Skip to content

Instantly share code, notes, and snippets.

@jbarber
Created September 27, 2013 15:44
Show Gist options
  • Save jbarber/6730685 to your computer and use it in GitHub Desktop.
Save jbarber/6730685 to your computer and use it in GitHub Desktop.
Systemtap script for reporting the PID and command line of any program connecting to via IPv4 or IPv6 to port 80.
sudo stap -v - <<'EOF'
probe tcp.sendmsg {
# 2 = AF_INET
# 10 = AF_INET6
if ((family == 2 || family == 10) && tcpmib_remote_port($sk) == 80) {
printf("%i %s\n", pid(), cmdline_str())
}
}
EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment