From 52064a4bd37f8d81e1f488fe9d32fe6ccee63bd7 Mon Sep 17 00:00:00 2001 From: Breno Leitao Date: Fri, 20 Mar 2009 11:40:04 -0400 Subject: Added functions to grab IP source and destination from a socket, and functions to grab TCP source and destination port from a socket. Also, used this function inside some TCP probe functions, as recvmsg, to provide a richer set of fields. --- testsuite/systemtap.examples/network/tcp.stp | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 testsuite/systemtap.examples/network/tcp.stp (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/tcp.stp b/testsuite/systemtap.examples/network/tcp.stp new file mode 100644 index 00000000..ebe72a1c --- /dev/null +++ b/testsuite/systemtap.examples/network/tcp.stp @@ -0,0 +1,11 @@ +//A simple TCP tapset example + +probe begin { + printf("Expected IP 7.91.205.21 .... %s\n", ip_ntop(123456789)) + printf("Expected IP 58.222.104.177 .... %s\n", ip_ntop(987654321)) + printf("Expected IP 9.3.191.111 ... %s\n", ip_ntop(151240559)) +} + +probe tcp.recvmsg { + printf("received a message from %s on port %d from port %d\n", saddr, dport, sport) +} -- cgit From b29c53ec642a8b07633c8602b3bfc428ce2c4cd4 Mon Sep 17 00:00:00 2001 From: Eugeniy Meshcheryakov Date: Sat, 28 Mar 2009 23:10:20 +0100 Subject: Add header --- testsuite/systemtap.examples/network/tcp.stp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/tcp.stp b/testsuite/systemtap.examples/network/tcp.stp index ebe72a1c..01db9d2d 100644 --- a/testsuite/systemtap.examples/network/tcp.stp +++ b/testsuite/systemtap.examples/network/tcp.stp @@ -1,3 +1,5 @@ +#! /usr/bin/env stap + //A simple TCP tapset example probe begin { -- cgit From 4e1801d37ecda01c75181a345dcd07a23cd64da0 Mon Sep 17 00:00:00 2001 From: Eugeniy Meshcheryakov Date: Sat, 4 Apr 2009 21:36:52 +0200 Subject: Make examples executable --- testsuite/systemtap.examples/network/tcp.stp | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 testsuite/systemtap.examples/network/tcp.stp (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/tcp.stp b/testsuite/systemtap.examples/network/tcp.stp old mode 100644 new mode 100755 -- cgit From 3dd58c2ac312fc16aa38124987081adbd6697629 Mon Sep 17 00:00:00 2001 From: Eugeniy Meshcheryakov Date: Wed, 8 Apr 2009 16:57:39 +0200 Subject: Fix stats for processes that only transmitted data without receiving --- testsuite/systemtap.examples/network/nettop.stp | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/nettop.stp b/testsuite/systemtap.examples/network/nettop.stp index 15b4d62a..b84e4882 100755 --- a/testsuite/systemtap.examples/network/nettop.stp +++ b/testsuite/systemtap.examples/network/nettop.stp @@ -1,6 +1,7 @@ #! /usr/bin/env stap global ifxmit, ifrecv +global ifmerged probe netdev.transmit { @@ -19,6 +20,12 @@ function print_activity() "XMIT_KB", "RECV_KB", "COMMAND") foreach ([pid, dev, exec, uid] in ifrecv-) { + ifmerged[pid, dev, exec, uid] = 1; + } + foreach ([pid, dev, exec, uid] in ifxmit-) { + ifmerged[pid, dev, exec, uid] = 1; + } + foreach ([pid, dev, exec, uid] in ifmerged-) { n_xmit = @count(ifxmit[pid, dev, exec, uid]) n_recv = @count(ifrecv[pid, dev, exec, uid]) printf("%5d %5d %-7s %7d %7d %7d %7d %-15s\n", @@ -32,6 +39,7 @@ function print_activity() delete ifxmit delete ifrecv + delete ifmerged } probe timer.ms(5000), end, error -- cgit From cfde3cb1fdda81a5156df2f39201518d815c2710 Mon Sep 17 00:00:00 2001 From: "Frank Ch. Eigler" Date: Wed, 8 Apr 2009 12:29:29 -0400 Subject: tweak nettop.stp demo to sort by accumulated counts despite merging --- testsuite/systemtap.examples/network/nettop.stp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/nettop.stp b/testsuite/systemtap.examples/network/nettop.stp index b84e4882..e96548f1 100755 --- a/testsuite/systemtap.examples/network/nettop.stp +++ b/testsuite/systemtap.examples/network/nettop.stp @@ -19,11 +19,11 @@ function print_activity() "PID", "UID", "DEV", "XMIT_PK", "RECV_PK", "XMIT_KB", "RECV_KB", "COMMAND") - foreach ([pid, dev, exec, uid] in ifrecv-) { - ifmerged[pid, dev, exec, uid] = 1; + foreach ([pid, dev, exec, uid] in