programs/daemons/PIDs using the network

programs/daemons/PIDs using the network

[Karthik Vishwanath]

Hello,

I run icewm as a window manager and have the network status displayed on 
the task-bar. Sometimes I notice quite some activity on the network, 
without really knowing which process is responsible for that. I would like 
to determine the progam-name(s)/daemon(s) and the PID(s) that are involved 
actively in sending/receiving data on the network. 

I tried netstat with the -e, -p, -l and the -a flags, but could not locate 
the program that was actively using the network. What am I missing, what 
must I try? 


regards,

-K

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: programs/daemons/PIDs using the network

[_z33]

Karthik Vishwanath wrote:
> Hello,
> 
> I run icewm as a window manager and have the network status displayed on 
> the task-bar. Sometimes I notice quite some activity on the network, 
> without really knowing which process is responsible for that. I would like 
> to determine the progam-name(s)/daemon(s) and the PID(s) that are involved 
> actively in sending/receiving data on the network. 

   Isn't that due to "arp" packets flowing in the network? Try running 
ethereal (as 'root') and then capture the packets for further information.

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: programs/daemons/PIDs using the network

[Richard Adams]

On Friday 12 August 2005 07:27, Karthik Vishwanath wrote:
> Hello,
>
> I run icewm as a window manager and have the network status displayed on
> the task-bar. Sometimes I notice quite some activity on the network,
> without really knowing which process is responsible for that. I would like
> to determine the progam-name(s)/daemon(s) and the PID(s) that are involved
> actively in sending/receiving data on the network.

Without knowing anything about your systen, ie what processes are running one 
can only guess as to what is causing traffic on your network.

Mail programs which check at regular intervals for mail is one which comes to 
mind strait away, others are dhcp if used and there are of course many more.

> I tried netstat with the -e, -p, -l and the -a flags, but could not locate
> the program that was actively using the network. What am I missing, what
> must I try?

I would use 'netstat -t' as soon as i saw traffic, but then i would be running 
'tcpdump' in an xterm to monitor traffic, one would then see ip#'s and most 
important port numbers, knowing the port number one then looks 
into /etc/services to see what program is causing the traffic.

Of course there are other ways to check as well but the above is what i would 
be doing if i was concerned.
>
>
> regards,
>
> -K

--
Regards Richard.

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: programs/daemons/PIDs using the network

[Ray Olszewski]

Richard Adams wrote:
> On Friday 12 August 2005 07:27, Karthik Vishwanath wrote:
> 
>>Hello,
>>
>>I run icewm as a window manager and have the network status displayed on
>>the task-bar. Sometimes I notice quite some activity on the network,
>>without really knowing which process is responsible for that. I would like
>>to determine the progam-name(s)/daemon(s) and the PID(s) that are involved
>>actively in sending/receiving data on the network.
> 
> 
> Without knowing anything about your systen, ie what processes are running one 
> can only guess as to what is causing traffic on your network.
> 
> Mail programs which check at regular intervals for mail is one which comes to 
> mind strait away, others are dhcp if used and there are of course many more.

Assuming Karthik knows what he's talking about (and he's posted here for 
long enough that if he says "quite some acticity", he surely means more 
than a trickle), these are not likely candidates for creating *heavy* 
loads on a LAN. A better guess would be something Samba related, or 
maybe VNC, or maybe some p2p app ... but these are just wild guesses and 
not what Karthik asked about anyway.

> 
>>I tried netstat with the -e, -p, -l and the -a flags, but could not locate
>>the program that was actively using the network. What am I missing, what
>>must I try?
> 
> 
> I would use 'netstat -t' as soon as i saw traffic, but then i would be running 
> 'tcpdump' in an xterm to monitor traffic, one would then see ip#'s and most 
> important port numbers, knowing the port number one then looks 
> into /etc/services to see what program is causing the traffic.

Maybe. These days, /etc/services isn't as complete as it once was. 
There's an Web site somewhere with a more current list of IANA port 
assignments than /etc/services usually provides. But in any case, you 
don't want to know the *service* involved; you want to know what client 
is involved, and that is a bit trickier to determine. See next comment.

> Of course there are other ways to check as well but the above is what i would 
> be doing if i was concerned.

Good thoughts generally, Richard, but I'd suggest a few differences in 
the details.

