Question about udp.sendmsg / udp.recvmsg

public inbox for systemtap@sourceware.org
 help / color / mirror / Atom feed

* Question about udp.sendmsg / udp.recvmsg
@ 2020-07-16  4:01 Lee Eric
  0 siblings, 0 replies; only message in thread
From: Lee Eric @ 2020-07-16  4:01 UTC (permalink / raw)
  To: systemtap

Hi,

I have a quick question about what udp.sendmsg captures. I wrote a
small script to capture all processes are sending / receiving UDP
packets:

#!/usr/bin/env stap

probe udp.sendmsg {
printf("Req - time: [%s] pid: [%d] cmd: [%s] %s:%d => %s:%d\n",
ctime(gettimeofday_s()), pid(), execname(), saddr, sport, daddr,
dport)
}

probe udp.recvmsg {
printf("Resp - time: [%s] pid: [%d] cmd: [%s] %s:%d => %s:%d\n",
ctime(gettimeofday_s()), pid(), execname(), daddr, dport, saddr,
sport)
}

So I also triggered tcpdump to capture UDP traffic. I noticed the
systemtap shows some udp.sendmsg / udp.recvmsg probes are triggered
but there's no request on tcpdump side. So what possible reason can
cause this behavior? Is that normal?

Thanks.

Eric

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2020-07-16  4:01 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-16  4:01 Question about udp.sendmsg / udp.recvmsg Lee Eric

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).