GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → yadutaf → Tracepkt

yadutaf / Tracepkt

Licence: mit
Trace a ping packet journey across network interfaces and namespace on recent Linux. Supports IPv4 and IPv6.

Programming Languages

c
50402 projects - #5 most used programming language

Labels

networkingtracingebpf

Projects that are alternatives of or similar to Tracepkt

Hubble
Hubble - Network, Service & Security Observability for Kubernetes using eBPF
Stars: ✭ 1,245 (+607.39%)
Mutual labels:  networking, tracing, ebpf
uprobe-http-tracer
uprobe-based HTTP tracer for Go binaries
Stars: ✭ 45 (-74.43%)
Mutual labels:  tracing, ebpf
ebpfpub
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
Stars: ✭ 86 (-51.14%)
Mutual labels:  tracing, ebpf
Weaver
Trace Go program execution with uprobes and eBPF
Stars: ✭ 174 (-1.14%)
Mutual labels:  tracing, ebpf
Ebpf
eBPF Utilities, Maps, and more
Stars: ✭ 238 (+35.23%)
Mutual labels:  tracing, ebpf
ipftrace
[Deplicated] Now we have more sophisticated (and compact) implementation in ipftrace2 repository. Please check it as well.
Stars: ✭ 60 (-65.91%)
Mutual labels:  tracing, ebpf
Bpftrace
High-level tracing language for Linux eBPF
Stars: ✭ 4,526 (+2471.59%)
Mutual labels:  tracing, ebpf
rbbcc
BCC port for MRI - this is unofficial bonsai project.
Stars: ✭ 45 (-74.43%)
Mutual labels:  tracing, ebpf
Ebpf exporter
Prometheus exporter for custom eBPF metrics
Stars: ✭ 829 (+371.02%)
Mutual labels:  tracing, ebpf
Awesome Scalability Toolbox
My opinionated list of products and tools used for high-scalability projects
Stars: ✭ 34 (-80.68%)
Mutual labels:  networking, tracing
Cilium
eBPF-based Networking, Security, and Observability
Stars: ✭ 10,256 (+5727.27%)
Mutual labels:  networking, ebpf
Ipftrace2
A packet oriented Linux kernel function call tracer
Stars: ✭ 193 (+9.66%)
Mutual labels:  tracing, ebpf
pwru
Packet, where are you? -- Linux kernel networking debugger
Stars: ✭ 694 (+294.32%)
Mutual labels:  tracing, ebpf
Bpfd
Framework for running BPF programs with rules on Linux as a daemon. Container aware.
Stars: ✭ 396 (+125%)
Mutual labels:  tracing, ebpf
Kube Netc
A Kubernetes eBPF network monitor
Stars: ✭ 48 (-72.73%)
Mutual labels:  networking, ebpf
Skydive
An open source real-time network topology and protocols analyzer
Stars: ✭ 2,086 (+1085.23%)
Mutual labels:  networking, ebpf
Spitfire
An easy to use WebRTC Datachannels library for .NET applications.
Stars: ✭ 164 (-6.82%)
Mutual labels:  networking
Swifthub
GitHub iOS client in RxSwift and MVVM-C clean architecture
Stars: ✭ 2,330 (+1223.86%)
Mutual labels:  networking
Simplenet
An easy-to-use, event-driven, asynchronous network application framework compiled with Java 11.
Stars: ✭ 164 (-6.82%)
Mutual labels:  networking
Netctl
Profile based systemd network management
Stars: ✭ 163 (-7.39%)
Mutual labels:  networking
View All Similar Projects ➔

Tracepkt

Trace a ping packet on the L2 layer, as it crosses Linux network interfaces and namespaces. Supports IPv4 and IPv6.

> modprobe ip_tables ip6_tables
> sudo python tracepkt.py 172.17.0.2
    NETWORK NS        INTERFACE    TYPE ADDRESSES                          IPTABLES
[           0]                  request 172.17.0.1 -> 172.17.0.2               nat.OUTPUT      :ACCEPT
[           0]                  request 172.17.0.1 -> 172.17.0.2            filter.OUTPUT      :ACCEPT
[  4026531992]          docker0 request 172.17.0.1 -> 172.17.0.2               nat.POSTROUTING :ACCEPT
[  4026531992]          docker0 request 172.17.0.1 -> 172.17.0.2          
[  4026531992]      veth61528aa request 172.17.0.1 -> 172.17.0.2          
[  4026533448]             eth0 request 172.17.0.1 -> 172.17.0.2          
[  4026533448]             eth0   reply 172.17.0.2 -> 172.17.0.1          
[  4026531992]      veth61528aa   reply 172.17.0.2 -> 172.17.0.1          
[  4026531992]          docker0   reply 172.17.0.2 -> 172.17.0.1          
[  4026531992]          docker0   reply 172.17.0.2 -> 172.17.0.1            filter.INPUT       :ACCEPT

The first 2 packets going from the current network namespace to a Docker container and going back, crossing a veth pair and a bridge.

Features

  • Record crossed Linux network interfaces
  • Record crossed Linux network namespaces
  • Record crossed iptables chains

Note: The iptables tracing support is experimental. Tracing which specific rule matches within a chain is not supported. This would require to hook into trace_packet netfilter function which is unfortunatly static and therefore private.

The full story

This project started as an illustration for a blog post on perf and eBPF https://blog.yadutaf.fr/2017/07/28/tracing-a-packet-journey-using-linux-tracepoints-perf-ebpf/.

Usage

To use this project, you need a working / recent BCC install on your system. Read more about BCC on their Github repository: https://github.com/iovisor/bcc.

Additionally, you'll need a recent kernel (presumably >= 4.7) and full root privilege.

License

MIT

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].