* Re: Any tips to retrieve the relationship between socket-related processes
@ 2020-01-20 2:06 杨海
0 siblings, 0 replies; 2+ messages in thread
From: 杨海 @ 2020-01-20 2:06 UTC (permalink / raw)
To: lttng-dev
[-- Attachment #1: Type: text/plain, Size: 2358 bytes --]
Spam detection software, running on the system "ciao.gmane.io",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello, I read this article and want to know whether it is
true that UDP cannot be synchronized between traces and experimental branch
is needed to get the below-mentioned issue resolved. http://archive.eclip
[...]
Content analysis details: (5.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: eclipse.org]
0.3 URIBL_RHS_DOB Contains an URI of a new domain (Day Old Bread)
[URIs: magic-shield.com]
2.4 RCVD_IN_SORBS_SOCKS RBL: SORBS: sender is open SOCKS proxy
server
[59.36.132.88 listed in dnsbl.sorbs.net]
2.5 RCVD_IN_SORBS_HTTP RBL: SORBS: sender is open HTTP proxy server
0.6 HK_RANDOM_ENVFROM Envelope sender username looks random
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 HTML_NONELEMENT_30_40 BODY: 30% to 40% of HTML elements are
non-standard
-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list
manager
0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily
0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
[-- Attachment #2: original message before SpamAssassin --]
[-- Type: message/rfc822, Size: 267035 bytes --]
[-- Attachment #2.1.1.1.1: Type: text/plain, Size: 2345 bytes --]
Hello,
I read this article and want to know whether it is true that UDP cannot be synchronized between traces and experimental branch is needed to get the below-mentioned issue resolved.
http://archive.eclipse.org/tracecompass/doc/org.eclipse.tracecompass.doc.user/Trace-synchronization.html#Trace_synchronization
Regards
Hai
------------------ Original ------------------
From: "杨海"<hai.yang@magic-shield.com>;
Date: Thu, Jan 16, 2020 02:21 PM
To: "lttng-dev"<lttng-dev@lists.lttng.org>;
Subject: Any tips to retrieve the relationship between socket-related processes
Hello,
Below briefly describe our question, hope to know how it can be supported by Lttng, babeltrace, analyses etc.
## IPC Trace:
### What we are doing:
We are trying to use lttng to find some IPC trace
### How we did:
Open Lttng first,then ran server(pid = 1812) and client(pid = 1819) and collect trace.
Client would send message to server and server would just echo what it received from client. They talk with each other by file "/tmp/python_unix_sockets_example".
Scripts can be found here: https://github.com/Aaron0813/LinuxAPTLog/tree/master/socket_AF_UNIX
Trace Link: https://github.com/Aaron0813/LinuxAPTLog/tree/master/socket_AF_UNIX/with_pid_03
### Trace Analysis(Lttng-analysis IO)
1. sshd transmit data:Since we were using ssh to connect server and client, that's why we can see this trace
2. 1819 client: read data from tty
3. 1819 client: send data by socket
4. 1819 client: send data by tty and ssh
5. 1812 server: send data to tty
6. 1812 server: receive data from client
7. Gsd-color gnome: do some display
8. A new round cycle starts after blue line
### Conclusion
In Lttng-Analysis' log:
1. Could not find any trace that related to /tmp/python_unix_sockets_example(we are using this file to communicate)
2. Could not find any relationship that can help us determine whether several processes are communicating
As for babeltrace log,we can only locate and understand the communication processes between server and client with the help of "/tmp/python_unix_sockets_example". However, we cannot find anything that can let us know that these two processes are communicating.
Regards
Hai
[-- Attachment #2.1.1.1.2: Type: text/html, Size: 3290 bytes --]
[-- Attachment #2.1.1.2: FF639AB3@028A5D14.1E0B255E --]
[-- Type: application/octet-stream, Size: 188715 bytes --]
[-- Attachment #2.1.2: Type: text/plain, Size: 156 bytes --]
_______________________________________________
lttng-dev mailing list
lttng-dev@lists.lttng.org
https://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
^ permalink raw reply [flat|nested] 2+ messages in thread[parent not found: <tencent_5F6B34D931D7AD241AA8EF79@qq.com>]
end of thread, other threads:[~2020-01-20 2:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-20 2:06 Any tips to retrieve the relationship between socket-related processes 杨海
[not found] <tencent_5F6B34D931D7AD241AA8EF79@qq.com>
[not found] ` <733360507.225.1574779654690.JavaMail.zimbra@efficios.com>
2020-01-16 6:21 ` 杨海
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).