logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

dtrace_ip — a DTrace provider for tracing events related to the IPv4 and IPv6 protocols

Contents

Arguments

       The pktinfo_t  argument  is  currently  unimplemented  and  is  included  for  compatibility  with  other
       implementations of this provider.  Its fields are:

             uintptr_tpkt_addr  Always set to 0.

       The  csinfo_t  argument  is  currently  unimplemented  and  is  included  for  compatibility  with  other
       implementations of this provider.  Its fields are:

             uintptr_tcs_addr  Always set to 0.

             uint64_tcs_cid    A pointer to the structinpcb for this packet, or NULL.

             pid_tcs_pid       Always set to 0.

       The ipinfo_t argument contains IP fields common to both IPv4 and IPv6 packets.  Its fields are:

             uint8_tip_ver       IP version of the packet, 4 for IPv4 packets and 6 for IPv6 packets.

             uint32_tip_plength  IP payload size.  This does not include the size of  the  IP  header  or  IPv6
                                  option headers.

             stringip_saddr      IP source address.

             stringip_daddr      IP destination address.

       The  ifinfo_t  argument  describes the outgoing and incoming interfaces for the packet in the ip:::send()
       and ip:::receive() probes respectively.  Its fields are:

             stringif_name     The interface name.

             int8_tif_local    A boolean value indicating whether or not the interface is a loopback interface.

             uintptr_tif_addr  A pointer to the structifnet which describes the interface.  See  the  ifnet(9)
                                manual page.

       The ipv4info_t argument contains the fields of the IP header for IPv4 packets.  This argument is NULL for
       IPv6 packets.  DTrace scripts should use the ip_ver() field in the ipinfo_t argument to determine whether
       to use this argument.  Its fields are:

             uint8_tipv4_ver        IP version.  This will always be 4 for IPv4 packets.

             uint8_tipv4_ihl        The IP header length, including options, in 32-bit words.

             uint8_tipv4_tos        IP type of service field.

             uint16_tipv4_length    The total packet length, including the header, in bytes.

             uint16_tipv4_ident     Identification field.

             uint8_tipv4_flags      The IP flags.

             uint16_tipv4_offset    The fragment offset of the packet.

             uint8_tipv4_ttl        Time to live field.

             uint8_tipv4_protocol   Next-level protocol ID.

             stringipv4_protostr    A  string  containing  the name of the encapsulated protocol.  The protocol
                                     strings are defined in the protocol array in /usr/lib/dtrace/ip.duint16_tipv4_checksum  The IP checksum.

             ipaddr_tipv4_src       IPv4 source address.

             ipaddr_tipv4_dst       IPv4 destination address.

             stringipv4_saddr       A string representation of the source address.

             stringipv4_daddr       A string representation of the destination address.

             ipha_t*ipv4_hdr        A pointer to the raw IPv4 header.

       The ipv6info_t argument contains the fields of the IP header for IPv6 packets.  Its fields  are  not  set
       for IPv4 packets; as with the ipv4info_t argument, the ip_ver() field should be used to determine whether
       this argument is valid.  Its fields are:

             uint8_tipv6_ver        IP version.  This will always be 6 for IPv6 packets.

             uint8_tipv6_tclass     The  traffic  class,  used to set the differentiated services codepoint and
                                     extended congestion notification flags.

             uint32_tipv6_flow      The flow label of the packet.

             uint16_tipv6_plen      The IP payload size, including extension headers, in bytes.

             uint8_tipv6_nexthdr    An identifier for the type of the next header.

             stringipv6_nextstr     A string representation of the type of the next header.

             uint8_tipv6_hlim       The hop limit.

             ip6_addr_t*ipv6_src    IPv6 source address.

             ip6_addr_t*ipv6_dst    IPv6 destination address.

             stringipv6_saddr       A string representation of the source address.

             stringipv6_daddr       A string representation of the destination address.

             structip6_hdr*ipv6_hdr
                                     A pointer to the raw IPv6 header.

Authors

       This manual page was written by Mark Johnston <markj@FreeBSD.org>.

Debian                                         September 14, 2015                                   DTRACE_IP(4)

Compatibility

       This provider is compatible with the ip providers found in Solaris and Darwin.

Description

       The  DTrace  ip  provider  allows users to trace events in the ip(4) and ip6(4) protocol implementations.
       The ip:::send() probe fires whenever the kernel prepares to transmit an IP packet, and the ip:::receive()
       probe fires whenever the kernel receives an IP packet.  The arguments to these  probes  can  be  used  to
       obtain  detailed  information  about  the  IP headers of the corresponding packet, as well as the network
       interface on which the  packet  was  sent  or  received.   Unlike  the  dtrace_tcp(4)  and  dtrace_udp(4)
       providers,  ip  provider  probes  are  triggered  by forwarded packets.  That is, the probes will fire on
       packets that are not destined to the local host.

Examples

       The following script counts received packets by remote host address.

             ip:::receive
             {
                     @num[args[2]->ip_saddr] = count();
             }

       This script will print some details of each IP packet as it is sent or received by the kernel:

             #pragma D option quiet
             #pragma D option switchrate=10Hz

             dtrace:::BEGIN
             {
                     printf(" %10s %30s    %-30s %8s %6s\n", "DELTA(us)", "SOURCE",
                         "DEST", "INT", "BYTES");
                     last = timestamp;
             }

             ip:::send
             {
                     this->elapsed = (timestamp - last) / 1000;
                     printf(" %10d %30s -> %-30s %8s %6d\n", this->elapsed,
                         args[2]->ip_saddr, args[2]->ip_daddr, args[3]->if_name,
                         args[2]->ip_plength);
                     last = timestamp;
             }

             ip:::receive
             {
                     this->elapsed = (timestamp - last) / 1000;
                     printf(" %10d %30s <- %-30s %8s %6d\n", this->elapsed,
                         args[2]->ip_daddr, args[2]->ip_saddr, args[3]->if_name,
                         args[2]->ip_plength);
                     last = timestamp;
             }

Files

/usr/lib/dtrace/ip.d  DTrace type and translator definitions for the ip provider.

History

       The ip provider first appeared in FreeBSD 10.0.

Name

       dtrace_ip — a DTrace provider for tracing events related to the IPv4 and IPv6 protocols

See Also

dtrace(1), dtrace_tcp(4), dtrace_udp(4), ip(4), ip6(4), ifnet(9), SDT(9)

Synopsis

ip:::receive(pktinfo_t*, csinfo_t*, ipinfo_t*, ifinfo_t*, ipv4info_t*, ipv6info_t*);

       ip:::send(pktinfo_t*, csinfo_t*, ipinfo_t*, ifinfo_t*, ipv4info_t*, ipv6info_t*);

See Also

Man Pages
dtrace Man Pages
Man Pages
ipv6 Man Pages
Man Pages
packetsender Man Pages
Man Pages
rte_eth_tcpv4_flow Man Pages
Man Pages
packet Man Pages
Address
Address PNG Icons
MCP
Argumentation-logic-engines Mcp
Man Pages
ipv4 Man Pages
Man Pages
uint8_t * Man Pages
← View Device files Category← Back to Miscellaneous diversions🙏  Credits & Acknowledgments