Month: February 2017

Kernel dropped packet analysis

Found a simple method to check for all the packets dropped by kernel.

First you need to install dropwatch with

dnf install dropwatch

and details of the package

Name        : dropwatch
Arch        : x86_64
Epoch       : 0
Version     : 1.4
Release     : 13.fc24
Size        : 27 k
Repo        : fedora
Summary     : Kernel dropped packet monitor
URL         : http://fedorahosted.org/dropwatch
License     : GPLv2+
Description : dropwatch is an utility to interface to the kernel to monitor for dropped
: network packets.

 

Once that is done, you will see the kernel address. How do you map those to kernel functions, refer Get kernel function name from kernel address.

bash ansi codes to html for html reports from shell script

How many times you have felt that there was some simple way to convert bash ansi escape sequences ( colors as well in terminal ) to html equivalent so that you can send the same as html report in email. Here is simple solution. One way is to use ccze if you are using this for logs – colorize your logs and for more generic solution.

 

dnf install python3-ansi2html.noarch

after this is installed, you can use something like this:

/usr/bin/python3-ansi2html -l -f 12 -i

You can see the help for ansi2html to see what parameters mean and which ones suit you best 🙂

Get kernel function name from kernel address.

If you are using pmap or using strace and want to covert kernel address to function name then you can use the following technique.

 

First you need to install elfutils, if not installed.

dnf install elfutils

and after this you can use the following command

 

eu-addr2line -f -e /boot/vmlinuz-$(uname -r) <addr>
#Example
eu-addr2line -f -e /boot/vmlinuz-$(uname -r) 00007f36a8045000