TrxShell [ mangaberri.com ]

Name	Size	Permission
ModemManager	2.07 MB	-rwxr-xr-x
a2disconf	15.75 KB	-rwxr-xr-x
a2dismod	15.75 KB	-rwxr-xr-x
a2dissite	15.75 KB	-rwxr-xr-x
a2enconf	15.75 KB	-rwxr-xr-x
a2enmod	15.75 KB	-rwxr-xr-x
a2ensite	15.75 KB	-rwxr-xr-x
a2query	9.6 KB	-rwxr-xr-x
aa-load	38.75 KB	-rwxr-xr-x
aa-remove-unknown	3.15 KB	-rwxr-xr-x
aa-status	39.06 KB	-rwxr-xr-x
aa-teardown	137 B	-rwxr-xr-x
accessdb	14.55 KB	-rwxr-xr-x
add-shell	1.03 KB	-rwxr-xr-x
addgnupghome	3 KB	-rwxr-xr-x
addgroup	53.9 KB	-rwxr-xr-x
adduser	53.9 KB	-rwxr-xr-x
agetty	59.56 KB	-rwxr-xr-x
apache2	736.55 KB	-rwxr-xr-x
apache2ctl	7.26 KB	-rwxr-xr-x
apachectl	7.26 KB	-rwxr-xr-x
apparmor_parser	1.55 MB	-rwxr-xr-x
apparmor_status	39.06 KB	-rwxr-xr-x
applygnupgdefaults	2.17 KB	-rwxr-xr-x
argdist-bpfcc	36 KB	-rwxr-xr-x
arp	61.61 KB	-rwxr-xr-x
arpd	26.33 KB	-rwxr-xr-x
arptables	219.16 KB	-rwxr-xr-x
arptables-nft	219.16 KB	-rwxr-xr-x
arptables-nft-restore	219.16 KB	-rwxr-xr-x
arptables-nft-save	219.16 KB	-rwxr-xr-x
arptables-restore	219.16 KB	-rwxr-xr-x
arptables-save	219.16 KB	-rwxr-xr-x
audisp-af_unix	14.31 KB	-rwxr-xr-x
audisp-remote	50.41 KB	-rwxr-xr-x
audisp-syslog	18.3 KB	-rwxr-xr-x
audispd-zos-remote	34.38 KB	-rwxr-xr-x
auditctl	50.5 KB	-rwxr-xr-x
auditd	118.41 KB	-rwxr-xr-x
augenrules	3.74 KB	-rwxr-xr-x
aureport	110.41 KB	-rwxr-xr-x
ausearch	110.45 KB	-rwxr-xr-x
autrace	18.3 KB	-rwxr-xr-x
badblocks	34.32 KB	-rwxr-xr-x
bashreadline-bpfcc	2.32 KB	-rwxr-xr-x
bashreadline.bt	698 B	-rwxr-xr-x
bcache-super-show	14.3 KB	-rwxr-xr-x
bindsnoop-bpfcc	15.96 KB	-rwxr-xr-x
biolatency-bpfcc	11.1 KB	-rwxr-xr-x
biolatency-kp.bt	664 B	-rwxr-xr-x
biolatency.bt	681 B	-rwxr-xr-x
biolatpcts-bpfcc	10.01 KB	-rwxr-xr-x
biopattern-bpfcc	3.86 KB	-rwxr-xr-x
biosdecode	27.2 KB	-rwxr-xr-x
biosnoop-bpfcc	10.58 KB	-rwxr-xr-x
biosnoop.bt	1.12 KB	-rwxr-xr-x
biostacks.bt	915 B	-rwxr-xr-x
biotop-bpfcc	9.34 KB	-rwxr-xr-x
bitesize-bpfcc	1.14 KB	-rwxr-xr-x
bitesize.bt	567 B	-rwxr-xr-x
blkdeactivate	15.97 KB	-rwxr-xr-x
blkdiscard	22.38 KB	-rwxr-xr-x
blkid	54.41 KB	-rwxr-xr-x
blkzone	34.38 KB	-rwxr-xr-x
blockdev	34.38 KB	-rwxr-xr-x
bpflist-bpfcc	2.54 KB	-rwxr-xr-x
bpftool	1.58 KB	-rwxr-xr-x
bridge	108.49 KB	-rwxr-xr-x
btrfsdist-bpfcc	6.47 KB	-rwxr-xr-x
btrfsslower-bpfcc	9.75 KB	-rwxr-xr-x
cache_check	1.36 MB	-rwxr-xr-x
cache_dump	1.36 MB	-rwxr-xr-x
cache_metadata_size	1.36 MB	-rwxr-xr-x
cache_repair	1.36 MB	-rwxr-xr-x
cache_restore	1.36 MB	-rwxr-xr-x
cache_writeback	1.36 MB	-rwxr-xr-x
cachestat-bpfcc	6.38 KB	-rwxr-xr-x
cachetop-bpfcc	9.15 KB	-rwxr-xr-x
capable-bpfcc	8.28 KB	-rwxr-xr-x
capable.bt	1.88 KB	-rwxr-xr-x
capsh	57.09 KB	-rwxr-xr-x
cfdisk	94.73 KB	-rwxr-xr-x
cgdisk	166.48 KB	-rwxr-xr-x
chcpu	30.38 KB	-rwxr-xr-x
check_forensic	952 B	-rwxr-xr-x
chgpasswd	58.32 KB	-rwxr-xr-x
chmem	34.38 KB	-rwxr-xr-x
chpasswd	54.43 KB	-rwxr-xr-x
chroot	38.51 KB	-rwxr-xr-x
cobjnew-bpfcc	53 B	-rwxr-xr-x
compactsnoop-bpfcc	11.1 KB	-rwxr-xr-x
cpgr	48.45 KB	-rwxr-xr-x
cppw	48.45 KB	-rwxr-xr-x
cpudist-bpfcc	6.85 KB	-rwxr-xr-x
cpuunclaimed-bpfcc	14.59 KB	-rwxr-xr-x
cpuwalk.bt	497 B	-rwxr-xr-x
criticalstat-bpfcc	8.41 KB	-rwxr-xr-x
cron	58.67 KB	-rwxr-xr-x
cryptdisks_start	1.51 KB	-rwxr-xr-x
cryptdisks_stop	844 B	-rwxr-xr-x
cryptsetup	225.9 KB	-rwxr-xr-x
ctrlaltdel	14.38 KB	-rwxr-xr-x
dbslower-bpfcc	7.22 KB	-rwxr-xr-x
dbstat-bpfcc	3.7 KB	-rwxr-xr-x
dcb	80.52 KB	-rwxr-xr-x
dcsnoop-bpfcc	4.03 KB	-rwxr-xr-x
dcsnoop.bt	1.23 KB	-rwxr-xr-x
dcstat-bpfcc	3.77 KB	-rwxr-xr-x
deadlock-bpfcc	20.45 KB	-rwxr-xr-x
debugfs	225.87 KB	-rwxr-xr-x
delgroup	18.53 KB	-rwxr-xr-x
deluser	18.53 KB	-rwxr-xr-x
depmod	170.24 KB	-rwxr-xr-x
devlink	150.86 KB	-rwxr-xr-x
dhcpcd	395.4 KB	-rwxr-xr-x
dirtop-bpfcc	8.37 KB	-rwxr-xr-x
dmeventd	50.38 KB	-rwxr-xr-x
dmidecode	135.25 KB	-rwxr-xr-x
dmsetup	171.05 KB	-rwxr-xr-x
dmstats	171.05 KB	-rwxr-xr-x
dosfsck	78.38 KB	-rwxr-xr-x
dosfslabel	38.38 KB	-rwxr-xr-x
dpkg-preconfigure	4.25 KB	-rwxr-xr-x
dpkg-reconfigure	4.43 KB	-rwxr-xr-x
drsnoop-bpfcc	6.73 KB	-rwxr-xr-x
dumpe2fs	34.31 KB	-rwxr-xr-x
e2freefrag	18.3 KB	-rwxr-xr-x
e2fsck	364.34 KB	-rwxr-xr-x
e2image	42.31 KB	-rwxr-xr-x
e2label	110.56 KB	-rwxr-xr-x
e2mmpstatus	34.31 KB	-rwxr-xr-x
e2scrub	7.12 KB	-rwxr-xr-x
e2scrub_all	5.27 KB	-rwxr-xr-x
e2undo	22.3 KB	-rwxr-xr-x
e4crypt	30.38 KB	-rwxr-xr-x
e4defrag	34.3 KB	-rwxr-xr-x
ebtables	219.16 KB	-rwxr-xr-x
ebtables-nft	219.16 KB	-rwxr-xr-x
ebtables-nft-restore	219.16 KB	-rwxr-xr-x
ebtables-nft-save	219.16 KB	-rwxr-xr-x
ebtables-restore	219.16 KB	-rwxr-xr-x
ebtables-save	219.16 KB	-rwxr-xr-x
ebtables-translate	219.16 KB	-rwxr-xr-x
era_check	1.36 MB	-rwxr-xr-x
era_dump	1.36 MB	-rwxr-xr-x
era_invalidate	1.36 MB	-rwxr-xr-x
era_restore	1.36 MB	-rwxr-xr-x
ethtool	651.68 KB	-rwxr-xr-x
execsnoop-bpfcc	9.82 KB	-rwxr-xr-x
execsnoop.bt	928 B	-rwxr-xr-x
exitsnoop-bpfcc	9.42 KB	-rwxr-xr-x
ext4dist-bpfcc	6.53 KB	-rwxr-xr-x
ext4slower-bpfcc	9.71 KB	-rwxr-xr-x
faillock	22.31 KB	-rwxr-xr-x
fatlabel	38.38 KB	-rwxr-xr-x
fdisk	114.42 KB	-rwxr-xr-x
filefrag	18.32 KB	-rwxr-xr-x
filegone-bpfcc	5.64 KB	-rwxr-xr-x
filelife-bpfcc	6.38 KB	-rwxr-xr-x
fileslower-bpfcc	7.2 KB	-rwxr-xr-x
filetop-bpfcc	6.35 KB	-rwxr-xr-x
findfs	14.38 KB	-rwxr-xr-x
fixparts	58.48 KB	-rwxr-xr-x
fsadm	24 KB	-rwxr-xr-x
fsck	42.42 KB	-rwxr-xr-x
