%PDF- %PDF-
Direktori : /usr/sbin/ |
Current File : //usr/sbin/undump.bt |
#!/usr/bin/env bpftrace /* * undump Trace unix domain socket package receive. * For Linux, uses bpftrace and eBPF. * * Also a basic example of bpftrace. * * This is a bpftrace version of the bcc examples/tracing of the same name. * * USAGE: undump.bt * * Copyright 2022 CESTC, Inc. * Licensed under the Apache License, Version 2.0 (the "License") * * 22-May-2022 Rong Tao Created this. */ #ifndef BPFTRACE_HAVE_BTF #include <linux/skbuff.h> #endif BEGIN { printf("Dump UNIX socket packages RX. Ctrl-C to end\n"); printf("%-8s %-16s %-8s %-8s %-s\n", "TIME", "COMM", "PID", "SIZE", "DATA"); } kprobe:unix_stream_read_actor { $skb = (struct sk_buff *)arg0; time("%H:%M:%S "); printf("%-16s %-8d %-8d %r\n", comm, pid, $skb->len, buf($skb->data, $skb->len)); } END { }