1. netstat -t won't tell you much ... especially if the traffic isn't 
caused by a tcp connection. More useful is something like netstat -anp 
(run as root), which gives you (among other things) a list of source 
ports, destination aaddresses, and associated PIDs. So if you find the 
ports that are causing the traffic, this links them to programs.

2. For tracking the traffic itself, I don't know anything better than 
tcpdump or its equivalent (e.g., ethereal) to monitor port-by-port 
traffic levels. Surely someone has written a wrapper for one of these 
sniffers that will track traffic by port number, though. No?

Update: a quick Google search led me to darkstar, a minimalist sniffer 
that offers an option to report cumulative traffic by port (a screenshot 
show this output format). Look at http://dmr.ath.cx/net/darkstat/ for 
details. I don't recall what distro you use, Karthik, but I did see that 
Debian packages were available.



-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: programs/daemons/PIDs using the network

[Karthik Vishwanath]

You assumed correctly, Ray -- the activity was really strange, since it
was showing after I had ascertained that I had shut down all browsers/ p2p
clients/ mail clients.

I have apt-gotten darkstat, and it seems to be something exactly along the
lines of what I needed (sets up html ouput on localhost, pretty cool) --
thanks, Ray!


-K

On Sat, 13 Aug 2005, at 09:37, Ray Olszewski wrote to linux-newbie@vger.ker...:

> Richard Adams wrote:
> > On Friday 12 August 2005 07:27, Karthik Vishwanath wrote:
> > 
> >>Hello,
> >>
> >>I run icewm as a window manager and have the network status displayed on
> >>the task-bar. Sometimes I notice quite some activity on the network,
> >>without really knowing which process is responsible for that. I would like
> >>to determine the progam-name(s)/daemon(s) and the PID(s) that are involved
> >>actively in sending/receiving data on the network.
> > 
> > 
> > Without knowing anything about your systen, ie what processes are running one 
> > can only guess as to what is causing traffic on your network.
> > 
> > Mail programs which check at regular intervals for mail is one which comes to 
> > mind strait away, others are dhcp if used and there are of course many more.
> 
> Assuming Karthik knows what he's talking about (and he's posted here for 
> long enough that if he says "quite some acticity", he surely means more 
> than a trickle), these are not likely candidates for creating *heavy* 
> loads on a LAN. A better guess would be something Samba related, or 
> maybe VNC, or maybe some p2p app ... but these are just wild guesses and 
> not what Karthik asked about anyway.
> 
> > 
> >>I tried netstat with the -e, -p, -l and the -a flags, but could not locate
> >>the program that was actively using the network. What am I missing, what
> >>must I try?
> > 
> > 
> > I would use 'netstat -t' as soon as i saw traffic, but then i would be running 
> > 'tcpdump' in an xterm to monitor traffic, one would then see ip#'s and most 
> > important port numbers, knowing the port number one then looks 
> > into /etc/services to see what program is causing the traffic.
> 
> Maybe. These days, /etc/services isn't as complete as it once was. 
> There's an Web site somewhere with a more current list of IANA port 
> assignments than /etc/services usually provides. But in any case, you 
> don't want to know the *service* involved; you want to know what client 
> is involved, and that is a bit trickier to determine. See next comment.
> 
> > Of course there are other ways to check as well but the above is what i would 
> > be doing if i was concerned.
> 
> Good thoughts generally, Richard, but I'd suggest a few differences in 
> the details.
> 
> 1. netstat -t won't tell you much ... especially if the traffic isn't 
> caused by a tcp connection. More useful is something like netstat -anp 
> (run as root), which gives you (among other things) a list of source 
> ports, destination aaddresses, and associated PIDs. So if you find the 
> ports that are causing the traffic, this links them to programs.
> 
> 2. For tracking the traffic itself, I don't know anything better than 
> tcpdump or its equivalent (e.g., ethereal) to monitor port-by-port 
> traffic levels. Surely someone has written a wrapper for one of these 
> sniffers that will track traffic by port number, though. No?
> 
> Update: a quick Google search led me to darkstar, a minimalist sniffer 
> that offers an option to report cumulative traffic by port (a screenshot 
> show this output format). Look at http://dmr.ath.cx/net/darkstat/ for 
> details. I don't recall what distro you use, Karthik, but I did see that 
> Debian packages were available.
> 
> 
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.linux-learn.org/faqs
> 


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

starting a user defined daemon at linux startup.

