Hi. A couple of questions on exported symbols, I guess. I'm trying to monitor syscalls, using the usual technique of substituting to the original syscall a function of my choice, collecting the info I need and finally calling the original syscall. One of the syscall I want to monitor is sys_socketcall, especially when the program is doing a accept() or a connect(). In particular I want to get source and destination IP address/port involved in the communication (assuming AF_INET socket family). This info about the remote host can be obtained from the arguments the program passes to the syscall. As regard local host I'm using sockfd_lookup to get a struct sock and extract from there all the necessary info. Questions: sockfd_lookup() seems to be exported only in certain versions of the kernel. Is there a better way to retrieve the info I'm looking for? If I use sockfd_lookup(), I need to call fput(sock->file) and, guess what, fput() is exported only in certain versions of the kernel. Are there alternatives? Thanks, Marco -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