fsck.btrfs	1.16 KB	-rwxr-xr-x
fsck.cramfs	30.44 KB	-rwxr-xr-x
fsck.ext2	364.34 KB	-rwxr-xr-x
fsck.ext3	364.34 KB	-rwxr-xr-x
fsck.ext4	364.34 KB	-rwxr-xr-x
fsck.fat	78.38 KB	-rwxr-xr-x
fsck.minix	54.41 KB	-rwxr-xr-x
fsck.msdos	78.38 KB	-rwxr-xr-x
fsck.vfat	78.38 KB	-rwxr-xr-x
fsck.xfs	2.51 KB	-rwxr-xr-x
fsfreeze	14.38 KB	-rwxr-xr-x
fstab-decode	14.3 KB	-rwxr-xr-x
fstrim	42.38 KB	-rwxr-xr-x
funccount-bpfcc	12.68 KB	-rwxr-xr-x
funcinterval-bpfcc	5.46 KB	-rwxr-xr-x
funclatency-bpfcc	11.28 KB	-rwxr-xr-x
funcslower-bpfcc	10.38 KB	-rwxr-xr-x
gdisk	198.48 KB	-rwxr-xr-x
genl	120.58 KB	-rwxr-xr-x
getcap	14.3 KB	-rwxr-xr-x
gethostlatency-bpfcc	3.82 KB	-rwxr-xr-x
gethostlatency.bt	1.19 KB	-rwxr-xr-x
getpcaps	14.3 KB	-rwxr-xr-x
getty	59.56 KB	-rwxr-xr-x
groupadd	71.13 KB	-rwxr-xr-x
groupdel	62.91 KB	-rwxr-xr-x
groupmems	58.34 KB	-rwxr-xr-x
groupmod	71.04 KB	-rwxr-xr-x
grpck	58.32 KB	-rwxr-xr-x
grpconv	50.16 KB	-rwxr-xr-x
grpunconv	50.16 KB	-rwxr-xr-x
grub-bios-setup	958.55 KB	-rwxr-xr-x
grub-install	1.17 MB	-rwxr-xr-x
grub-macbless	946.41 KB	-rwxr-xr-x
grub-mkconfig	8.63 KB	-rwxr-xr-x
grub-mkdevicemap	70.69 KB	-rwxr-xr-x
grub-probe	954.66 KB	-rwxr-xr-x
grub-reboot	4.73 KB	-rwxr-xr-x
grub-set-default	3.47 KB	-rwxr-xr-x
halt	1.43 MB	-rwxr-xr-x
hardirqs-bpfcc	6.85 KB	-rwxr-xr-x
hdparm	139.43 KB	-rwxr-xr-x
httxt2dbm	14.3 KB	-rwxr-xr-x
iconvconfig	34.47 KB	-rwxr-xr-x
ifconfig	77.17 KB	-rwxr-xr-x
iftop	62.62 KB	-rwxr-xr-x
init	98.45 KB	-rwxr-xr-x
inject-bpfcc	16.06 KB	-rwxr-xr-x
insmod	170.24 KB	-rwxr-xr-x
install-sgmlcatalog	4.44 KB	-rwxr-xr-x
installkernel	2.6 KB	-rwxr-xr-x
integritysetup	67.06 KB	-rwxr-xr-x
invoke-rc.d	16.13 KB	-rwxr-xr-x
iotop	113.64 KB	-rwxr-xr-x
iotop-c	113.64 KB	-rwxr-xr-x
ip	754.8 KB	-rwxr-xr-x
ip6tables	219.16 KB	-rwxr-xr-x
ip6tables-apply	6.89 KB	-rwxr-xr-x
ip6tables-legacy	92.95 KB	-rwxr-xr-x
ip6tables-legacy-restore	92.95 KB	-rwxr-xr-x
ip6tables-legacy-save	92.95 KB	-rwxr-xr-x
ip6tables-nft	219.16 KB	-rwxr-xr-x
ip6tables-nft-restore	219.16 KB	-rwxr-xr-x
ip6tables-nft-save	219.16 KB	-rwxr-xr-x
ip6tables-restore	219.16 KB	-rwxr-xr-x
ip6tables-restore-translate	219.16 KB	-rwxr-xr-x
ip6tables-save	219.16 KB	-rwxr-xr-x
ip6tables-translate	219.16 KB	-rwxr-xr-x
ipmaddr	18.3 KB	-rwxr-xr-x
iptables	219.16 KB	-rwxr-xr-x
iptables-apply	6.89 KB	-rwxr-xr-x
iptables-legacy	92.95 KB	-rwxr-xr-x
iptables-legacy-restore	92.95 KB	-rwxr-xr-x
iptables-legacy-save	92.95 KB	-rwxr-xr-x
iptables-nft	219.16 KB	-rwxr-xr-x
iptables-nft-restore	219.16 KB	-rwxr-xr-x
iptables-nft-save	219.16 KB	-rwxr-xr-x
iptables-restore	219.16 KB	-rwxr-xr-x
iptables-restore-translate	219.16 KB	-rwxr-xr-x