ifrecv) { + ifmerged[pid, dev, exec, uid] += @count(ifrecv[pid,dev,exec,uid]); } - foreach ([pid, dev, exec, uid] in ifxmit-) { - ifmerged[pid, dev, exec, uid] = 1; + foreach ([pid, dev, exec, uid] in ifxmit) { + ifmerged[pid, dev, exec, uid] += @count(ifxmit[pid,dev,exec,uid]); } foreach ([pid, dev, exec, uid] in ifmerged-) { n_xmit = @count(ifxmit[pid, dev, exec, uid]) -- cgit From 5e868ddd8263d2f7b61a702891252cc2bacb1c07 Mon Sep 17 00:00:00 2001 From: Andre Detsch Date: Tue, 14 Apr 2009 14:23:59 -0300 Subject: Add new TCP and IP functions This patch adds some basic functions to the IP and TCP tapsets. Mainly, it's possible to get the iphdr and tcphdr from a sk_buff structure. As a consequence, a TCP probe called tcp.receive() was created and is probed every time a TCP packet is received, and a lot of useful fields is available, as the TCP flags. Also a small example that works like tcpdump for received TCP packets was created. This patch was tested on x86 and ppc machines, on 2.6.18 kernel and also on mainline one. Signed-off-by: Breno Leitao Signed-off-by: Andre Detsch Signed-off-by: Josh Stone --- testsuite/systemtap.examples/network/tcpdumplike.stp | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 testsuite/systemtap.examples/network/tcpdumplike.stp (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/tcpdumplike.stp b/testsuite/systemtap.examples/network/tcpdumplike.stp new file mode 100644 index 00000000..4026e7a7 --- /dev/null +++ b/testsuite/systemtap.examples/network/tcpdumplike.stp @@ -0,0 +1,12 @@ +// A TCP dump like example + +probe begin, timer.s(1) { + printf("-----------------------------------------------------------------\n"); + printf(" Source IP Dest IP SPort DPort U A P R S F \n"); + printf("-----------------------------------------------------------------\n"); +} + +probe tcp.receive { + printf(" %15s %15s %5d %5d %d %d %d %d %d %d\n", + saddr, daddr, sport, dport, urg, ack, psh, rst, syn, fin) +} -- cgit From b9c1e0228f6c629e278820caf40870cdad285441 Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Tue, 14 Apr 2009 11:00:05 -0700 Subject: Make tcpdumplike.stp executable --- testsuite/systemtap.examples/network/tcpdumplike.stp | 2 ++ 1 file changed, 2 insertions(+) mode change 100644 => 100755 testsuite/systemtap.examples/network/tcpdumplike.stp (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/tcpdumplike.stp b/testsuite/systemtap.examples/network/tcpdumplike.stp old mode 100644 new mode 100755 index 4026e7a7..533c71b9 --- a/testsuite/systemtap.examples/network/tcpdumplike.stp +++ b/testsuite/systemtap.examples/network/tcpdumplike.stp @@ -1,3 +1,5 @@ +#! /usr/bin/env stap + // A TCP dump like example probe begin, timer.s(1) { -- cgit From 7a51212ca1895b85f400fafe0e5198525996af1d Mon Sep 17 00:00:00 2001 From: William Cohen Date: Tue, 14 Apr 2009 17:37:19 -0400 Subject: Minor formatting to avoid line wrap, added tcpdumplike.meta file, and regenerated index files. --- testsuite/systemtap.examples/network/tcpdumplike.meta | 12 ++++++++++++ testsuite/systemtap.examples/network/tcpdumplike.stp | 10 +++++----- 2 files changed, 17 insertions(+), 5 deletions(-) create mode 100644 testsuite/systemtap.examples/network/tcpdumplike.meta (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/tcpdumplike.meta b/testsuite/systemtap.examples/network/tcpdumplike.meta new file mode 100644 index 00000000..8fb9fccb --- /dev/null +++ b/testsuite/systemtap.examples/network/tcpdumplike.meta @@ -0,0 +1,12 @@ +title: Dump of Received TCP Packets +name: tcpdumplike.stp +version: 1.0 +author: anonymous +keywords: network traffic +subsystem: network +status: production +exit: user-controlled +output: timed +scope: system-wide +description: The tcpdumplike.stp prints out a line for each TCP packet received. Each line includes the source and destination IP addresses, the source and destination ports, and flags. +test_installcheck: stap tcpdumplike.stp -c "sleep 1" diff --git a/testsuite/systemtap.examples/network/tcpdumplike.stp b/testsuite/systemtap.examples/network/tcpdumplike.stp index 