2 files changed, 27 insertions, 0 deletions

diff --git a/testsuite/systemtap.examples/network/tcp_connections.meta b/testsuite/systemtap.examples/network/tcp_connections.meta
new file mode 100644
index 00000000..0bc9bcb1
--- /dev/null
+++ b/testsuite/systemtap.examples/network/tcp_connections.meta
@@ -0,0 +1,13 @@
+title: Track Creation of Incoming TCP Connections
+name: tcp_connections.stp
+version: 1.0
+author: anonymous
+keywords: network tcp socket
+subsystem: kernel
+status: production
+exit: user-controlled
+output: trace
+scope: system-wide
+description: The tcp_connections.stp script prints information for each new incoming TCP connection accepted by the computer. The information includes the UID, the command accepting the connection, the PID of the command, the port the connection is on, and the IP address of the originator of the request.
+test_check: stap -p4 tcp_connections.stp
+test_installcheck: stap tcp_connections.stp -c "sleep 1"
diff --git a/testsuite/systemtap.examples/network/tcp_connections.stp b/testsuite/systemtap.examples/network/tcp_connections.stp
new file mode 100644
index 00000000..bd2db76a
--- /dev/null
+++ b/testsuite/systemtap.examples/network/tcp_connections.stp
@@ -0,0 +1,14 @@
+#! /usr/bin/env stap
+
+probe begin {
+  printf("%6s %16s %6s %6s %16s\n",
+         "UID", "CMD", "PID", "PORT", "IP_SOURCE")
+}
+
+probe kernel.function("tcp_accept").return?,
+      kernel.function("inet_csk_accept").return? {
+  sock = $return
+  if (sock != 0)
+    printf("%6d %16s %6d %6d %16s\n", uid(), execname(), pid(),
+           inet_get_local_port(sock), inet_get_ip_source(sock))
+}