iptables-save	219.16 KB	-rwxr-xr-x
iptables-translate	219.16 KB	-rwxr-xr-x
iptunnel	18.3 KB	-rwxr-xr-x
iscsi-iname	18.3 KB	-rwxr-xr-x
iscsi_discovery	5.17 KB	-rwxr-xr-x
iscsiadm	370.43 KB	-rwxr-xr-x
iscsid	286.55 KB	-rwxr-xr-x
iscsistart	274.49 KB	-rwxr-xr-x
isosize	14.38 KB	-rwxr-xr-x
javacalls-bpfcc	55 B	-rwxr-xr-x
javaflow-bpfcc	54 B	-rwxr-xr-x
javagc-bpfcc	52 B	-rwxr-xr-x
javaobjnew-bpfcc	56 B	-rwxr-xr-x
javastat-bpfcc	54 B	-rwxr-xr-x
javathreads-bpfcc	57 B	-rwxr-xr-x
kbdrate	18.31 KB	-rwxr-xr-x
killall5	26.23 KB	-rwxr-xr-x
killsnoop-bpfcc	4.45 KB	-rwxr-xr-x
killsnoop.bt	873 B	-rwxr-xr-x
klockstat-bpfcc	13.04 KB	-rwxr-xr-x
kpartx	42.16 KB	-rwxr-xr-x
kvmexit-bpfcc	11.19 KB	-rwxr-xr-x
ldattach	26.38 KB	-rwxr-xr-x
ldconfig	387 B	-rwxr-xr-x
ldconfig.real	1 MB	-rwxr-xr-x
llcstat-bpfcc	4.48 KB	-rwxr-xr-x
loads.bt	1.1 KB	-rwxr-xr-x
locale-gen	4.21 KB	-rwxr-xr-x
logrotate	94.24 KB	-rwxr-xr-x
logsave	14.16 KB	-rwxr-xr-x
losetup	74.52 KB	-rwxr-xr-x
lsmod	170.24 KB	-rwxr-xr-x
luksformat	3.32 KB	-rwxr-xr-x
lvchange	3.01 MB	-rwxr-xr-x
lvconvert	3.01 MB	-rwxr-xr-x
lvcreate	3.01 MB	-rwxr-xr-x
lvdisplay	3.01 MB	-rwxr-xr-x
lvextend	3.01 MB	-rwxr-xr-x
lvm	3.01 MB	-rwxr-xr-x
lvmconfig	3.01 MB	-rwxr-xr-x
lvmdiskscan	3.01 MB	-rwxr-xr-x
lvmdump	10.12 KB	-rwxr-xr-x
lvmpolld	235.97 KB	-rwxr-xr-x
lvmsadc	3.01 MB	-rwxr-xr-x
lvmsar	3.01 MB	-rwxr-xr-x
lvreduce	3.01 MB	-rwxr-xr-x
lvremove	3.01 MB	-rwxr-xr-x
lvrename	3.01 MB	-rwxr-xr-x
lvresize	3.01 MB	-rwxr-xr-x
lvs	3.01 MB	-rwxr-xr-x
lvscan	3.01 MB	-rwxr-xr-x
lxc	589 B	-rwxr-xr-x
lxd	589 B	-rwxr-xr-x
make-bcache	22.38 KB	-rwxr-xr-x
make-ssl-cert	6.65 KB	-rwxr-xr-x
mariadbd	26.09 MB	-rwxr-xr-x
mdadm	622.21 KB	-rwxr-xr-x
mdflush-bpfcc	2.24 KB	-rwxr-xr-x
mdflush.bt	775 B	-rwxr-xr-x
mdmon	258.8 KB	-rwxr-xr-x
memleak-bpfcc	20.8 KB	-rwxr-xr-x
mii-tool	26.73 KB	-rwxr-xr-x
mkdosfs	50.83 KB	-rwxr-xr-x
mke2fs	130.62 KB	-rwxr-xr-x
mkfs	14.38 KB	-rwxr-xr-x
mkfs.bfs	22.38 KB	-rwxr-xr-x
mkfs.btrfs	560.3 KB	-rwxr-xr-x
mkfs.cramfs	34.32 KB	-rwxr-xr-x
mkfs.ext2	130.62 KB	-rwxr-xr-x
mkfs.ext3	130.62 KB	-rwxr-xr-x
mkfs.ext4	130.62 KB	-rwxr-xr-x
mkfs.fat	50.83 KB	-rwxr-xr-x
mkfs.minix	42.39 KB	-rwxr-xr-x
mkfs.msdos	50.83 KB	-rwxr-xr-x
mkfs.ntfs	66.38 KB	-rwxr-xr-x
mkfs.vfat	50.83 KB	-rwxr-xr-x
mkfs.xfs	438.99 KB	-rwxr-xr-x
mkhomedir_helper	22.34 KB	-rwxr-xr-x
mkinitramfs	15.39 KB	-rwxr-xr-x
mklost+found	14.3 KB	-rwxr-xr-x
mkntfs	66.38 KB	-rwxr-xr-x
mkswap	50.38 KB	-rwxr-xr-x
modinfo	170.24 KB	-rwxr-xr-x
modprobe	170.24 KB	-rwxr-xr-x
mount.fuse	18.3 KB	-rwxr-xr-x
mount.fuse3	18.3 KB	-rwxr-xr-x
mount.lowntfs-3g	118.98 KB	-rwxr-xr-x
mount.ntfs	159.01 KB	-rwxr-xr-x
