I-Yandex ipapashe ikhowudi yomthombo we-skbtrace utility, ebonelela ngezixhobo zokubeka iliso ekusebenzeni kwe-stack yenethiwekhi kunye nokulandelela ukuphunyezwa kwemisebenzi yenethiwekhi kwi-Linux. Usetyenziso luphunyezwa njenge-add-on kwi-BPFtrace dynamic debugging system. Ikhowudi ibhalwe kwi-Go kwaye isasazwe phantsi kwelayisenisi ye-MIT. Ixhasa umsebenzi ngeLinux kernels 4.14+ kunye ne-BPFTrace 0.9.2+ toolkit.
Ngelixa ubalekayo, into eluncedo yeskbtrace ivelisa izikripthi kulwimi olukwinqanaba eliphezulu le-BPFtrace elilandelela ngamandla kwaye lihlalutye ixesha lokwenziwa kwemisebenzi enxulumene ne-Linux isitakhi sothungelwano kunye neziseko zothungelwano. Iincwadi zeempendulo ziye ziguqulelwe kwifom yesicelo se-eBPF zize zisetyenziswe kwinqanaba le-kernel.
Phakathi kwezakhono ezithile ze-skbtrace, umlinganiselo wexesha lokuthumela iipakethi phakathi kwe-interfaces yenethiwekhi engenayo kunye nephumayo, ixesha lokuphila koxhulumaniso lwe-TCP ukusuka ekufumaneni i-SYN ukuya ekufikeni kwe-FIN / RST, ukulibaziseka phakathi kweziganeko ezahlukeneyo zokusetyenzwa kweepakethe, kunye nexesha. ngokuthethathethana uqhagamshelo TCP ziqatshelwe. I-Skbtrace ingasetyenziselwa ukubona ugqithiso lwepakethe ze-TCP, nokuba zifakwe kwezinye iipakethi, kwaye zisebenze njenge-analogue elula ye-tcpdump eluncedo, ekwaziyo ukuhlalutya ukuphunyezwa kweendlela ezithile zekernel, njengokufowunela i-kfree_skb ukukhulula inkumbulo. xa ulahla iipakethi.
umthombo: opennet.ru