[PATCH v3] Print ip and port associated with descriptor with -yy
zubin.mithra at gmail.com
zubin.mithra at gmail.com
Thu Aug 7 12:47:12 UTC 2014
From: Zubin Mithra <zubin.mithra at gmail.com>
* defs.h: Add Add header files netinet/in.h, sys/socket.h,
arpa/inet.h, linux/netlink.h and linux/inet_diag.h.
Change type of show_fd_path to unsigned int.
Add macros SOCK_DIAG_BY_FAMILY, SOCKET_BUFFER_SIZE.
Add structs sock_diag_req, inet_diag_req_v2.
* strace.c (init): Change usage of show_fd_path.
* util.c (parse_response): New function to parse and
print ip, port from a message response.
(send_query): New function.
(receive_responses): New function.
(printsockdetails): New function.
(printfd): Modified to use printsockdetails.
Signed-off-by: Zubin Mithra <zubin.mithra at gmail.com>
---
defs.h | 24 ++++++++++-
strace.c | 4 +-
util.c | 140 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 164 insertions(+), 4 deletions(-)
diff --git a/defs.h b/defs.h
index 1a3b483..6959cdb 100644
--- a/defs.h
+++ b/defs.h
@@ -67,6 +67,11 @@
#include <time.h>
#include <sys/time.h>
#include <sys/syscall.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <linux/netlink.h>
+#include <linux/inet_diag.h>
#ifndef HAVE_STRERROR
const char *strerror(int);
@@ -562,7 +567,7 @@ extern bool iflag;
extern bool count_wallclock;
extern unsigned int qflag;
extern bool not_failing_only;
-extern bool show_fd_path;
+extern unsigned int show_fd_path;
extern bool hide_log_until_execve;
/* are we filtering traces based on paths? */
extern const char **paths_selected;
@@ -580,6 +585,23 @@ extern unsigned os_release;
#undef KERNEL_VERSION
#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))
+#define SOCK_DIAG_BY_FAMILY 20
+#define SOCKET_BUFFER_SIZE (getpagesize() < 8192L ? getpagesize() : 8192L)
+
+struct sock_diag_req {
+ __u8 sdiag_family;
+ __u8 sdiag_protocol;
+};
+
+struct inet_diag_req_v2 {
+ __u8 sdiag_family;
+ __u8 sdiag_protocol;
+ __u8 idiag_ext;
+ __u8 pad;
+ __u32 idiag_states;
+ struct inet_diag_sockid id;
+};
+
enum bitness_t { BITNESS_CURRENT = 0, BITNESS_32 };
void error_msg(const char *fmt, ...) __attribute__ ((format(printf, 1, 2)));
diff --git a/strace.c b/strace.c
index 4154cde..2bc5c67 100644
--- a/strace.c
+++ b/strace.c
@@ -129,7 +129,7 @@ static int post_attach_sigstop = TCB_IGNORE_ONE_SIGSTOP;
bool not_failing_only = 0;
/* Show path associated with fd arguments */
-bool show_fd_path = 0;
+unsigned int show_fd_path = 0;
static bool detach_on_execve = 0;
/* Are we "strace PROG" and need to skip detach on first execve? */
@@ -1734,7 +1734,7 @@ init(int argc, char *argv[])
xflag++;
break;
case 'y':
- show_fd_path = 1;
+ show_fd_path++;
break;
case 'v':
qualify("abbrev=none");
diff --git a/util.c b/util.c
index 33482d5..0065eb9 100644
--- a/util.c
+++ b/util.c
@@ -404,13 +404,151 @@ printnum_int(struct tcb *tcp, long addr, const char *fmt)
tprints("]");
}
+int
+parse_response(struct inet_diag_msg *diag_msg, int inodenr) {
+ char remote_addr_buf[INET6_ADDRSTRLEN];
+ int rport;
+
+ if (diag_msg->idiag_inode != inodenr)
+ return -1;
+
+ memset(remote_addr_buf, 0, sizeof(remote_addr_buf));
+
+ if (diag_msg->idiag_family == AF_INET)
+ inet_ntop(AF_INET, (struct in_addr*) &(diag_msg->id.idiag_dst),
+ remote_addr_buf, INET_ADDRSTRLEN);
+ else if (diag_msg->idiag_family == AF_INET6)
+ inet_ntop(AF_INET6, (struct in_addr6*) &(diag_msg->id.idiag_dst),
+ remote_addr_buf, INET6_ADDRSTRLEN);
+ else
+ return -1;
+
+ if (remote_addr_buf[0] == 0)
+ return -1;
+ rport = ntohs(diag_msg->id.idiag_dport);
+ tprintf("%s:%d", remote_addr_buf, rport);
+ return 0;
+}
+
+int
+send_query(int sockfd, int proto, int family) {
+ struct msghdr msg;
+ struct nlmsghdr nlh;
+ struct inet_diag_req_v2 conn_req;
+ struct sockaddr_nl sa;
+ struct iovec iov[4];
+
+ memset(&msg, 0, sizeof(msg));
+ memset(&sa, 0, sizeof(sa));
+ memset(&nlh, 0, sizeof(nlh));
+ memset(&conn_req, 0, sizeof(conn_req));
+
+ sa.nl_family = AF_NETLINK;
+ conn_req.sdiag_family = family;
+ conn_req.sdiag_protocol = proto;
+ conn_req.idiag_states = -1;
+
+ nlh.nlmsg_len = NLMSG_LENGTH(sizeof(conn_req));
+ nlh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST;
+
+ nlh.nlmsg_type = SOCK_DIAG_BY_FAMILY;
+ iov[0].iov_base = (void*) &nlh;
+ iov[0].iov_len = sizeof(nlh);
+ iov[1].iov_base = (void*) &conn_req;
+ iov[1].iov_len = sizeof(conn_req);
+
+ msg.msg_name = (void*) &sa;
+ msg.msg_namelen = sizeof(sa);
+ msg.msg_iov = iov;
+ msg.msg_iovlen = 2;
+
+ return sendmsg(sockfd, &msg, 0);
+}
+
+int
+parse_responses(int sockfd, int inodenr) {
+ char recv_buf[SOCKET_BUFFER_SIZE];
+ struct nlmsghdr *nlh;
+ struct inet_diag_msg *diag_msg;
+ int numbytes = 0;
+ while (1) {
+ numbytes = recv(sockfd, recv_buf, sizeof(recv_buf), 0);
+ nlh = (struct nlmsghdr*) recv_buf;
+
+ while (NLMSG_OK(nlh, numbytes)) {
+ if (nlh->nlmsg_type == NLMSG_DONE)
+ return -1;
+
+ else if (nlh->nlmsg_type == NLMSG_ERROR)
+ return -1;
+
+ diag_msg = (struct inet_diag_msg*) NLMSG_DATA(nlh);
+ if (parse_response(diag_msg, inodenr) == 0)
+ return 0;
+
+ nlh = NLMSG_NEXT(nlh, numbytes);
+ }
+ }
+ return -1;
+}
+
+
+
+/* Given an inode number of a socket, print out the details
+ * of the remote ip address and remote port */
+int
+printsockdetails(int inodenr)
+{
+ int sockfd;
+ int i, j;
+ int protocols[] = {IPPROTO_TCP, IPPROTO_UDP};
+ int families[] = {AF_INET, AF_INET6};
+
+ //Create the monitoring socket
+ if((sockfd = socket(AF_NETLINK, SOCK_DGRAM, NETLINK_INET_DIAG)) == -1)
+ return -1;
+
+ for (i = 0; i < 2; i++) {
+ for (j = 0; j < 2; j++) {
+ if (send_query(sockfd, protocols[i], families[j]) < 0) {
+ close(sockfd);
+ return -1;
+ }
+ if (parse_responses(sockfd, inodenr) == 0) {
+ close(sockfd);
+ return 0;
+ }
+ }
+ }
+ close(sockfd);
+ return -1;
+}
+
void
printfd(struct tcb *tcp, int fd)
{
char path[PATH_MAX + 1];
- if (show_fd_path && getfdpath(tcp, fd, path, sizeof(path)) >= 0)
+ if (show_fd_path == 1 && getfdpath(tcp, fd, path, sizeof(path)) >= 0)
tprintf("%d<%s>", fd, path);
+ else if (show_fd_path > 1 && getfdpath(tcp, fd, path, sizeof(path)) >= 0) {
+ char *ptr = NULL;
+ int inodenr;
+ ptr = strstr(path, "socket:[");
+ if (ptr != path) {
+ tprintf("%d<%s>", fd, path);
+ }
+ else {
+ int retval;
+ ptr = path + 8;
+ path[strlen(path)-1] = '\0';
+ inodenr = strtol(ptr, NULL, 10);
+ tprintf("%d<", fd);
+ retval = printsockdetails(inodenr);
+ if (retval == -1) tprintf("socket:[%d]",inodenr);
+ tprints(">");
+ }
+ }
else
tprintf("%d", fd);
}
--
1.8.4
More information about the Strace-devel
mailing list