<html><body><div style="color:#000; background-color:#fff; font-family:verdana, helvetica, sans-serif;font-size:10pt"><div style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_4"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11">Hi Anil,</span></div><div class="" id="yiv1363691574yui_3_16_0_8_1406042316102_17" style="color:rgb(0, 0, 0);font-size:13.3333px;font-family:verdana, helvetica, sans-serif;background-color:transparent;font-style:normal;"><br style="" clear="none"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11"></span><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11">I had written TCP client (tcpc.c) and TCP server (tcps.c) programs for demo and testing purpose.<br style="" class=""></span></div><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11">Note : "./tcpc" is the application running under trace-cmd record command.<br style="" class=""
id="yiv1363691574yui_3_16_0_1_1406042316102_33172" clear="none"></span><div class="" id="yiv1363691574yui_3_16_0_8_1406042316102_46" style="color:rgb(0, 0, 0);font-size:13.3333px;font-family:verdana, helvetica, sans-serif;background-color:transparent;font-style:normal;"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11"><br style="" class="">If you want to record the kernel flow for application you can use<br style="" class=""><br style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_64" clear="none"></span></div><div class="" id="yiv1363691574yui_3_16_0_8_1406042316102_65" style="color:rgb(0, 0, 0);font-size:13.3333px;font-family:verdana, helvetica, sans-serif;background-color:transparent;font-style:normal;"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11"># trace-cmd record -e all command.<br style="" class=""><br style="" class=""># trace-cmd
report /* to see the output. */<br style="" class=""></span></div><div class="" id="yiv1363691574yui_3_16_0_8_1406042316102_115" style="color:rgb(0, 0, 0);font-size:13.3333px;font-family:verdana, helvetica, sans-serif;background-color:transparent;font-style:normal;"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11"> <br style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_104" clear="none"></span></div><div class="" id="yiv1363691574yui_3_16_0_8_1406042316102_100" style="color:rgb(0, 0, 0);font-size:13.3333px;font-family:verdana, helvetica, sans-serif;background-color:transparent;font-style:normal;"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11">See the man page of trace-cmd record for example for more details.</span></div><div class="" id="yiv1363691574yui_3_16_0_8_1406042316102_95" style="color:rgb(0, 0,
0);font-size:13.3333px;font-family:verdana, helvetica, sans-serif;background-color:transparent;font-style:normal;"><br style="" class="">Please find below link for more details how to filter the output.<br style="" class=""><br style="" class="">http://elinux.org/images/3/35/Kernelshark-tut-elc-2011.pdf<br style="" class=""><br style="" class="" id="yiv1363691574yui_3_16_0_1_1406042316102_36991" clear="none"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11"></span></div><div class="" id="yiv1363691574yui_3_16_0_8_1406042316102_69" style="color:rgb(0, 0, 0);font-size:13.3333px;font-family:verdana, helvetica, sans-serif;background-color:transparent;font-style:normal;"><span style="" class="" id="yiv1363691574yui_3_16_0_8_1406042316102_11">-Anand Moon</span></div> <div class="qtdSeparateBR"><br><br></div><div style="display: block;" class="yahoo_quoted"> <div class="" style="font-family: verdana, helvetica, sans-serif; font-size:
10pt;"> <div class="" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 12pt;"> <div style="" class="" dir="ltr"> <font style="" class="" face="Arial" size="2"> On Tuesday, July 22, 2014 4:51 PM, Anil Joshi <aj27744@gmail.com> wrote:<br style="" class=""> </font> </div> <br style="" class=""><br style="" class=""> <div style="" class=""><div style="" class="" id="yiv0882399364"><div style="" class=""><div style="" class="" dir="ltr"><div style="" class=""><div style="" class=""><div style="" class=""><div style="" class="">Hi Anand,<br style="" class="" clear="none"><br style="" class="" clear="none"></div>I did what you said but i am getting a strange output<br style="" class="" clear="none"> [root@machine0 Desktop]#ls<br style="" class="" clear="none">cli trace.dat.cpu11 trace.dat.cpu2
trace.dat.cpu7<br style="" class="" clear="none">client.c trace.dat.cpu12 trace.dat.cpu3 trace.dat.cpu8<br style="" class="" clear="none">
trace.dat.cpu0 trace.dat.cpu13 trace.dat.cpu4 trace.dat.cpu9<br style="" class="" clear="none">trace.dat.cpu1 trace.dat.cpu14 trace.dat.cpu5<br style="" class="" clear="none">trace.dat.cpu10 trace.dat.cpu15 trace.dat.cpu6<br style="" class="" clear="none">[root@hwcentos10 Desktop]# cat trace.dat.cpu<br style="" class="" clear="none">cat: trace.dat.cpu: No such file or directory<br style="" class="" clear="none">
[root@machine0 Desktop]# cat trace.dat.cpu0<br style="" class="" clear="none">[root@machine0 Desktop]# tcpc client.c trace.dat.cpu1<br style="" class="" clear="none">-bash: tcpc: command not found<br style="" class="" clear="none"><br style="" class="" clear="none"></div>why am i getting so much trace.dat.cpu files and tcpc command not found can you please help me out....<br style="" class="" clear="none">
<br style="" class="" clear="none"></div>cli is the executable file for client<br style="" class="" clear="none"><br style="" class="" clear="none"></div>---Anil<br style="" class="" clear="none"><div style="" class=""><div style="" class=""><div style="" class=""><div style="" class=""><br style="" class="" clear="none"></div></div></div></div></div><div style="" class="" id="yiv0882399364yqt06024"><div style="" class=""><br style="" class="" clear="none"><br style="" class="" clear="none"><div style="" class="">On Wed, Jul 16, 2014 at 12:27 AM, Anand Moon <span style="" class="" dir="ltr"><<a style="" class="" rel="nofollow" shape="rect" ymailto="mailto:moon.linux@yahoo.com" target="_blank" href="mailto:moon.linux@yahoo.com">moon.linux@yahoo.com</a>></span> wrote:<br style="" class="" clear="none">
<blockquote class="" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Hi Anil,<br style="" class="" clear="none">
<br style="" class="" clear="none">
You need to use "trace-cmd record" command and run you client. For example.<br style="" class="" clear="none">
<br style="" class="" clear="none">
I chose to write a tcp simple client server application.<br style="" class="" clear="none">
Server running on remote machine listening on some port<br style="" class="" clear="none">
I executed below command to connect to the server using trace-cmd record<br style="" class="" clear="none">
Below command records all the event and function trace in the kernel,<br style="" class="" clear="none">
<br style="" class="" clear="none">
You can filter these function by passing "-e net:*"<br style="" class="" clear="none">
this command will generate a report of all the function that kernel executed.<br style="" class="" clear="none">
You can read the report afterwords. using trace-cmd report.<br style="" class="" clear="none">
<br style="" class="" clear="none">
#sudo trace-cmd record -e all ./tcpc 10.0.0.28<br style="" class="" clear="none">
#ls<br style="" class="" clear="none">
#tcpc tcpc.c trace.dat<br style="" class="" clear="none">
#trace-cmd report<br style="" class="" clear="none">
<br style="" class="" clear="none">
You can also user perf command to trace the kernel functions.<br style="" class="" clear="none">
<br style="" class="" clear="none">
#sudo perf record -e probe:tcp_sendmsg<br style="" class="" clear="none">
<br style="" class="" clear="none">
#perf report<br style="" class="" clear="none">
<br style="" class="" clear="none">
perf examples can be found below.<br style="" class="" clear="none">
<br style="" class="" clear="none">
<a style="" class="" rel="nofollow" shape="rect" target="_blank" href="http://www.brendangregg.com/perf.html">http://www.brendangregg.com/perf.html</a><br style="" class="" clear="none">
<span style="" class=""><font style="" class="" color="#888888"><br style="" class="" clear="none">
-Anand Moon<br style="" class="" clear="none">
</font></span><div style="" class=""><div style="" class=""><br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
On Tuesday, July 15, 2014 10:34 PM, Jeff Haran <<a style="" class="" rel="nofollow" shape="rect" ymailto="mailto:Jeff.Haran@citrix.com" target="_blank" href="mailto:Jeff.Haran@citrix.com">Jeff.Haran@citrix.com</a>> wrote:<br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
This helps me to see the forest for the trees. And it’s pretty current:<br style="" class="" clear="none">
<br style="" class="" clear="none">
<a style="" class="" rel="nofollow" shape="rect" target="_blank" href="http://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg">http://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg</a><br style="" class="" clear="none">
<br style="" class="" clear="none">
Jeff Haran<br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
<a style="" class="" rel="nofollow" shape="rect" ymailto="mailto:From%3Akernelnewbies-bounces@kernelnewbies.org" target="_blank" href="mailto:From%3Akernelnewbies-bounces@kernelnewbies.org">From:kernelnewbies-bounces@kernelnewbies.org</a> [mailto:<a style="" class="" rel="nofollow" shape="rect" ymailto="mailto:kernelnewbies-bounces@kernelnewbies.org" target="_blank" href="mailto:kernelnewbies-bounces@kernelnewbies.org">kernelnewbies-bounces@kernelnewbies.org</a>] On Behalf Of Anil Joshi<br style="" class="" clear="none">
Sent: Tuesday, July 15, 2014 7:38 AM<br style="" class="" clear="none">
To: kernelnewbies<br style="" class="" clear="none">
Subject: Path of network packet in kernel<br style="" class="" clear="none">
<br style="" class="" clear="none">
Hi All,<br style="" class="" clear="none">
<br style="" class="" clear="none">
I am just new to all this,just wanted to trace the path of the packet since it enter the system(inside the kernel (functions and system calls)) and reaches the destination application.<br style="" class="" clear="none">
<br style="" class="" clear="none">
How to do that.<br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
Regards<br style="" class="" clear="none">
<br style="" class="" clear="none">
<br style="" class="" clear="none">
</div></div><div style="" class=""><div style="" class="">_______________________________________________<br style="" class="" clear="none">
Kernelnewbies mailing list<br style="" class="" clear="none">
<a style="" class="" rel="nofollow" shape="rect" ymailto="mailto:Kernelnewbies@kernelnewbies.org" target="_blank" href="mailto:Kernelnewbies@kernelnewbies.org">Kernelnewbies@kernelnewbies.org</a><br style="" class="" clear="none">
<a style="" class="" rel="nofollow" shape="rect" target="_blank" href="http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies">http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies</a><br style="" class="" clear="none">
</div></div></blockquote></div><br style="" class="" clear="none"></div></div></div></div><br style="" class=""><div style="" class="" id="yqt23386">_______________________________________________<br style="" class="" clear="none">Kernelnewbies mailing list<br style="" class="" clear="none"><a style="" class="" shape="rect" ymailto="mailto:Kernelnewbies@kernelnewbies.org" href="mailto:Kernelnewbies@kernelnewbies.org">Kernelnewbies@kernelnewbies.org</a><br style="" class="" clear="none"><a style="" class="" shape="rect" href="http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies" target="_blank">http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies</a><br style="" class="" clear="none"></div><br style="" class=""><br style="" class=""></div> </div> </div> </div> </div></body></html>