在Linux中查找由可执行程序设置的套接字选项

我需要find一个正在执行的客户端程序在打开到服务器的TCP连接时设置的套接字选项。客户端在Linux上运行。它可以在/proc/tcp吗？

我也需要这样做。

因为tcp选项没有以/proc/作为标准暴露， lsof并没有什么帮助。

我使用了这个内核模块https://github.com/veithen/knetstat ，我修改了这个模块，可以在这里使用以前的内核版本： https ： //github.com/abligh/knetstat

这可以让你做到：

 # cat /proc/net/tcpstat | head Recv-Q Send-Q Local Address Foreign Address Stat Diag Options 0 0 0.0.0.0:16013 0.0.0.0:* LSTN SO_REUSEADDR=0,SO_KEEPALIVE=0,TCP_NODELAY=0 0 0 127.0.0.1:25 0.0.0.0:* LSTN SO_REUSEADDR=1,SO_KEEPALIVE=1,TCP_NODELAY=0 0 0 0.0.0.0:111 0.0.0.0:* LSTN SO_REUSEADDR=1,SO_KEEPALIVE=0,TCP_NODELAY=0 0 0 0.0.0.0:4643 0.0.0.0:* LSTN SO_REUSEADDR=1,SO_KEEPALIVE=0,TCP_NODELAY=0 0 0 127.0.0.1:753 0.0.0.0:* LSTN SO_REUSEADDR=1,SO_KEEPALIVE=0,TCP_NODELAY=0 0 0 127.0.0.1:113 0.0.0.0:* LSTN SO_REUSEADDR=1,SO_KEEPALIVE=0,TCP_NODELAY=0 0 0 127.0.0.1:754 0.0.0.0:* LSTN SO_REUSEADDR=1,SO_KEEPALIVE=0,TCP_NODELAY=0 0 0 127.0.0.1:1234 0.0.0.0:* LSTN SO_REUSEADDR=1,SO_KEEPALIVE=0,TCP_NODELAY=0 0 0 0.0.0.0:53618 0.0.0.0:* LSTN SO_REUSEADDR=0,SO_KEEPALIVE=0,TCP_NODELAY=0

您可以在ltrace下运行可执行文件，以查看它与调用参数一起进行的库和系统调用。

使用-p [PROC_ID]标志的lsof显示该进程的打开fd。如果你是男人，那么你可以找到关于这些套接字的数百种不同的东西。这是标准的用法：

 [ 11:42 root@hozbox /proc/6828 ]# lsof -p 6828 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME SOAnswer_T 6828 jon cwd DIR 8,17 4096 3498003 /home/jon/SO/python SOAnswer_T 6828 jon rtd DIR 253,0 4096 2 / SOAnswer_T 6828 jon txt REG 253,0 6088 38614 /usr/bin/python SOAnswer_T 6828 jon mem REG 253,0 20676 16173 /usr/lib/python2.6/lib-dynload/selectmodule.so SOAnswer_T 6828 jon mem REG 253,0 32800 91247 /usr/lib/python2.6/lib-dynload/_struct.so SOAnswer_T 6828 jon mem REG 253,0 37180 91249 /usr/lib/python2.6/lib-dynload/arraymodule.so SOAnswer_T 6828 jon mem REG 253,0 30496 16167 /usr/lib/python2.6/lib-dynload/operator.so SOAnswer_T 6828 jon mem REG 253,0 10448 16137 /usr/lib/python2.6/lib-dynload/_randommodule.so SOAnswer_T 6828 jon mem REG 253,0 13552 16157 /usr/lib/python2.6/lib-dynload/fcntlmodule.so SOAnswer_T 6828 jon mem REG 253,0 17152 91253 /usr/lib/python2.6/lib-dynload/cStringIO.so SOAnswer_T 6828 jon mem REG 253,0 11648 12778 /lib/libcom_err.so.2.1 SOAnswer_T 6828 jon mem REG 253,0 19660 16148 /usr/lib/python2.6/lib-dynload/binascii.so SOAnswer_T 6828 jon mem REG 253,0 8224 12704 /lib/libkeyutils-1.2.so SOAnswer_T 6828 jon mem REG 253,0 28920 91246 /usr/lib/python2.6/lib-dynload/_ssl.so SOAnswer_T 6828 jon mem REG 253,0 36580 15554 /lib/libkrb5support.so.0.1 SOAnswer_T 6828 jon mem REG 253,0 14640 20456 /lib/libutil-2.12.2.so SOAnswer_T 6828 jon mem REG 253,0 141532 4868 /lib/ld-2.12.2.so SOAnswer_T 6828 jon mem REG 253,0 1851728 4869 /lib/libc-2.12.2.so SOAnswer_T 6828 jon mem REG 253,0 202044 5741 /lib/libm-2.12.2.so SOAnswer_T 6828 jon mem REG 253,0 19788 4870 /lib/libdl-2.12.2.so SOAnswer_T 6828 jon mem REG 253,0 133136 5431 /lib/libpthread-2.12.2.so SOAnswer_T 6828 jon mem REG 253,0 76368 5748 /lib/libz.so.1.2.3 SOAnswer_T 6828 jon mem REG 253,0 122420 8431 /lib/libselinux.so.1 SOAnswer_T 6828 jon mem REG 253,0 101068 8430 /lib/libresolv-2.12.2.so SOAnswer_T 6828 jon mem REG 253,0 25476 16120 /usr/lib/python2.6/lib-dynload/_collectionsmodule.so SOAnswer_T 6828 jon mem REG 253,0 58404 16141 /usr/lib/python2.6/lib-dynload/_socketmodule.so SOAnswer_T 6828 jon mem REG 253,0 11500 91240 /usr/lib/python2.6/lib-dynload/_hashlib.so SOAnswer_T 6828 jon mem REG 253,0 6280 91263 /usr/lib/python2.6/lib-dynload/syslog.so SOAnswer_T 6828 jon mem REG 253,0 22076 16164 /usr/lib/python2.6/lib-dynload/mathmodule.so SOAnswer_T 6828 jon mem REG 253,0 16748 91265 /usr/lib/python2.6/lib-dynload/timemodule.so SOAnswer_T 6828 jon mem REG 253,0 7616 16111 /usr/lib/python2.6/lib-dynload/_bisectmodule.so SOAnswer_T 6828 jon mem REG 253,0 22560 16175 /usr/lib/python2.6/lib-dynload/stropmodule.so SOAnswer_T 6828 jon mem REG 253,0 1603772 19175 /usr/lib/libpython2.6.so.1.0 SOAnswer_T 6828 jon mem REG 253,0 190528 63751 /lib/libgssapi_krb5.so.2.2 SOAnswer_T 6828 jon mem REG 253,0 758712 22619 /lib/libkrb5.so.3.3 SOAnswer_T 6828 jon mem REG 253,0 177868 20371 /lib/libk5crypto.so.3.1 SOAnswer_T 6828 jon mem REG 253,0 1596908 63969 /lib/libcrypto.so.1.0.0d SOAnswer_T 6828 jon mem REG 253,0 358704 64033 /usr/lib/libssl.so.1.0.0d SOAnswer_T 6828 jon mem REG 253,0 99158720 95278 /usr/lib/locale/locale-archive SOAnswer_T 6828 jon 0u CHR 136,2 0t0 5 /dev/pts/2 SOAnswer_T 6828 jon 1w FIFO 0,8 0t0 2254540 pipe SOAnswer_T 6828 jon 2u CHR 136,2 0t0 5 /dev/pts/2 SOAnswer_T 6828 jon 3u IPv4 2254907 0t0 TCP blah:36050->blah2.com.br:http (ESTABLISHED)

或者，使用-aU选项只能看到套接字：

 [ 11:46 root@hozbox /proc/6828 ]# lsof -aU -p 1511 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME acpid 1511 root 4u unix 0xd9063800 0t0 10860 /var/run/acpid.socket acpid 1511 root 6u unix 0xda79c200 0t0 10876 socket

/proc/PID/fd也列出了进程的所有打开的fd。

男人lsof

更多好东西在这里：请参阅由其他应用程序创建的现有套接字套接字选项？