533c71b9..de3899d6 100755 --- a/testsuite/systemtap.examples/network/tcpdumplike.stp +++ b/testsuite/systemtap.examples/network/tcpdumplike.stp @@ -3,12 +3,12 @@ // A TCP dump like example probe begin, timer.s(1) { - printf("-----------------------------------------------------------------\n"); - printf(" Source IP Dest IP SPort DPort U A P R S F \n"); - printf("-----------------------------------------------------------------\n"); + printf("-----------------------------------------------------------------\n") + printf(" Source IP Dest IP SPort DPort U A P R S F \n") + printf("-----------------------------------------------------------------\n") } probe tcp.receive { - printf(" %15s %15s %5d %5d %d %d %d %d %d %d\n", - saddr, daddr, sport, dport, urg, ack, psh, rst, syn, fin) + printf(" %15s %15s %5d %5d %d %d %d %d %d %d\n", + saddr, daddr, sport, dport, urg, ack, psh, rst, syn, fin) } -- cgit From 0e4901b0e6524c4ed5f9b5f3ab0f2a1d1dbd86d6 Mon Sep 17 00:00:00 2001 From: William Cohen Date: Fri, 17 Apr 2009 15:41:48 -0400 Subject: Add dropwatch.stp example. --- .../systemtap.examples/network/dropwatch.meta | 13 ++++++++++ testsuite/systemtap.examples/network/dropwatch.stp | 30 ++++++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 testsuite/systemtap.examples/network/dropwatch.meta create mode 100644 testsuite/systemtap.examples/network/dropwatch.stp (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/dropwatch.meta b/testsuite/systemtap.examples/network/dropwatch.meta new file mode 100644 index 00000000..176ba236 --- /dev/null +++ b/testsuite/systemtap.examples/network/dropwatch.meta @@ -0,0 +1,13 @@ +title: Watch Where Socket Buffers are Freed in the Kernel +name: dropwatch.stp +version: 1.0 +author: Neil Horman +keywords: network tracepoint buffer free +subsystem: network +status: production +exit: user-controlled +output: timed +scope: system-wide +description: Every five seconds the dropwatch.stp script lists the number of socket buffers freed at locations in the kernel. +test_check: stap -p4 dropwatch.stp +test_installcheck: stap dropwatch.stp -c "sleep 1" diff --git a/testsuite/systemtap.examples/network/dropwatch.stp b/testsuite/systemtap.examples/network/dropwatch.stp new file mode 100644 index 00000000..bba7ecd2 --- /dev/null +++ b/testsuite/systemtap.examples/network/dropwatch.stp @@ -0,0 +1,30 @@ +#!/usr/bin/stap + +############################################################ +# Dropwatch.stp +# Author: Neil Horman +# An example script to mimic the behavior of the dropwatch utility +# http://fedorahosted.org/dropwatch +############################################################ + +# Array to hold the list of drop points we find +global locations + +# Note when we turn the monitor on and off +probe begin { printf("Monitoring for dropped packets\n") } +probe end { printf("Stopping dropped packet monitor\n") } + +# increment a drop counter for every location we drop at +probe kernel.trace("kfree_skb") { locations[$location] <<< 1 } + +# Every 5 seconds report our drop locations +probe timer.sec(5) +{ + printf("\n") + foreach (l in locations-) { + printf("%d packets dropped at location %p\n", + @count(locations[l]), l) + } + delete locations +} + -- cgit From 7c806934696e39dc9ee488ee00d2ffde18ce1ba0 Mon Sep 17 00:00:00 2001 From: William Cohen Date: Fri, 17 Apr 2009 15:53:38 -0400 Subject: Make dropwatch.stp executable and have correct interpreter. --- testsuite/systemtap.examples/network/dropwatch.stp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) mode change 100644 => 100755 testsuite/systemtap.examples/network/dropwatch.stp (limited to 'testsuite/systemtap.examples/network') diff --git a/testsuite/systemtap.examples/network/dropwatch.stp b/testsuite/systemtap.examples/network/dropwatch.stp old mode 100644 new mode 100755 index bba7ecd2..79d50a4e --- a/testsuite/systemtap.examples/network/dropwatch.stp +++ b/testsuite/systemtap.examples/network/dropwatch.stp @@ -1,4 +1,4 @@ -#!/usr/bin/stap +#! /usr/bin/env stap ############################################################ # Dropwatch.stp -- cgit