Reading network connections for processes in a separate net namespaces (/proc/[pid]/net/tcp|tcp6)

linux-newbie.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: dariusz ostolski <dariusz.ostolski@gmail.com>
To: linux-newbie@vger.kernel.org
Subject: Reading network connections for processes in a separate net namespaces (/proc/[pid]/net/tcp|tcp6)
Date: Tue, 19 Jan 2016 13:14:43 +0100	[thread overview]
Message-ID: <CAMCRRyt0XeHG7UhVV7jJ2LK5z571Xeu=oRXFr=oFiThQiykGZA@mail.gmail.com> (raw)

Hello,

First let me introduce myself, my name is Darek Ostolski, I'm computer
enthusiast and hobbyst (also a developer).
Second if this is incorrect mailing list excuse me and please point to
the appropriate mailing list. but I couldn't find any other more
appropriate place to ask my question.

I have a process that is in the separate net namespace(basically a
container) and I want to check opened connections for that process. I
have a kernel 4.3.3.
My experiments showed that this information is available in
/proc/[pid]/net/tcp|tcp6 files. For example for a global
/proc/net/tcp6 shows following opened ports:

root@gdn127620d2:~# cat /proc/net/tcp6
  sl  local_address                         remote_address
           st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout
inode
   0: 00000000000000000000000000000000:01BD
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000     0        0 22882 1 ffff88040de7b240 100 0 0 10 0
   1: 00000000000000000000000000000000:008B
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000     0        0 22883 1 ffff88040de7a9c0 100 0 0 10 0
   2: 00000000000000000000000000000000:0050
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000     0        0 1214363 1 ffff880077ed9340 100 0 0 10 0
   3: 00000000000000000000000000000000:0016
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000     0        0 21933 1 ffff880400a33140 100 0 0 10 0
   4: 00000000000000000000000000000000:445C
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000  1000        0 29904 1 ffff880400a32040 100 0 0 10 0

And for a process running in container I have:
root@gdn127620d2:~# cat /proc/30518/net/tcp6
  sl  local_address                         remote_address
           st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout
inode
   0: 0000000000000000FFFF00000100007F:1F45
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000     0        0 1211206 1 ffff880364fcb380 100 0 0 10 0
   1: 00000000000000000000000000000000:1F49
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000     0        0 1215425 1 ffff8802befd0200 100 0 0 10 0
   2: 00000000000000000000000000000000:1F90
00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000
00000000     0        0 1215421 1 ffff880077ed8240 100 0 0 10 0

So I see that there are opened ports that are not visible on host
level but are visible at a container level.

I'd like to ask following questions:
1. Where can I find documentation for /proc/[pid]/net/tcp|tcp6 files?
All I could find was documentation about global file(i.e.
/proc/net/tcp|tcp6) and there is no information about network
namespaces at all.
2. Could You confirm that in these files I'll see all connections that
are specific for a given process even if this process is in separate
network namespace? (so I dont have to enter target net/pid namespace
to read their global /proc/net/tcp|tcp6 files)
3. I've grep kernel source code and tried to find where
/proc/[pid]/net/tcp|tcp6 files are created but I couldn't (I've found
functions for global files, maybe they are the same). I'd like to
check when these files where introduced (from what kernel version they
are available) and if I can confirm my findings directly from kernel
sources (that I'll see connections from separate net namespace without
actually entering that namespace).

Thank You in advance for your help.

-- 
Regards,
Darek
--
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

                 reply	other threads:[~2016-01-19 12:14 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAMCRRyt0XeHG7UhVV7jJ2LK5z571Xeu=oRXFr=oFiThQiykGZA@mail.gmail.com' \
    --to=dariusz.ostolski@gmail.com \
    --cc=linux-newbie@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).