mount.ntfs-3g	159.01 KB	-rwxr-xr-x
mountsnoop-bpfcc	14.62 KB	-rwxr-xr-x
mpathpersist	31.21 KB	-rwxr-xr-x
multipath	34.3 KB	-rwxr-xr-x
multipathc	18.3 KB	-rwxr-xr-x
multipathd	142.46 KB	-rwxr-xr-x
mysqld	26.09 MB	-rwxr-xr-x
mysqld_qslower-bpfcc	3.05 KB	-rwxr-xr-x
nameif	14.39 KB	-rwxr-xr-x
naptime.bt	1.01 KB	-rwxr-xr-x
needrestart	40.13 KB	-rwxr-xr-x
netplan	802 B	-rwxr-xr-x
netqtop-bpfcc	5.59 KB	-rwxr-xr-x
newusers	86.96 KB	-rwxr-xr-x
nfnl_osf	18.3 KB	-rwxr-xr-x
nfsdist-bpfcc	4.95 KB	-rwxr-xr-x
nfsslower-bpfcc	13.61 KB	-rwxr-xr-x
nft	26.23 KB	-rwxr-xr-x
nginx	1.25 MB	-rwxr-xr-x
nodegc-bpfcc	52 B	-rwxr-xr-x
nodestat-bpfcc	54 B	-rwxr-xr-x
nologin	14.3 KB	-rwxr-xr-x
ntfsclone	50.38 KB	-rwxr-xr-x
ntfscp	30.38 KB	-rwxr-xr-x
ntfslabel	22.38 KB	-rwxr-xr-x
ntfsresize	62.39 KB	-rwxr-xr-x
ntfsundelete	50.38 KB	-rwxr-xr-x
offcputime-bpfcc	13.46 KB	-rwxr-xr-x
offwaketime-bpfcc	15.31 KB	-rwxr-xr-x
on_ac_power	3.7 KB	-rwxr-xr-x
oomkill-bpfcc	2.04 KB	-rwxr-xr-x
oomkill.bt	1.17 KB	-rwxr-xr-x
opensnoop-bpfcc	14.24 KB	-rwxr-xr-x
opensnoop.bt	953 B	-rwxr-xr-x
overlayroot-chroot	2.45 KB	-rwxr-xr-x
ownership	14.45 KB	-rwxr-xr-x
pam-auth-update	20.96 KB	-rwxr-xr-x
pam_extrausers_chkpwd	26.31 KB	-rwxr-sr-x
pam_extrausers_update	34.31 KB	-rwxr-xr-x
pam_getenv	2.82 KB	-rwxr-xr-x
pam_namespace_helper	467 B	-rwxr-xr-x
pam_timestamp_check	14.31 KB	-rwxr-xr-x
parted	94.4 KB	-rwxr-xr-x
partprobe	14.38 KB	-rwxr-xr-x
pdata_tools	1.36 MB	-rwxr-xr-x
perlcalls-bpfcc	55 B	-rwxr-xr-x
perlflow-bpfcc	54 B	-rwxr-xr-x
perlstat-bpfcc	54 B	-rwxr-xr-x
php-fpm8.3	5.49 MB	-rwxr-xr-x
phpcalls-bpfcc	54 B	-rwxr-xr-x
phpdismod	7.11 KB	-rwxr-xr-x
phpenmod	7.11 KB	-rwxr-xr-x
phpflow-bpfcc	53 B	-rwxr-xr-x
phpquery	6.24 KB	-rwxr-xr-x
phpstat-bpfcc	53 B	-rwxr-xr-x
pidpersec-bpfcc	1.08 KB	-rwxr-xr-x
pidpersec.bt	628 B	-rwxr-xr-x
pivot_root	14.38 KB	-rwxr-xr-x
plipconfig	14.3 KB	-rwxr-xr-x
plymouthd	146.57 KB	-rwxr-xr-x
poweroff	1.43 MB	-rwxr-xr-x
ppchcalls-bpfcc	13.89 KB	-rwxr-xr-x
profile-bpfcc	14.41 KB	-rwxr-xr-x
pvchange	3.01 MB	-rwxr-xr-x
pvck	3.01 MB	-rwxr-xr-x
pvcreate	3.01 MB	-rwxr-xr-x
pvdisplay	3.01 MB	-rwxr-xr-x
pvmove	3.01 MB	-rwxr-xr-x
pvremove	3.01 MB	-rwxr-xr-x
pvresize	3.01 MB	-rwxr-xr-x
pvs	3.01 MB	-rwxr-xr-x
pvscan	3.01 MB	-rwxr-xr-x
pwck	54.29 KB	-rwxr-xr-x
pwconv	46.16 KB	-rwxr-xr-x
pwhistory_helper	22.31 KB	-rwxr-xr-x
pwunconv	46.16 KB	-rwxr-xr-x
pythoncalls-bpfcc	57 B	-rwxr-xr-x
pythonflow-bpfcc	56 B	-rwxr-xr-x
pythongc-bpfcc	54 B	-rwxr-xr-x
pythonstat-bpfcc	56 B	-rwxr-xr-x
rarp	32.33 KB	-rwxr-xr-x
rdmaucma-bpfcc	4.95 KB	-rwxr-xr-x
readahead-bpfcc	6.54 KB	-rwxr-xr-x
readprofile	22.41 KB	-rwxr-xr-x
