /usr/bin/env stap

############################################################
# connect_stat.stp
# Author: Robin Hack <rhack@redhat.com>
# An example script show process tree of process
# which tried to call connect with specific ip address
############################################################

function process_tree (ip:string) {
    cur_proc = task_current();
    parent_pid = task_pid(task_parent (cur_proc));

    printf ("%s: ", ip);
    while (parent_pid != 0) {
        printf ("%s (%d),%d,%d -> ", task_execname(cur_proc), task_pid(cur_proc), task_uid(cur_proc),task_gid (cur_proc));
        cur_proc = task_parent(cur_proc);
        parent_pid = task_pid(task_parent (cur_proc));
    }
    # init process
    if (task_pid (cur_proc) == 1) {
        printf ("%s (%d),%d,%d\n", task_execname(cur_proc), task_pid(cur_proc), task_uid(cur_proc),task_gid (cur_proc));
    }
}

probe syscall.connect {
    if ((uaddr_af !~ "AF_INET*") || (uaddr_ip != @1)) {
        next;
    }
    process_tree (uaddr_ip);
}