Re: Fwd: Any way to find the network usage by a process?

[Jose R. Santos]

Irfan Habib wrote:
> Hi,
>
> Is there any method either kernel or user level which tells me which
> process is generating how much traffic from a machine. For example if
> some process is flooding the network, then I would like to know which
> process (PID ideally), is generating the most traffic.
>
>   

A while ago I did a SystemTap script to solve a problem similar to 
this.  It's been siting in my system for a while collecting dust and you 
currently don't need the embedded C code since the networking.stp tapset 
has all this script needs(and more), but I should point you in the right 
direction.

This worked a couple of months ago but it is currently untested.  Hope 
it helps.

-JRS


global ifstats, ifdevs, execname

%{
#include<linux/skbuff.h>
#include<linux/netdevice.h>
%}

probe kernel.function("dev_queue_xmit")
{
       execname[pid()] = execname()
       name=skb_to_name($skb)
       ifdevs[name] = name
       ifstats[pid(),name] <<< 1
}

function skb_to_name:string (skbuff:long)
%{
       struct sk_buff *skbuff = (struct sk_buff *)((long)THIS->skbuff);
       struct net_device *netdev = skbuff->dev;
       sprintf (THIS->__retvalue, "%s" , netdev->name);
%}

probe timer.ms(5000)
{
       exit()
}

probe end {
       foreach( pid in execname) {
               if (pid == 0) continue
               printf("%15s[%5d] ->\t", execname[pid],pid)
               foreach( ifname in ifdevs) {
                       printf("[%s:%7d] \t", ifname, 
@count(ifstats[pid, ifname]))
               }
               print("\n")
       }
       print("\n")
}

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/