reboot	1.43 MB	-rwxr-xr-x
remove-shell	1.08 KB	-rwxr-xr-x
reset-trace-bpfcc	3.42 KB	-rwxr-xr-x
resize2fs	70.3 KB	-rwxr-xr-x
resolvconf	158.67 KB	-rwxr-xr-x
rmmod	170.24 KB	-rwxr-xr-x
rmt	54.71 KB	-rwxr-xr-x
rmt-tar	54.71 KB	-rwxr-xr-x
route	68.27 KB	-rwxr-xr-x
rsyslogd	771.67 KB	-rwxr-xr-x
rtacct	28.31 KB	-rwxr-xr-x
rtcwake	34.38 KB	-rwxr-xr-x
rtmon	116.52 KB	-rwxr-xr-x
rubycalls-bpfcc	55 B	-rwxr-xr-x
rubyflow-bpfcc	54 B	-rwxr-xr-x
rubygc-bpfcc	52 B	-rwxr-xr-x
rubyobjnew-bpfcc	56 B	-rwxr-xr-x
rubystat-bpfcc	54 B	-rwxr-xr-x
runlevel	1.43 MB	-rwxr-xr-x
runqlat-bpfcc	9.3 KB	-rwxr-xr-x
runqlat.bt	788 B	-rwxr-xr-x
runqlen-bpfcc	8.05 KB	-rwxr-xr-x
runqlen.bt	1.01 KB	-rwxr-xr-x
runqslower-bpfcc	9.01 KB	-rwxr-xr-x
runuser	54.38 KB	-rwxr-xr-x
service	8.89 KB	-rwxr-xr-x
setcap	14.3 KB	-rwxr-xr-x
setuids.bt	1.76 KB	-rwxr-xr-x
setvesablank	14.37 KB	-rwxr-xr-x
setvtrgb	14.43 KB	-rwxr-xr-x
sfdisk	106.38 KB	-rwxr-xr-x
sgdisk	178.48 KB	-rwxr-xr-x
shadowconfig	2.22 KB	-rwxr-xr-x
shmsnoop-bpfcc	7.8 KB	-rwxr-xr-x
shutdown	1.43 MB	-rwxr-xr-x
slabratetop-bpfcc	6.38 KB	-rwxr-xr-x
slattach	36.08 KB	-rwxr-xr-x
sofdsnoop-bpfcc	8.06 KB	-rwxr-xr-x
softirqs-bpfcc	5.59 KB	-rwxr-xr-x
solisten-bpfcc	5.96 KB	-rwxr-xr-x
split-logfile	2.36 KB	-rwxr-xr-x
sshd	899.82 KB	-rwxr-xr-x
ssllatency.bt	2.08 KB	-rwxr-xr-x
sslsniff-bpfcc	13.68 KB	-rwxr-xr-x
sslsnoop.bt	1.99 KB	-rwxr-xr-x
stackcount-bpfcc	16.26 KB	-rwxr-xr-x
start-stop-daemon	47.49 KB	-rwxr-xr-x
statsnoop-bpfcc	4.92 KB	-rwxr-xr-x
statsnoop.bt	1.26 KB	-rwxr-xr-x
sudo_logsrvd	248.5 KB	-rwxr-xr-x
sudo_sendlog	131.67 KB	-rwxr-xr-x
sulogin	42.38 KB	-rwxr-xr-x
swapin.bt	600 B	-rwxr-xr-x
swaplabel	18.38 KB	-rwxr-xr-x
swapoff	22.38 KB	-rwxr-xr-x
swapon	42.38 KB	-rwxr-xr-x
switch_root	22.38 KB	-rwxr-xr-x
syncsnoop-bpfcc	1.27 KB	-rwxr-xr-x
syncsnoop.bt	839 B	-rwxr-xr-x
syscount-bpfcc	8.57 KB	-rwxr-xr-x
syscount.bt	872 B	-rwxr-xr-x
sysctl	30.38 KB	-rwxr-xr-x
tarcat	936 B	-rwxr-xr-x
tc	630.08 KB	-rwxr-xr-x
tclcalls-bpfcc	54 B	-rwxr-xr-x
tclflow-bpfcc	53 B	-rwxr-xr-x
tclobjnew-bpfcc	55 B	-rwxr-xr-x
tclstat-bpfcc	53 B	-rwxr-xr-x
tcpaccept-bpfcc	9 KB	-rwxr-xr-x
tcpaccept.bt	1.71 KB	-rwxr-xr-x
tcpcong-bpfcc	20.11 KB	-rwxr-xr-x
tcpconnect-bpfcc	18.46 KB	-rwxr-xr-x
tcpconnect.bt	1.58 KB	-rwxr-xr-x
tcpconnlat-bpfcc	9.07 KB	-rwxr-xr-x
tcpdrop-bpfcc	7.44 KB	-rwxr-xr-x
tcpdrop.bt	2.41 KB	-rwxr-xr-x
tcplife-bpfcc	16.55 KB	-rwxr-xr-x
tcplife.bt	2.72 KB	-rwxr-xr-x
tcpretrans-bpfcc	13.77 KB	-rwxr-xr-x
tcpretrans.bt	2.07 KB	-rwxr-xr-x
tcprtt-bpfcc	8.7 KB	-rwxr-xr-x
tcpstates-bpfcc	13.73 KB	-rwxr-xr-x
tcpsubnet-bpfcc	7.63 KB	-rwxr-xr-x
tcpsynbl-bpfcc	2.12 KB	-rwxr-xr-x

