man/man8/tcpv4connect.8 - platform/external/bcc - Gitiles

 .TH tcpv4connect 8  "2015-08-25" "USER COMMANDS"
 .SH NAME
 tcpv4connect \- Trace TCP IPv4 active connections (connect()). Uses Linux eBPF/bcc.
 .SH SYNOPSIS
 .B tcpv4connect [\-h] [\-t] [\-x] [\-p PID]
 .SH DESCRIPTION
 This tool traces active TCP IPv4 connections (eg, via a connect() syscall;
 accept() are passive connections). This can be useful for general
 troubleshooting to see what connections are initiated by the local server.

 This works by tracing the kernel tcp_v4_connect() function using dynamic
 tracing, and will need updating to match any changes to this function.

 Since this uses BPF, only the root user can use this tool.
 .SH REQUIREMENTS
 CONFIG_BPF and bcc.
 .SH OPTIONS
 .TP
 \-h
 Print usage message.
 .TP
 \-t
 Include a timestamp column.
 .TP
 \-p PID
 Trace this process ID only (filtered in-kernel).
 .SH EXAMPLES
 .TP
 Trace all active TCP IPv4 connections:
 #
 .B tcpv4connect
 .TP
 Trace all TCP IPv4 connects, and include timestamps:
 #
 .B tcpv4connect \-t
 .TP
 Trace PID 181 only:
 #
 .B tcpv4connect \-p 181
 .SH FIELDS
 .TP
 TIME(s)
 Time of the call, in seconds.
 .TP
 PID
 Process ID
 .TP
 COMM
 Process name
 .TP
 SADDR
 IPv4 source address, as a dotted quad
 .TP
 DADDR
 IPv4 destination address, as a dotted quad
 .TP
 DPORT
 Destination port
 .SH OVERHEAD
 This traces the kernel tcp_v4_connect function and prints output for each event.
 As the rate of this is generally expected to be low (< 1000/s), the overhead is
 also expected to be negligible. If you have an application that is calling a high
 rate of connects()s, such as a proxy server, then test and understand this
 overhead before use.
 .SH SOURCE
 This is from bcc.
 .IP
 https://github.com/iovisor/bcc
 .PP
 Also look in the bcc distribution for a companion _examples.txt file containing
 example usage, output, and commentary for this tool.
 .SH OS
 Linux
 .SH STABILITY
 Unstable - in development.
 .SH AUTHOR
 Brendan Gregg
 .SH SEE ALSO
 tcpaccept(8), funccount(8), tcpdump(8)
	.TH tcpv4connect 8 "2015-08-25" "USER COMMANDS"
	.SH NAME
	tcpv4connect \- Trace TCP IPv4 active connections (connect()). Uses Linux eBPF/bcc.
	.SH SYNOPSIS
	.B tcpv4connect [\-h] [\-t] [\-x] [\-p PID]
	.SH DESCRIPTION
	This tool traces active TCP IPv4 connections (eg, via a connect() syscall;
	accept() are passive connections). This can be useful for general
	troubleshooting to see what connections are initiated by the local server.

	This works by tracing the kernel tcp_v4_connect() function using dynamic
	tracing, and will need updating to match any changes to this function.

	Since this uses BPF, only the root user can use this tool.
	.SH REQUIREMENTS
	CONFIG_BPF and bcc.
	.SH OPTIONS
	.TP
	\-h
	Print usage message.
	.TP
	\-t
	Include a timestamp column.
	.TP
	\-p PID
	Trace this process ID only (filtered in-kernel).
	.SH EXAMPLES
	.TP
	Trace all active TCP IPv4 connections:
	#
	.B tcpv4connect
	.TP
	Trace all TCP IPv4 connects, and include timestamps:
	#
	.B tcpv4connect \-t
	.TP
	Trace PID 181 only:
	#
	.B tcpv4connect \-p 181
	.SH FIELDS
	.TP
	TIME(s)
	Time of the call, in seconds.
	.TP
	PID
	Process ID
	.TP
	COMM
	Process name
	.TP
	SADDR
	IPv4 source address, as a dotted quad
	.TP
	DADDR
	IPv4 destination address, as a dotted quad
	.TP
	DPORT
	Destination port
	.SH OVERHEAD
	This traces the kernel tcp_v4_connect function and prints output for each event.
	As the rate of this is generally expected to be low (< 1000/s), the overhead is
	also expected to be negligible. If you have an application that is calling a high
	rate of connects()s, such as a proxy server, then test and understand this
	overhead before use.
	.SH SOURCE
	This is from bcc.
	.IP
	https://github.com/iovisor/bcc
	.PP
	Also look in the bcc distribution for a companion _examples.txt file containing
	example usage, output, and commentary for this tool.
	.SH OS
	Linux
	.SH STABILITY
	Unstable - in development.
	.SH AUTHOR
	Brendan Gregg
	.SH SEE ALSO
	tcpaccept(8), funccount(8), tcpdump(8)