Arnout Engelen
@@ -44,7 +44,7 @@ Changelog
|
|||||||
-using standard C++ maps instead of custom structures
|
-using standard C++ maps instead of custom structures
|
||||||
-many more code cleanups
|
-many more code cleanups
|
||||||
-documentation
|
-documentation
|
||||||
-split up ui code in seperate module
|
-split up ui code in separate module
|
||||||
|
|
||||||
-------------------------------------------------
|
-------------------------------------------------
|
||||||
|
|
||||||
|
|||||||
4
DESIGN
4
DESIGN
@@ -1,4 +1,4 @@
|
|||||||
Rough design notitions:
|
Rough design notes:
|
||||||
|
|
||||||
decpcap handles pcap. nethogs.cpp asks to be notified of all IPv4 or IPv6
|
decpcap handles pcap. nethogs.cpp asks to be notified of all IPv4 or IPv6
|
||||||
TCP packets.
|
TCP packets.
|
||||||
@@ -25,7 +25,7 @@ table should be updated regularly.
|
|||||||
|
|
||||||
There are some global data structures:
|
There are some global data structures:
|
||||||
connection.cpp:
|
connection.cpp:
|
||||||
connections. 'ConnList' list containting all currently known connections.
|
connections. 'ConnList' list containing all currently known connections.
|
||||||
A connection removes itself from the global 'connections' list in its
|
A connection removes itself from the global 'connections' list in its
|
||||||
destructor.
|
destructor.
|
||||||
|
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ Introduction
|
|||||||
|
|
||||||
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, **it groups bandwidth by process**.
|
NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, **it groups bandwidth by process**.
|
||||||
|
|
||||||
NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to indentify programs that have gone wild and are suddenly taking up your bandwidth.
|
NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to identify programs that have gone wild and are suddenly taking up your bandwidth.
|
||||||
|
|
||||||
Since NetHogs heavily relies on `/proc`, most features are only available on Linux.
|
Since NetHogs heavily relies on `/proc`, most features are only available on Linux.
|
||||||
NetHogs can be built on Mac OS X, but it will only show connections, not processes.
|
NetHogs can be built on Mac OS X, but it will only show connections, not processes.
|
||||||
|
|||||||
@@ -20,7 +20,7 @@ ODIR_BASE := obj
|
|||||||
|
|
||||||
ifeq ($(DEBUG),1)
|
ifeq ($(DEBUG),1)
|
||||||
# Debug mode options
|
# Debug mode options
|
||||||
$(info Bulding debug version)
|
$(info Building debug version)
|
||||||
ODIR:=$(ODIR_BASE)/lib/debug
|
ODIR:=$(ODIR_BASE)/lib/debug
|
||||||
CFLAGS?=-Wall -Wextra -O0 -g -fPIC $(VISIBILITY)
|
CFLAGS?=-Wall -Wextra -O0 -g -fPIC $(VISIBILITY)
|
||||||
CXXFLAGS?=-Wall -Wextra -Wno-missing-field-initializers --std=c++0x -O0 -g -fPIC $(VISIBILITY) $(CXXINCLUDES)
|
CXXFLAGS?=-Wall -Wextra -Wno-missing-field-initializers --std=c++0x -O0 -g -fPIC $(VISIBILITY) $(CXXINCLUDES)
|
||||||
|
|||||||
@@ -202,7 +202,7 @@ Connection *findConnection(Packet *packet) {
|
|||||||
* and removes 'old' packets.
|
* and removes 'old' packets.
|
||||||
*
|
*
|
||||||
* Returns sum of sent packages (by address)
|
* Returns sum of sent packages (by address)
|
||||||
* sum of recieved packages (by address)
|
* sum of received packages (by address)
|
||||||
*/
|
*/
|
||||||
void Connection::sumanddel(timeval t, u_int32_t *recv, u_int32_t *sent) {
|
void Connection::sumanddel(timeval t, u_int32_t *recv, u_int32_t *sent) {
|
||||||
(*sent) = (*recv) = 0;
|
(*sent) = (*recv) = 0;
|
||||||
|
|||||||
@@ -196,7 +196,7 @@ void reread_mapping() {
|
|||||||
DIR *proc = opendir("/proc");
|
DIR *proc = opendir("/proc");
|
||||||
|
|
||||||
if (proc == 0) {
|
if (proc == 0) {
|
||||||
std::cerr << "Error reading /proc, neede to get inode-to-pid-maping\n";
|
std::cerr << "Error reading /proc, needed to get inode-to-pid-maping\n";
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -173,7 +173,7 @@ static void nethogsmonitor_handle_update(NethogsMonitorCallback cb) {
|
|||||||
assert(curproc->getVal() != NULL);
|
assert(curproc->getVal() != NULL);
|
||||||
assert(nproc == processes->size());
|
assert(nproc == processes->size());
|
||||||
|
|
||||||
/* remove timed-out processes (unless it's one of the the unknown process)
|
/* remove timed-out processes (unless it's one of the unknown process)
|
||||||
*/
|
*/
|
||||||
if ((curproc->getVal()->getLastPacket() + PROCESSTIMEOUT <=
|
if ((curproc->getVal()->getLastPacket() + PROCESSTIMEOUT <=
|
||||||
curtime.tv_sec) &&
|
curtime.tv_sec) &&
|
||||||
|
|||||||
@@ -32,9 +32,9 @@ typedef struct NethogsMonitorRecord {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Defines a callback to handle updates about applications
|
* @brief Defines a callback to handle updates about applications
|
||||||
* @param action NETHOGS_APP_ACTION_SET if data is beeing added or updated,
|
* @param action NETHOGS_APP_ACTION_SET if data is being added or updated,
|
||||||
* NETHOGS_APP_ACTION_REMOVE if data is beeing removed.
|
* NETHOGS_APP_ACTION_REMOVE if data is being removed.
|
||||||
* the record_id member is used to uniquely identify the data beeing
|
* the record_id member is used to uniquely identify the data being
|
||||||
* update or removed.
|
* update or removed.
|
||||||
* @param data a pointer to an application usage data. the pointer remains valid
|
* @param data a pointer to an application usage data. the pointer remains valid
|
||||||
* until
|
* until
|
||||||
|
|||||||
@@ -41,11 +41,11 @@
|
|||||||
/* take the average speed over the last 5 seconds */
|
/* take the average speed over the last 5 seconds */
|
||||||
#define PERIOD 5
|
#define PERIOD 5
|
||||||
|
|
||||||
/* the amount of time after the last packet was recieved
|
/* the amount of time after the last packet was received
|
||||||
* after which a process is removed */
|
* after which a process is removed */
|
||||||
#define PROCESSTIMEOUT 150
|
#define PROCESSTIMEOUT 150
|
||||||
|
|
||||||
/* the amount of time after the last packet was recieved
|
/* the amount of time after the last packet was received
|
||||||
* after which a connection is removed */
|
* after which a connection is removed */
|
||||||
#define CONNTIMEOUT 50
|
#define CONNTIMEOUT 50
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user