Name

Size

Permission

Action

ModemManager

2.07 MB

-rwxr-xr-x

a2disconf

15.75 KB

-rwxr-xr-x

a2dismod

15.75 KB

-rwxr-xr-x

a2dissite

15.75 KB

-rwxr-xr-x

a2enconf

15.75 KB

-rwxr-xr-x

a2enmod

15.75 KB

-rwxr-xr-x

a2ensite

15.75 KB

-rwxr-xr-x

a2query

9.6 KB

-rwxr-xr-x

aa-load

38.75 KB

-rwxr-xr-x

aa-remove-unknown

3.15 KB

-rwxr-xr-x

aa-status

39.06 KB

-rwxr-xr-x

aa-teardown

137 B

-rwxr-xr-x

accessdb

14.55 KB

-rwxr-xr-x

add-shell

1.03 KB

-rwxr-xr-x

addgnupghome

3 KB

-rwxr-xr-x

addgroup

53.9 KB

-rwxr-xr-x

adduser

53.9 KB

-rwxr-xr-x

agetty

59.56 KB

-rwxr-xr-x

apache2

736.55 KB

-rwxr-xr-x

apache2ctl

7.26 KB

-rwxr-xr-x

apachectl

7.26 KB

-rwxr-xr-x

apparmor_parser

1.55 MB

-rwxr-xr-x

apparmor_status

39.06 KB

-rwxr-xr-x

applygnupgdefaults

2.17 KB

-rwxr-xr-x

argdist-bpfcc

36 KB

-rwxr-xr-x

arp

61.61 KB

-rwxr-xr-x

arpd

26.33 KB

-rwxr-xr-x

arptables

219.16 KB

-rwxr-xr-x

arptables-nft

219.16 KB

-rwxr-xr-x

arptables-nft-restore

219.16 KB

-rwxr-xr-x

arptables-nft-save

219.16 KB

-rwxr-xr-x

arptables-restore

219.16 KB

-rwxr-xr-x

arptables-save

219.16 KB

-rwxr-xr-x

audisp-af_unix

14.31 KB

-rwxr-xr-x

audisp-remote

50.41 KB

-rwxr-xr-x

audisp-syslog

18.3 KB

-rwxr-xr-x

audispd-zos-remote

34.38 KB

-rwxr-xr-x

auditctl

50.5 KB

-rwxr-xr-x

auditd

118.41 KB

-rwxr-xr-x

augenrules

3.74 KB

-rwxr-xr-x

aureport

110.41 KB

-rwxr-xr-x

ausearch

110.45 KB

-rwxr-xr-x

autrace

18.3 KB

-rwxr-xr-x

badblocks

34.32 KB

-rwxr-xr-x

bashreadline-bpfcc

2.32 KB

-rwxr-xr-x

bashreadline.bt

698 B

-rwxr-xr-x

bcache-super-show

14.3 KB

-rwxr-xr-x

bindsnoop-bpfcc

15.96 KB

-rwxr-xr-x

biolatency-bpfcc

11.1 KB

-rwxr-xr-x

biolatency-kp.bt

664 B

-rwxr-xr-x

biolatency.bt

681 B

-rwxr-xr-x

biolatpcts-bpfcc

10.01 KB

-rwxr-xr-x

biopattern-bpfcc

3.86 KB

-rwxr-xr-x

biosdecode

27.2 KB

-rwxr-xr-x

biosnoop-bpfcc

10.58 KB

-rwxr-xr-x

biosnoop.bt

1.12 KB

-rwxr-xr-x

biostacks.bt

915 B

-rwxr-xr-x

biotop-bpfcc

9.34 KB

-rwxr-xr-x

bitesize-bpfcc

1.14 KB

-rwxr-xr-x

bitesize.bt

567 B

-rwxr-xr-x

blkdeactivate

15.97 KB

-rwxr-xr-x

blkdiscard

22.38 KB

-rwxr-xr-x

blkid

54.41 KB

-rwxr-xr-x

