C Library for lsof
I am in the process of writing some simple intrusion detection system in linux, and I have reachen a point where I have to, given a port number, return the process using this port, like running lsof -i on the shell. Does any1 know of a function written in c that, given the port number, will return me the same info lsof -i returns???
Thanks in advance...
I don't know if there is a library to do this. May very well be. If you don't find one, here's how you could do it yourself in a program:
* read /proc/net/tcp (or udp) and look at the last column of the line concerning the port you want to check (the one that says inode)
* check every /proc/<pid>/fd directory for symlinks pointing to "socket:[<inode>]" where <inode> is this number
I'm not sure if there is an alternative to iterating over all those directories...:(
Good luck finding a library!
|All times are GMT -5. The time now is 11:22 AM.|