LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Network communication by task (https://www.linuxquestions.org/questions/linux-newbie-8/network-communication-by-task-4175493427/)

daf1kpp 02-02-2014 07:19 AM

Network communication by task
 
Hi,
Let's say i have PID of task and I want to get all bytes that this process is sending through network.

How to ?

jpollard 02-02-2014 08:05 AM

By itself, you can't.

Unless the socket is currently open you won't get anything.

The problem is that looking at such diverse information will not be atomic - the socket indicated by the /proc/<pid>/fd may close before you can look at anything else (as it does for a web browser).

It is actually easier to do a netstat -t (list all tcp open sockets), then search through the list for processes that have those open, and look for your process.

But capturing the data doesn't work... you have to first capture ALL the data, then identify the pid/socket you are interested in, then look through the captured data for that socket.

There could be a better way, but I don't know it offhand...

chrism01 02-03-2014 03:42 AM

Use
Code:

netstat -tanp # or uanp for udp
to see what port/host is involved.
Use tcpdump http://www.wains.be/pub/networking/t...ed_filters.txt matching on host & port to get the data.


All times are GMT -5. The time now is 03:36 AM.