Re: syscall hook

From: Muli Ben-Yehuda
Date: Wed Sep 24 2003 - 02:12:18 EST

Next message: David Howells: "Re: [CHECKER] 32 Memory Leaks on Error Paths"
Previous message: Paul Dickson: "Re: Horiffic SPAM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Sep 23, 2003 at 08:27:53PM -0300, Bruno Castro da Silva wrote:
> Hi all,
>
> I need to put a hook on a syscall so I can monitor the usage
> of sockets. I'm trying to do so without having to recompile
> the kernel (eg by using modules). Can anyone give me a hint
> on how to achieve this?

What exactly are you trying to do? do you need it to be done on a
system wide level (socket in general) or per application (a specific
socket)?

If it's per socket, just use strace. No kernel hacking
required(TM). If it's system wide, apart from the other options
mentioned in this thread, you can also use syscalltrack
(http://syscalltrack.sf.net). Depending on what you want to do, it may
or may not be the best tool for the job. Note that it doesn't support
2.5 yet, but we're working on it.

Cheers,
Muli
--
Muli Ben-Yehuda
http://www.mulix.org

Attachment: signature.asc
Description: Digital signature

Next message: David Howells: "Re: [CHECKER] 32 Memory Leaks on Error Paths"
Previous message: Paul Dickson: "Re: Horiffic SPAM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]