Irfan Habib wrote:
Hi,
Is there any method either kernel or user level which tells me which
process is generating how much traffic from a machine. For example if
some process is flooding the network, then I would like to know which
process (PID ideally), is generating the most traffic.
A while ago I did a SystemTap script to solve a problem similar to
this. It's been siting in my system for a while collecting dust and you
currently don't need the embedded C code since the networking.stp tapset
has all this script needs(and more), but I should point you in the right
direction.
This worked a couple of months ago but it is currently untested. Hope
it helps.
-JRS
global ifstats, ifdevs, execname
%{
#include<linux/skbuff.h>
#include<linux/netdevice.h>
%}
probe kernel.function("dev_queue_xmit")
{
execname[pid()] = execname()
name=skb_to_name($skb)
ifdevs[name] = name
ifstats[pid(),name] <<< 1
}
function skb_to_name:string (skbuff:long)
%{
struct sk_buff *skbuff = (struct sk_buff *)((long)THIS->skbuff);
struct net_device *netdev = skbuff->dev;
sprintf (THIS->__retvalue, "%s" , netdev->name);
%}
probe timer.ms(5000)
{
exit()
}
probe end {
foreach( pid in execname) {
if (pid == 0) continue
printf("%15s[%5d] ->\t", execname[pid],pid)
foreach( ifname in ifdevs) {
printf("[%s:%7d] \t", ifname,
@count(ifstats[pid, ifname]))
}
print("\n")
}
print("\n")
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
