Chapter 11. Networking Tapset
This family of probe points is used to probe the activities of the network device and protocol layers.
Name
probe::netdev.receive — Data received from network device.
Values
protocol
-
Protocol of received packet.
dev_name
-
The name of the device. e.g: eth0, ath1.
length
-
The length of the receiving buffer.
Name
probe::netdev.transmit — Network device transmitting buffer
Values
protocol
-
The protocol of this packet(defined in include/linux/if_ether.h).
dev_name
-
The name of the device. e.g: eth0, ath1.
length
-
The length of the transmit buffer.
truesize
-
The size of the data to be transmitted.
Name
probe::netdev.change_mtu — Called when the netdev MTU is changed
Synopsis
netdev.change_mtu
Values
dev_name
-
The device that will have the MTU changed
new_mtu
-
The new MTU
old_mtu
-
The current MTU
Name
probe::netdev.open — Called when the device is opened
Values
dev_name
-
The device that is going to be opened
Name
probe::netdev.close — Called when the device is closed
Values
dev_name
-
The device that is going to be closed
Name
probe::netdev.hard_transmit — Called when the devices is going to TX (hard)
Synopsis
netdev.hard_transmit
Values
protocol
-
The protocol used in the transmission
dev_name
-
The device scheduled to transmit
length
-
The length of the transmit buffer.
truesize
-
The size of the data to be transmitted.
Name
probe::netdev.rx — Called when the device is going to receive a packet
Values
protocol
-
The packet protocol
dev_name
-
The device received the packet
Name
probe::netdev.change_rx_flag — Called when the device RX flag will be changed
Synopsis
netdev.change_rx_flag
Values
dev_name
-
The device that will be changed
flags
-
The new flags
Name
probe::netdev.set_promiscuity — Called when the device enters/leaves promiscuity
Synopsis
netdev.set_promiscuity
Values
dev_name
-
The device that is entering/leaving promiscuity mode
enable
-
If the device is entering promiscuity mode
inc
-
Count the number of promiscuity openers
disable
-
If the device is leaving promiscuity mode
Name
probe::netdev.ioctl — Called when the device suffers an IOCTL
Values
cmd
-
The IOCTL request
arg
-
The IOCTL argument (usually the netdev interface)
Name
probe::netdev.register — Called when the device is registered
Values
dev_name
-
The device that is going to be registered
Name
probe::netdev.unregister — Called when the device is being unregistered
Synopsis
netdev.unregister
Values
dev_name
-
The device that is going to be unregistered
Name
probe::netdev.get_stats — Called when someone asks the device statistics
Synopsis
netdev.get_stats
Values
dev_name
-
The device that is going to provide the statistics
Name
probe::netdev.change_mac — Called when the netdev_name has the MAC changed
Synopsis
netdev.change_mac
Values
dev_name
-
The device that will have the MTU changed
new_mac
-
The new MAC address
mac_len
-
The MAC length
old_mac
-
The current MAC address
Name
probe::tcp.sendmsg — Sending a tcp message
Values
name
-
Name of this probe
size
-
Number of bytes to send
sock
-
Network socket
Context
The process which sends a tcp message
Name
probe::tcp.sendmsg.return — Sending TCP message is done
Synopsis
tcp.sendmsg.return
Values
name
-
Name of this probe
size
-
Number of bytes sent or error code if an error occurred.
Context
The process which sends a tcp message
Name
probe::tcp.recvmsg — Receiving TCP message
Values
saddr
-
A string representing the source IP address
daddr
-
A string representing the destination IP address
name
-
Name of this probe
sport
-
TCP source port
dport
-
TCP destination port
size
-
Number of bytes to be received
sock
-
Network socket
Context
The process which receives a tcp message
Name
probe::tcp.recvmsg.return — Receiving TCP message complete
Synopsis
tcp.recvmsg.return
Values
saddr
-
A string representing the source IP address
daddr
-
A string representing the destination IP address
name
-
Name of this probe
sport
-
TCP source port
dport
-
TCP destination port
size
-
Number of bytes received or error code if an error occurred.
Context
The process which receives a tcp message
Name
probe::tcp.disconnect — TCP socket disconnection
Values
saddr
-
A string representing the source IP address
daddr
-
A string representing the destination IP address
flags
-
TCP flags (e.g. FIN, etc)
name
-
Name of this probe
sport
-
TCP source port
dport
-
TCP destination port
sock
-
Network socket
Context
The process which disconnects tcp
Name
probe::tcp.disconnect.return — TCP socket disconnection complete
Synopsis
tcp.disconnect.return
Values
ret
-
Error code (0: no error)
name
-
Name of this probe
Context
The process which disconnects tcp
Name
probe::tcp.setsockopt — Call to setsockopt
Values
optstr
-
Resolves optname to a human-readable format
level
-
The level at which the socket options will be manipulated
optlen
-
Used to access values for setsockopt
name
-
Name of this probe
optname
-
TCP socket options (e.g. TCP_NODELAY, TCP_MAXSEG, etc)
sock
-
Network socket
Context
The process which calls setsockopt
Name
probe::tcp.setsockopt.return — Return from setsockopt
Synopsis
tcp.setsockopt.return
Values
ret
-
Error code (0: no error)
name
-
Name of this probe
Context
The process which calls setsockopt
Name
probe::tcp.receive — Called when a TCP packet is received
Values
urg
-
TCP URG flag
protocol
-
Packet protocol from driver
psh
-
TCP PSH flag
name
-
Name of the probe point
rst
-
TCP RST flag
dport
-
TCP destination port
saddr
-
A string representing the source IP address
daddr
-
A string representing the destination IP address
ack
-
TCP ACK flag
fin
-
TCP FIN flag
syn
-
TCP SYN flag
sport
-
TCP source port
iphdr
-
IP header address
Name
probe::udp.sendmsg — Fires whenever a process sends a UDP message
Values
name
-
The name of this probe
size
-
Number of bytes sent by the process
sock
-
Network socket used by the process
Context
The process which sent a UDP message
Name
probe::udp.sendmsg.return — Fires whenever an attempt to send a UDP message is completed
Synopsis
udp.sendmsg.return
Values
name
-
The name of this probe
size
-
Number of bytes sent by the process
Context
The process which sent a UDP message
Name
probe::udp.recvmsg — Fires whenever a UDP message is received
Values
name
-
The name of this probe
size
-
Number of bytes received by the process
sock
-
Network socket used by the process
Context
The process which received a UDP message
Name
probe::udp.recvmsg.return — Fires whenever an attempt to receive a UDP message received is completed
Synopsis
udp.recvmsg.return
Values
name
-
The name of this probe
size
-
Number of bytes received by the process
Context
The process which received a UDP message
Name
probe::udp.disconnect — Fires when a process requests for a UDP disconnection
Values
flags
-
Flags (e.g. FIN, etc)
name
-
The name of this probe
sock
-
Network socket used by the process
Context
The process which requests a UDP disconnection
Name
probe::udp.disconnect.return — UDP has been disconnected successfully
Synopsis
udp.disconnect.return
Values
ret
-
Error code (0: no error)
name
-
The name of this probe
Context
The process which requested a UDP disconnection
Name
function::ip_ntop — returns a string representation from an integer IP number
Synopsis
function ip_ntop:string(addr:long)
Arguments
addr
-
the ip represented as an integer