This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: udp.sendmsg

From: fche at redhat dot com (Frank Ch. Eigler)
To: <webman at manfbraun dot de>
Cc: <systemtap at sourceware dot org>
Date: Tue, 19 Jul 2016 10:41:39 -0400
Subject: Re: udp.sendmsg
Authentication-results: sourceware.org; auth=none
References: <!&!AAAAAAAAAAAYAAAAAAAAAOosgHnoPqdNlUO2DUrQ/DfCgAAAEAAAALIQ9N06hUJCikHNx7UT8tIBAAAAAA==@manfbraun.de>

<webman@manfbraun.de> writes:

> [...]
> probe udp.sendmsg {
>   if ( dport == 53 ) {
> [...]
> This should provide me with all processes which make DNS calls (per UDP).

Yeah.  This should be more reliable.  Sometimes, the port number data
is not available to systemtap due to debuginfo quality or related
problems.  Once we solve https://sourceware.org/bugzilla/show_bug.cgi?id=19753
(redirect udp.* probes to netfilter.* probes), it should become reliable.

> # stap -e 'probe netfilter.ip.local_out {
>   if (dport == 53) # or parametrize
> [...]
> Same problem.

That part should be working.  Are you getting probe hits (e.g.,
counted via stap -t ...), just wrong dport values, for the dns
traffic?

- FChE

Follow-Ups:
- RE: udp.sendmsg
  - From: webman

References:
- udp.sendmsg
  - From: webman

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]