Yandex e phatlalalitse khoutu ea mohloli oa ts'ebeliso ea skbtrace, e fanang ka lisebelisoa tsa ho lekola ts'ebetso ea marang-rang le ho ts'oara ts'ebetso ea ts'ebetso ea marang-rang Linux. Ts'ebeliso e kengoa ts'ebetsong e le tlatsetso ho sistimi e matla ea ho lokisa ea BPFtrace. Khoutu e ngotsoe ho Go mme e ajoa tlasa laesense ea MIT. E tšehetsa mosebetsi ka Linux kernels 4.14+ le BPFTrace 0.9.2+ toolkit.
Ha e ntse e sebetsa, ts'ebeliso ea skbtrace e hlahisa lingoloa ka puo ea boemo bo holimo ea BPFtrace e latellang le ho sekaseka nako ea ts'ebetso ea ts'ebetso e amanang le sethala sa marang-rang sa Linux le li-sockets tsa marang-rang. Lingoliloeng li fetoleloa ho foromo ea kopo ea eBPF ebe li etsoa boemong ba kernel.
Har'a bokhoni bo khethehileng ba skbtrace, tekanyo ea nako ea ho romela lipakete pakeng tsa li-interfaces tsa marang-rang tse kenang le tse tsoang, nako ea bophelo ba TCP ho tloha ho amohela SYN ho fihla ha FIN / RST, ho lieha pakeng tsa liketsahalo tse fapaneng tsa ho sebetsana le pakete, le nako. bakeng sa ho buisana ka khokahano ea TCP li hlokometsoe. Skbtrace e ka boela ea sebelisoa ho bona phetisetso ea lipakete tsa TCP, leha li kentsoe ka har'a lipakete tse ling, 'me li sebetsa joalo ka analogue e bonolo ea ts'ebeliso ea tcpdump, e khonang ho sekaseka ts'ebetso ea mekhoa e itseng ea kernel, joalo ka ho letsetsa kfree_skb ho lokolla mohopolo. ha u lahla lipakete.
Source: opennet.ru