Skip to content
/ skbtrace Public

Helper tool for generating and running BPFTrace scripts which trace and measure timings related to Linux Networking Stack, specifically SocKet Buffer contents

License

MIT license
83 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yandex-cloud/skbtrace

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
cmd
cmd
 
 
docs
docs
 
 
pkg
pkg
 
 
.gitignore
.gitignore
 
 
AUTHORS.md
AUTHORS.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE.md
LICENSE.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
USAGE.md
USAGE.md
 
 
builder.go
builder.go
 
 
byteorder_amd64.go
byteorder_amd64.go
 
 
byteorder_default.go
byteorder_default.go
 
 
errors.go
errors.go
 
 
features.go
features.go
 
 
features_test.go
features_test.go
 
 
field_helpers.go
field_helpers.go
 
 
fields.go
fields.go
 
 
filter.go
filter.go
 
 
filter_test.go
filter_test.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
object_test.go
object_test.go
 
 
objects.go
objects.go
 
 
probes.go
probes.go
 
 
program.go
program.go
 
 
revive.toml
revive.toml
 
 
runner.go
runner.go
 
 
timeit.go
timeit.go
 
 
tracer.go
tracer.go
 
 
weak_alias.go
weak_alias.go
 
 

Repository files navigation

skbtrace is a helper tool for generating and running BPFTrace scripts which trace and measure timings related to Linux Networking Stack, specifically SocKet Buffer contents (hence the name).

It can be used to:

  • find TCP retransmits even in encapsulated packets;
  • roughly measure packet forwarding times;
  • simple tcpdump replacement which allows to trace some kernel routines which are not accessible by tcpdump.

An example of such routine is kfree_skb which is called when kernel frees (drops) packet.

Go Reference

Usage

For the usage examples see Usage

For full documentation see skbtrace(1)

Building

go get -u github.com/yandex-cloud/skbtrace
go build -o skbtrace

or

git clone github.com/yandex-cloud/skbtrace
make build

Requirements

skbtrace is tested with Linux Kernel 4.14 and BPFTrace 0.9.2.

Extending

skbtrace can be extended by:

  • Adding extra shortcut commands and root command child while using one of the visitors such as DumpTracerCommand.
  • Extending builder with additional protocols, field and probe descriptions in SetUp() method of cli dependencies structure.
  • Or by simply contributing a patch (see Contributing).

License

See License

About

Helper tool for generating and running BPFTrace scripts which trace and measure timings related to Linux Networking Stack, specifically SocKet Buffer contents

Topics

linux tracing ebpf network-analysis bpftrace

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

83 stars

Watchers

9 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages