| M | D | M | D | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | ||||
- Allgemein (14)
- BI/DWH/DB (3)
- Deutsch/German (2)
- economics (3)
- graphic (2)
- ITSM (1)
- mobile (5)
- net (13)
- performance (11)
- programming (16)
- science (7)
- security (5)
- storage (3)
- unix (11)
- web (21)
- 27.2.2011: ARM interrupt processing
- 18.2.2011: doubango
- 4.2.2011: html parser comparison
- 31.1.2011: ssh tunneling trick
- 30.1.2011: Bash scripting guide
- 30.1.2011: programmin socket and ipc
- 30.1.2011: EDM Ollydbg for Linux
- 9.10.2009: Linux kernel report
- 9.10.2009: 60 GHZ ECMA-387 demonstrated
- 30.9.2009: File system
proc/net/netstat monitor
I recently grabbed a little tcl script which you can use for process monitoring. Can’t remember the actual URL where I took it from, and it had no comments in it. Nevertheless, even it’s about a decade ago i worked with tcl, i changed it to print out which TCPext: fields of the netstat command changed. perhaps somebody can use it
#!/usr/bin/tclsh
#
# small utility to print the tcpext. flags that changed.
# Free to use, no warranty etc….
#
# ./mon_linux_netstat
# CTRL-C to stop
#
# Pit 03.07.07
cd /proc/net
set tcp_arr {
TCPEXTFAKE
SyncookiesSent
SyncookiesRecv
SyncookiesFailed
EmbryonicRsts
PruneCalled
RcvPruned
OfoPruned
OutOfWindowIcmps
LockDroppedIcmps
ArpFilter
TW
TWRecycled
TWKilled
PAWSPassive
PAWSActive
PAWSEstab
DelayedACKs
DelayedACKLocked
DelayedACKLost
ListenOverflows
ListenDrops
TCPPrequeued
TCPDirectCopyFromBacklog
TCPDirectCopyFromPrequeue
TCPPrequeueDropped
TCPHPHits
TCPHPHitsToUser
TCPPureAcks
TCPHPAcks
TCPRenoRecovery
TCPSackRecovery
TCPSACKReneging
TCPFACKReorder
TCPSACKReorder
TCPRenoReorder
TCPTSReorder
TCPFullUndo
TCPPartialUndo
TCPDSACKUndo
TCPLossUndo
TCPLoss
TCPLostRetransmit
TCPRenoFailures
TCPSackFailures
TCPLossFailures
TCPFastRetrans
TCPForwardRetrans
TCPSlowStartRetrans
TCPTimeouts
TCPRenoRecoveryFail
TCPSackRecoveryFail
TCPSchedulerFailed
TCPRcvCollapsed
TCPDSACKOldSent
TCPDSACKOfoSent
TCPDSACKRecv
TCPDSACKOfoRecv
TCPAbortOnSyn
TCPAbortOnData
TCPAbortOnClose
TCPAbortOnMemory
TCPAbortOnTimeout
TCPAbortOnLinger
TCPAbortFailed
TCPMemoryPressures
}
#
# read in the values from the netstat file
proc scan_net { _dat} {
upvar $_dat dat
global tcp_arr
set in [open “netstat” “r”]
set l [gets $in]
set l [gets $in]
close $in
set a [split $l ” “]
foreach x $a n $tcp_arr {
if {[string match “TcpExt:” $x]} {
continue
}
set dat($n) $x
#puts “dat von n($n) = $dat($n) ”
}
}
#
# set inital data array and fill it
array set dat {}
scan_net dat
# forever
# sleep 1 second, read in second array
# loop and compare values, if different print the sum
# reset the initial array and copy new to old
while {1} {
after 1000
array set new_dat {}
scan_net new_dat
set somechange 0
foreach a $tcp_arr {
if {[string match “TCPEXTFAKE” $a]} {
continue
}
if {$new_dat($a) != $dat($a)} {
set res [expr {$new_dat($a) - $dat($a)}]
#puts “attribute ‘$a’ from $dat($a) to $new_dat($a) $res”
puts “‘$a’ $res”
set somechange 1
}
}
if {$somechange} {
puts “”
}
array set dat {}
array set dat [array get new_dat]
}