For debugging purposes one often times needs to know the communication partner on a socket or pipe a program has open. This information is not readily available: <br/><br/> <q>ls -l /proc/<pid>/fd</q> provides output like:<br/> <blockquote> lr-x------ 1 root root 64 Oct 15 08:26 27 -> pipe:[5144]<br/> lrwx------ 1 root root 64 Oct 15 08:26 28 -> socket:[5146]<br/> lrwx------ 1 root root 64 Oct 15 08:26 29 -> socket:[5148] </blockquote> <q>lsof</q> shows:<br/> <blockquote> systemd 1 root 42u unix 0xffff88023f1367c0 0t0 5148 socket </blockquote> <q>netstat</q> shows:<br/> <blockquote> unix 3 [ ] STREAM CONNECTED 5148 </blockquote> <q>socklist</q> only covers network sockets. <br/><br/> A tool is missing that allows one to find the communication partner of an (unnamed) socket or (unnamed) pipe. <br/> Goal of this project is to research where this information can be found, make it available and create a demo tool collecting this information. This demo tool should serve as a sample implementation which can be used to integrate the functionality into other tools.

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 11

Activity

  • over 9 years ago: mvidner liked this project.
  • over 9 years ago: jordimassaguerpla liked this project.
  • over 9 years ago: ebischoff liked this project.
  • over 9 years ago: michal-m liked this project.
  • over 9 years ago: eeich started this project.
  • over 9 years ago: eeich originated this project.

  • Comments

    • eeich
      over 9 years ago by eeich | Reply

      It turned out that implementing this was a lot easier than I thought. The unix socket struct of the kernel has a member which points directly to the socket of the peer. From this the inode of the peer can be obtained easily. I wonder who this information hasn't been made available in /proc/net/unix. To avoid modifying this proc file a new proc file was added: /proc/net/unix_peer listing the sockets which have peers (are not in listening state) and their peers. The iterator funciton is just 16 lines of code plus some overhead to add the new entry. Pipe pairs are easy to find - they share the same inode. To identify the processes which communicate over these pipes and sockets more easily there are two perl scripts processing the information from /proc. To ease processing in user space there are

    Similar Projects

    This project is one of its kind!