Re: Reading network connections for processes in a separate net namespaces from /proc/[pid]/net/tcp|tcp6

2016-01-25 Thread dariusz ostolski 
Hello,


2016-01-22 10:21 GMT+01:00 Rami Rosen :
>>I've found
>>functions for global files, maybe they are the same). I'd like to
>>check when these files where introduced (from what kernel version they
>>are available)
>
> Support for kernel network namesapces was added with kernel 2.6.29.
> It is basically based on adding an object called "net_ns" to the
> process descriptor, and instance of struct net, which represents a
> network namesapce. You can think of such object as representing the
> network state of a process, including all stats, sockets, devices,
> tables, and so on. This net_ns is a member of an object called
> nsproxy, which includes pointers to 4 other namesapces (uts, mnt, pid
> and ipc).
>
>
>>and there is no information about network
>>namespaces at all (google, stackoverflow, man pages, kernel docs)
>

Thank You for your answer it gave me some clues so I was not
completely blind when I checked kernel source code.
Nevertheless, excuse me for not being precise enough, what I meant is
that I couldn't find any docs about those 2 specific files:
1. /proc/[pid]/net/tcp
2. /proc/[pid]/net/tcp6

And how is their content related to net namespaces?

I want to read connections for a process that is in a separate net
namespace but I'd like to avoid switching to that namespace,
my experiments showed that reading /proc/[pid]/net/tcp|tcp6 should be
enough, but I'd like to find confirmation of that
 either in official docs (which I couldnt find) or in kernel source
code (I failed there too).

Again thank You in advance for your help.

Regards,
Darek

___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: Reading network connections for processes in a separate net namespaces from /proc/[pid]/net/tcp|tcp6

2016-01-25 Thread Rami Rosen 
Hi, Darek,

cat  /proc/[pid]/net/tcp
 is handled by
 http://lxr.free-electrons.com/source/net/ipv4/tcp_ipv4.c#L2230

and cat /proc/[pid]/net/tcp6
is handled by:
http://lxr.free-electrons.com/source/net/ipv6/tcp_ipv6.c#L1782

Hope it helps!

Regards,
Rami Rosen
http://ramirose.wix.com/ramirosen

On 25 January 2016 at 15:00, dariusz ostolski
 wrote:
> Hello,
>
>
> 2016-01-22 10:21 GMT+01:00 Rami Rosen :
>>>I've found
>>>functions for global files, maybe they are the same). I'd like to
>>>check when these files where introduced (from what kernel version they
>>>are available)
>>
>> Support for kernel network namesapces was added with kernel 2.6.29.
>> It is basically based on adding an object called "net_ns" to the
>> process descriptor, and instance of struct net, which represents a
>> network namesapce. You can think of such object as representing the
>> network state of a process, including all stats, sockets, devices,
>> tables, and so on. This net_ns is a member of an object called
>> nsproxy, which includes pointers to 4 other namesapces (uts, mnt, pid
>> and ipc).
>>
>>
>>>and there is no information about network
>>>namespaces at all (google, stackoverflow, man pages, kernel docs)
>>
>
> Thank You for your answer it gave me some clues so I was not
> completely blind when I checked kernel source code.
> Nevertheless, excuse me for not being precise enough, what I meant is
> that I couldn't find any docs about those 2 specific files:
> 1. /proc/[pid]/net/tcp
> 2. /proc/[pid]/net/tcp6
>
> And how is their content related to net namespaces?
>
> I want to read connections for a process that is in a separate net
> namespace but I'd like to avoid switching to that namespace,
> my experiments showed that reading /proc/[pid]/net/tcp|tcp6 should be
> enough, but I'd like to find confirmation of that
>  either in official docs (which I couldnt find) or in kernel source
> code (I failed there too).
>
> Again thank You in advance for your help.
>
> Regards,
> Darek

___
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

Re: Reading network connections for processes in a separate net namespaces from /proc/[pid]/net/tcp|tcp6

2016-01-22 Thread Rami Rosen 
Hi,Darek,

>I've found
>functions for global files, maybe they are the same). I'd like to
>check when these files where introduced (from what kernel version they
>are available)

Support for kernel network namesapces was added with kernel 2.6.29.
It is basically based on adding an object called "net_ns" to the
process descriptor, and instance of struct net, which represents a
network namesapce. You can think of such object as representing the
network state of a process, including all stats, sockets, devices,
tables, and so on. This net_ns is a member of an object called
nsproxy, which includes pointers to 4 other namesapces (uts, mnt, pid
and ipc).