[P.Manohar]

Hai
   I have written a daemon, and it is working when I load it.
   Now I want to start that daemon at startup in linux, so that without 
manually running , it has to start along with all the daemons available 
in the system. I came to know that we need to put a script into 
/etc/rc.d/init.d/
similar to sshd or atd. Do we need to write a script to run my daemon?

I have the daemon's binary, what should be the script content to run it .

But my daemon is just a single executable, is there any othr way to do 
this.

Thanks In Advance.
P.manohar.


-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: starting a user defined daemon at linux startup.

[Arturas Moskvinas]

> Hai
>    I have written a daemon, and it is working when I load it.
>    Now I want to start that daemon at startup in linux, so that without
> manually running , it has to start along with all the daemons available
> in the system. I came to know that we need to put a script into
> /etc/rc.d/init.d/
> similar to sshd or atd. Do we need to write a script to run my daemon?
> 
> I have the daemon's binary, what should be the script content to run it .

There is a bit difference between distribution, you should tell us at
least what distribution do you use. For example there is an easy way
to add a daemon in Red Hat based distribution, just add the line in
"\etc\rc.d\rc.local" file (it is not the best way do do it, but for
starters it is OK i think so). Often you will find a file named
"skeleton", "template" (or something similar) where you'll find short
description how to write your own start script.

Arturas M.
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

recording a .wav file in a daemon.

[P.Manohar]

hai,
    I am calling this below script( call it recording.scr) from a c 
program using system() , this C program is written as a daemon, so that it 
will run continuously and executes this script periodically.
  When I run this daemon in any terminal it is recording continously.
But when I run the same thing as original daemon like atd or sshd by 
putting a script mydaemon in
/etc/rc.d/init.d/mydaemon start
This daemon is not recording.

Whether "brec" need a controlling terminal ?
I am confused with this. Please suggest me if u can.


  #!/bin/tcsh
if($# != 1) then
   echo "Argument  filename"
   exit(-1)
endif

echo "recording"
brec -s 96000 -b 16 -t 1 -w /usr/loca/xyz.wav
echo "recording over"

Thanks & Regrds,
P.Manohar.
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: recording a .wav file in a daemon.

[Ray Olszewski]

P.Manohar wrote:
> 
> hai,
>    I am calling this below script( call it recording.scr) from a c 
> program using system() , this C program is written as a daemon, so that 
> it will run continuously and executes this script periodically.
>  When I run this daemon in any terminal it is recording continously.
> But when I run the same thing as original daemon like atd or sshd by 
> putting a script mydaemon in
> /etc/rc.d/init.d/mydaemon start
> This daemon is not recording.
> 
> Whether "brec" need a controlling terminal ?
> I am confused with this. Please suggest me if u can.
> 
> 
>  #!/bin/tcsh
> if($# != 1) then
>   echo "Argument  filename"
>   exit(-1)
> endif
> 
> echo "recording"
> brec -s 96000 -b 16 -t 1 -w /usr/loca/xyz.wav
> echo "recording over"
> 
> Thanks & Regrds,
> P.Manohar.

I can offer only a guess in reply. The guess is that you need to have 
the script call /usr/bin/brec (or whatever the path is) rather than 
brec. When you call the daemon from a terminal, the user's PATH variable 
fills in the blank. But when you run it as an init script, PATH is not 
set in the environment so it does not.

BTW, do you really use /usr/loca/ as a directory on your system, and not 
the more customary /usr/local/ ? Or is this some special directory 
specific to this purpose?

The script seems odd in some other ways too (what is the purpose of the 
requirement for a filename, for example), but they are hard to judge 
without seeing the source for the C wrapper daemon as well as the script 
itself.

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

getting kernel symbols list in FC2

[P.Manohar]

hai,
    In redhat 9 we can get the kernel symbols list by executing the command
   /sbin/ksyms -a
But the same when I do in Fedora core 2,
it is giving the following error,
ksyms: QM_MODULES Function not implemented

I updated the module-init-tools rpm to 3.2.X
But still the same error I am getting.

Can anybody suggest on this.

Thanks& Regards
P.Manohar.
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs