Home > Developer > Linux

How to get the current flow of a process in GNU Linux

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more > 

/********************************************************************* * Author:samson * date:11/19/2014 * Test PL Atform: * 3.13.0-24-generic * GNU bash, 4.3.11 (1)-release * *********************************** ********************************/

The following steps are mainly divided into:

(1), by using the capture Packet Libpcap library technology, to obtain the network traffic packets, so that each network communication packet Five (source address, destination address, source port, destination port, protocol number) information and the current packet traffic size, to obtain this information to establish a table, The packet size information for the same session in this table accumulates the size of the packet as the session continues to interact.

(2), through all the links under the fd/directory of all processes under/proc/to see the value of link, will traverse to all the connections that contain the socket: start, the process number and the corresponding process number traversed, the process corresponding to all socket FD corresponding inode number to be built. At the command line, you can enter the following command to view the current network connection status of a process, as in Firefox (for example):

#get PID of Firefox
[email protected]:~$ ps aux | grep Firefox
V0id 2143 7.8 21.0 1138824 433960? Sl 11:19 44:36/usr/lib/firefox/firefox
Get Firefox process number 2143, then view the file descriptor under FD of this process, use the following command to see the file descriptor information about the socket under this process, After the result of the Readlink, there is the FD (file descriptor) that is used for the network connection, immediately after the socket: the inode number of the FD, the execution command is as follows:
[Email protected]:~$ ll/proc/2143/fd/| grep socket
LRWX------1 v0id v0id 64 November 11:19 socket:[27273]
LRWX------1 v0id v0id 64 November 20:48 101-socket:[3726782]
LRWX------1 v0id v0id 64 November 11:19 socket:[27336]
LRWX------1 v0id v0id 64 November 11:19 socket:[27337]
LRWX------1 v0id v0id 64 November 11:19 socket:[28264]
LRWX------1 v0id v0id 64 November 20:48 socket:[29375]
LRWX------1 v0id v0id 64 November 20:48 socket:[29692]
LRWX------1 v0id v0id 64 November 20:48 socket:[30810]
LRWX------1 v0id v0id 64 November 20:48 socket:[30812]
LRWX------1 v0id v0id 64 November 20:48 socket:[31803]
LRWX------1 v0id v0id 64 November 11:19 4 socket:[26607]
LRWX------1 v0id v0id 64 November 20:48, socket:[31071]
LRWX------1 v0id v0id 64 November 20:48 socket:[31073]
LRWX------1 v0id v0id 64 November 20:52 socket:[5245647]
LRWX------1 v0id v0id 64 November 20:52 socket:[5244897]
LRWX------1 v0id v0id 64 November 20:52 socket:[5248187]
LRWX------1 v0id v0id 64 November 20:52 socket:[5246226]
LRWX------1 v0id v0id 64 November 20:52 socket:[5246227]
LRWX------1 v0id v0id 64 November 20:52 socket:[5246228]
LRWX------1 v0id v0id 64 November 20:52 socket:[5248188]
LRWX------1 v0id v0id 64 November 20:52 socket:[5248189]
LRWX------1 v0id v0id 64 November 20:52, socket:[5246239]
LRWX------1 v0id v0id 64 November 20:48 socket:[3726781]
LRWX------1 v0id v0id 64 November 20:52 Bayi--socket:[5248214]
LRWX------1 v0id v0id 64 November 20:52-socket:[5248217]
LRWX------1 v0id v0id 64 November 20:52, socket:[5246330]
LRWX------1 v0id v0id 64 November 20:52 socket:[5248215]
LRWX------1 v0id v0id 64 November 20:52, socket:[5246331]
LRWX------1 v0id v0id 64 November 20:52 socket:[5248216]
LRWX------1 v0id v0id 64 November 20:52 socket:[5248218]
LRWX------1 v0id v0id 64 November 20:52 socket:[5249212]
LRWX------1 v0id v0id 64 November 20:48 socket:[37239]
LRWX------1 v0id v0id 64 November 11:19 9 socket:[27820]
LRWX------1 v0id v0id 64 November 20:52 socket:[5248222]
LRWX------1 v0id v0id 64 November 20:52, socket:[5248223]
LRWX------1 v0id v0id 64 November 20:52 socket:[5249279]
LRWX------1 v0id v0id 64 November 20:48 94-socket:[37240]
LRWX------1 v0id v0id 64 November 20:48, socket:[38308]
LRWX------1 v0id v0id 64 November 20:48 socket:[37345]
LRWX------1 v0id v0id 64 November 20:52 98-socket:[5249281]
LRWX------1 v0id v0id 64 November 20:52, socket:[5249282]

(3), through the network connection status file/proc/net/tcp Current communication connection in real-time reading, by getting the source address of the connection, destination address, source goods, the target port can be found in the Packet capture table corresponding to each process connected to the network channel to see the information, By comparing with the five-tuple information obtained by the packet, we can find out the corresponding network traffic of each program in the table established in step (1), then compare the inode of each connection with the table obtained by the traversal process in step (2) to find out the corresponding process of the connection. Here, you can count the traffic for each process, and you can get total network traffic by accumulating the network traffic for each process.
[Email protected]:~$ ll/proc/2143/fd/| grep socket; Cat/proc/net/tcp
SL local_address rem_address St Tx_queue rx_queue tr tm->when retrnsmt uid Timeout inode
0:0101007f:0035 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 12396 1 00000000 100 0 0 10 0
1:0100007f:0277 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 11404 1 00000000 100 0 0 10 0
2:9707A8C0:8BB9 0c7cb5dc:0050 02 00000001:00000000 01:00000166 00000002 1000 0 5243074 2 00000000 400 0 0 2 5
3:9707a8c0:86f7 df08a8c0:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5245647 1 00000000 21 4 8 10-1
4:9707A8C0:BFC9 e99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248217 1 00000000 20 4 24 10-1
5:9707A8C0:85FC ae2ed0cb:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248218 2 00000000 20 4 24 10-1
6:9707a8c0:9052 c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5246239 2 00000000 20 4 20 10-1
7:9707a8c0:9281 925c4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5246331 1 00000000 20 4 8 10-1
8:9707A8C0:DFB3 dd5d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5249212 2 00000000 21 4 24 10-1
9:9707A8C0:DFB5 dd5d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248223 2 00000000 20 4 24 10-1
10:9707a8c0:a614 e19d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5246330 1 00000000 20 4 24 10-1
11:9707a8c0:9051 c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248189 2 00000000 20 4 1 6-1
12:9707a8c0:904b c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5244897 1 00000000 20 4 8 10-1
13:9707a8c0:dfa5 dd5d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248187 2 00000000 20 4 8 10-1
14:9707a8c0:a613 e19d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248214 1 00000000 20 4 24 10-1
15:9707a8c0:905e c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5249281 3 00000000 20 5 3 10-1
16:9707a8c0:eafe df08a8c0:0050 08 00000000:00000001 00:00000000 00000000 1000 0 2102209 1 00000000 20 4 6 50 16
17:9707a8c0:dfb0 dd5d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248216 2 00000000 20 4 24 10-1
18:9707a8c0:904e c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5246227 2 00000000 20 4 20 10-1
19:9707a8c0:dfb6 dd5d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5249279 2 00000000 21 0 0 10-1
20:9707a8c0:905f c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5249282 2 00000000 20 4 9 10-1
21:9707A8C0:C8CF 8805e29f:0050 08 00000000:00000001 00:00000000 00000000 1000 0 273820 1 00000000 20 4 6 43 16
22:9707a8c0:975d 525d58de:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5246226 1 00000000 21 4 24 10-1
23:9707a8c0:9055 c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248215 1 00000000 20 4 20 10-1
24:9707A8C0:DFB4 dd5d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248222 2 00000000 20 4 24 10-1
25:9707A8C0:DFA9 dd5d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5248188 2 00000000 21 4 8 10-1
26:9707a8c0:904f c99d4f75:0050 01 00000000:00000000 00:00000000 00000000 1000 0 5246228 2 00000000 20 4 11 10-1

You can find the same values as the inode numbers listed in (2) in the contents of the Socket:[inode, such as the inode as5248222Connection, the same is said that this connection is a part of Firefox.

How to get the current flow of a process in GNU Linux

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
linux how to get process id how to get process id in unix how to get current date in php how to get current year in php how to get current date in c how to get current date and time in javascript how to get current date in angular 2
Related Article
Linux under the PS command Usage summary
Analysis of UDP packet loss problem in Linux system
VI is failed with error "E382:cannot write, ' buftype ' optio...
Linux error--->export ' = ' not a valid identifier for gen...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More