Linux的API来确定一个进程拥有插座 [英] Linux API to determine sockets owned by a process
问题描述
有一个Linux库,使我说出什么IP套接字是由哪些进程拥有?我想我在寻找 lsof的-i
的方案相同。最后,我想通过的libpcap
来处理。
Is there a Linux library that will enable me to tell what IP sockets are owned by what processes? I guess I'm looking for the programmatic equivalent of lsof -i
. Ultimately, I want to correlate packets seen through libpcap
to processes.
更新:一,两个人用的/ proc /&LT建议; PID> /网/ TCP
和 UDP
,但我的系统上,显示相同的数据为每一个过程,所以它并不能帮助。
UPDATE: A couple of people have suggested using /proc/<pid>/net/tcp
and udp
, but on my system, the same data is shown for every process, so it doesn't help.
推荐答案
我觉得你首先必须通过公开FDS看看在/ proc / * / FD,例如
I think you first have to look through the open fds in /proc/*/fd, e.g.
4 -> socket:[11147]
然后查找引用的套接字(由inode中)在/ proc /网/ TCP(或的/ proc /净/ UDP),例如
and then look for the referenced sockets (by the inode) in /proc/net/tcp (or /proc/net/udp), e.g.
12: B382595D:8B40 D5C43B45:0050 01 00000000:00000000 00:00000000 00000000 1000 0 11065 1 ffff88008bd35480 69 4 12 4 -1
这篇关于Linux的API来确定一个进程拥有插座的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!