Category: Learning

Kernel dropped packet analysis

Found a simple method to check for all the packets dropped by kernel.

First you need to install dropwatch with

dnf install dropwatch

and details of the package

Name        : dropwatch
Arch        : x86_64
Epoch       : 0
Version     : 1.4
Release     : 13.fc24
Size        : 27 k
Repo        : fedora
Summary     : Kernel dropped packet monitor
URL         : http://fedorahosted.org/dropwatch
License     : GPLv2+
Description : dropwatch is an utility to interface to the kernel to monitor for dropped
: network packets.

 

Once that is done, you will see the kernel address. How do you map those to kernel functions, refer Get kernel function name from kernel address.

Get kernel function name from kernel address.

If you are using pmap or using strace and want to covert kernel address to function name then you can use the following technique.

 

First you need to install elfutils, if not installed.

dnf install elfutils

and after this you can use the following command

 

eu-addr2line -f -e /boot/vmlinuz-$(uname -r) <addr>
#Example
eu-addr2line -f -e /boot/vmlinuz-$(uname -r) 00007f36a8045000

Compose a video from a text sequence

I came across this useful and interesting project so sharing with all of you:

seq2vid

Published in Learning by Amit Agarwal.