This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
Re: udp.sendmsg
- From: fche at redhat dot com (Frank Ch. Eigler)
- To: <webman at manfbraun dot de>
- Cc: <systemtap at sourceware dot org>
- Date: Tue, 19 Jul 2016 10:41:39 -0400
- Subject: Re: udp.sendmsg
- Authentication-results: sourceware.org; auth=none
- References: <!&!AAAAAAAAAAAYAAAAAAAAAOosgHnoPqdNlUO2DUrQ/DfCgAAAEAAAALIQ9N06hUJCikHNx7UT8tIBAAAAAA==@manfbraun.de>
<webman@manfbraun.de> writes:
> [...]
> probe udp.sendmsg {
> if ( dport == 53 ) {
> [...]
> This should provide me with all processes which make DNS calls (per UDP).
Yeah. This should be more reliable. Sometimes, the port number data
is not available to systemtap due to debuginfo quality or related
problems. Once we solve https://sourceware.org/bugzilla/show_bug.cgi?id=19753
(redirect udp.* probes to netfilter.* probes), it should become reliable.
> # stap -e 'probe netfilter.ip.local_out {
> if (dport == 53) # or parametrize
> [...]
> Same problem.
That part should be working. Are you getting probe hits (e.g.,
counted via stap -t ...), just wrong dport values, for the dns
traffic?
- FChE