Re: debug network packets

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

apalaios@xxxxxxxxxxxx wrote: 
Thx but this means that i must recompile the kernel...right?
I ll check it thx again
Quoting Neil Horman <nhorman@xxxxxxxxxx>:

Thats right. The only other thing I could think of (that doesn't require kernel recompiles) would be to use iptables and the ip_queue or ip_log targets. By adding rules to the all the tables chains (INPUT, PREROUTING, POSTROUTING, OUTPUT, etc.), you could track all packets that matched certain criteria through various points in the kernel. And based on what you logged, or sent to the userspace queue (via netlink), you could probably track an individual packet.

Neil 

apalaios@xxxxxxxxxxxx wrote:

Hi... do u know how i can "watch" the path that a packet follows after it 

have

been received from the kernel?
I need a low level packet debuger or something else that shows what a


packet do

inside the kernel..

Any suggestion?
Thx


there is a debug variable in the sock structure that you can enable at various points, and use in instrumentation to conditionally print out data at various points. I usually turn in on in sys_socket, or sys_connect, etc, based on information I have on hand at the time (process name, dest ip, etc). That allows me to print out data for a particular socket as its datagrams traverse the IP stack.

HTH
Neil

----------------------------------------------------------------
This message was sent through the TEI of ATHENS by means of NOC. -
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html 


--
/***************************************************
 *Neil Horman
 *Software Engineer
 *Red Hat, Inc.
 *nhorman@xxxxxxxxxx
 *gpg keyid: 1024D / 0x92A74FA1
 *http://pgp.mit.edu
 ***************************************************/






----------------------------------------------------------------
This message was sent through the TEI of ATHENS by means of NOC. 


--
/***************************************************
 *Neil Horman
 *Software Engineer
 *Red Hat, Inc.
 *nhorman@xxxxxxxxxx
 *gpg keyid: 1024D / 0x92A74FA1
 *http://pgp.mit.edu
 ***************************************************/
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux