LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   C Library for lsof (http://www.linuxquestions.org/questions/linux-security-4/c-library-for-lsof-183332/)

loki.guz_BR 05-19-2004 11:43 AM

C Library for lsof
 
Hi there,

I am in the process of writing some simple intrusion detection system in linux, and I have reachen a point where I have to, given a port number, return the process using this port, like running lsof -i on the shell. Does any1 know of a function written in c that, given the port number, will return me the same info lsof -i returns???

Thanks in advance...

nukkel 05-19-2004 02:19 PM

Hi,

I don't know if there is a library to do this. May very well be. If you don't find one, here's how you could do it yourself in a program:

* read /proc/net/tcp (or udp) and look at the last column of the line concerning the port you want to check (the one that says inode)

* check every /proc/<pid>/fd directory for symlinks pointing to "socket:[<inode>]" where <inode> is this number

I'm not sure if there is an alternative to iterating over all those directories...:(

Good luck finding a library!

See ya
nukkel


All times are GMT -5. The time now is 03:27 AM.