>and there is no information about network
>namespaces at all (google, stackoverflow, man pages, kernel docs)

This is not really so. Look for example in the following:

Namespaces and Cgroups – the basis of Linux Containers by Rami Rosen

http://files.meetup.com/18720713/Namespaces_Cgroups_Conatiners.pdf

"Resource management: Linux kernel Namespaces and cgroups by Rami Rosen
http://www.haifux.org/lectures/299/netLec7.pdf

Namespaces in operation, part 7: Network namespaces by Jake Edge
https://lwn.net/Articles/580893/

Introduction to Network Namepaces - David Mahler
https://www.youtube.com/watch?v=_WgUwUf1d34

(Shamless plug, I am the owner of the first two links...)

Hope this helps,

Regards,
Rami Rosen
http://ramirose.wix.com/ramirosen



On 22 January 2016 at 10:34, dariusz ostolski
 wrote:
> Hello,
>
> My name is Darek Ostolski, I'm computer enthusiast and hobbyst (also a
> developer).
> If this is incorrect mailing list excuse me and please point to
> the appropriate place to ask this kind of question. I couldn't find
> any other more
> appropriate place.
>
> I have a process that is in the separate net namespace (basically a
> container) and I want to check opened connections for that process. I
> have a kernel 4.3.3.
> My experiments showed that this information is available in
> /proc/[pid]/net/tcp|tcp6 files. For example for a global
> /proc/net/tcp6 shows following opened ports:
>
> root@host:~# cat /proc/net/tcp6
>   sl  local_address remote_address
>st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout
> inode
>0: :01BD
> : 0A : 00:
>  00 22882 1 88040de7b240 100 0 0 10 0
>1: :008B
> : 0A : 00:
>  00 22883 1 88040de7a9c0 100 0 0 10 0
>2: :0050
> : 0A : 00:
>  00 1214363 1 880077ed9340 100 0 0 10 0
>3: :0016
> : 0A : 00:
>  00 21933 1 880400a33140 100 0 0 10 0
>4: :445C
> : 0A : 00:
>   10000 29904 1 880400a32040 100 0 0 10 0
>
> And for a process running in container I have:
> root@host:~# cat /proc/30518/net/tcp6
>   sl  local_address remote_address
>st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout
> inode
>0: 017F:1F45
> : 0A : 00:
>  00 1211206 1 880364fcb380 100 0 0 10 0
>1: :1F49
> : 0A : 00:
>  00 1215425 1 8802befd0200 100 0 0 10 0
>2: :1F90
> : 0A : 00:
>  00 1215421 1 880077ed8240 100 0 0 10 0
>
>
> So I see that there are opened ports that are not visible on host
> level but are visible at a container level for example 1F90 -> which
> is basically 8080.
>
>
> I'd like to ask following questions:
> 1. Where can I find documentation for /proc/[pid]/net/tcp|tcp6 files?
> All I could find was documentation about global file(i.e.
> /proc/net/tcp|tcp6) and there is no information about network
> namespaces at all (google, stackoverflow, man pages, kernel docs)
> 2. Could You confirm that in these files I'll see all connections that
> are specific for a given process even if this process is in separate
> network namespace? (so I dont have to enter target net/pid namespace
> to read their global /proc/net/tcp|tcp6 files)
> 3. I've grep kernel source code and tried to find where
> /proc/[pid]/net/tcp|tcp6 files are created but I couldn't (I've found
> functions for global files, maybe they are the same). I'd like to
> check when these files where introduced (from what kernel version they
> are