blkzone

34.38 KB

-rwxr-xr-x

blockdev

34.38 KB

-rwxr-xr-x

bpflist-bpfcc

2.54 KB

-rwxr-xr-x

bpftool

1.58 KB

-rwxr-xr-x

bridge

108.49 KB

-rwxr-xr-x

btrfsdist-bpfcc

6.47 KB

-rwxr-xr-x

btrfsslower-bpfcc

9.75 KB

-rwxr-xr-x

cache_check

1.36 MB

-rwxr-xr-x

cache_dump

1.36 MB

-rwxr-xr-x

cache_metadata_size

1.36 MB

-rwxr-xr-x

cache_repair

1.36 MB

-rwxr-xr-x

cache_restore

1.36 MB

-rwxr-xr-x

cache_writeback

1.36 MB

-rwxr-xr-x

cachestat-bpfcc

6.38 KB

-rwxr-xr-x

cachetop-bpfcc

9.15 KB

-rwxr-xr-x

capable-bpfcc

8.28 KB

-rwxr-xr-x

capable.bt

1.88 KB

-rwxr-xr-x

capsh

57.09 KB

-rwxr-xr-x

cfdisk

94.73 KB

-rwxr-xr-x

cgdisk

166.48 KB

-rwxr-xr-x

chcpu

30.38 KB

-rwxr-xr-x

check_forensic

952 B

-rwxr-xr-x

chgpasswd

58.32 KB

-rwxr-xr-x

chmem

34.38 KB

-rwxr-xr-x

chpasswd

54.43 KB

-rwxr-xr-x

chroot

38.51 KB

-rwxr-xr-x

cobjnew-bpfcc

53 B

-rwxr-xr-x

compactsnoop-bpfcc

11.1 KB

-rwxr-xr-x

cpgr

48.45 KB

-rwxr-xr-x

cppw

48.45 KB

-rwxr-xr-x

cpudist-bpfcc

6.85 KB

-rwxr-xr-x

cpuunclaimed-bpfcc

14.59 KB

-rwxr-xr-x

cpuwalk.bt

497 B

-rwxr-xr-x

criticalstat-bpfcc

8.41 KB

-rwxr-xr-x

cron

58.67 KB

-rwxr-xr-x

cryptdisks_start

1.51 KB

-rwxr-xr-x

cryptdisks_stop

844 B

-rwxr-xr-x

cryptsetup

225.9 KB

-rwxr-xr-x

ctrlaltdel

14.38 KB

-rwxr-xr-x

dbslower-bpfcc

7.22 KB

-rwxr-xr-x

dbstat-bpfcc

3.7 KB

-rwxr-xr-x

dcb

80.52 KB

-rwxr-xr-x

dcsnoop-bpfcc

4.03 KB

-rwxr-xr-x

dcsnoop.bt

1.23 KB

-rwxr-xr-x

dcstat-bpfcc

3.77 KB

-rwxr-xr-x

deadlock-bpfcc

20.45 KB

-rwxr-xr-x

debugfs

225.87 KB

-rwxr-xr-x

delgroup

18.53 KB

-rwxr-xr-x

deluser

18.53 KB

-rwxr-xr-x

depmod

170.24 KB

-rwxr-xr-x

devlink

150.86 KB

-rwxr-xr-x

dhcpcd

395.4 KB

-rwxr-xr-x

dirtop-bpfcc

8.37 KB

-rwxr-xr-x

dmeventd

50.38 KB

-rwxr-xr-x

dmidecode

135.25 KB

-rwxr-xr-x

dmsetup

171.05 KB

-rwxr-xr-x

dmstats

171.05 KB

-rwxr-xr-x

dosfsck

78.38 KB

-rwxr-xr-x

dosfslabel

38.38 KB

-rwxr-xr-x

dpkg-preconfigure

4.25 KB

-rwxr-xr-x

dpkg-reconfigure

4.43 KB

-rwxr-xr-x

drsnoop-bpfcc

6.73 KB

-rwxr-xr-x

dumpe2fs

34.31 KB

-rwxr-xr-x

e2freefrag

18.3 KB

-rwxr-xr-x

e2fsck

364.34 KB

-rwxr-xr-x

e2image

42.31 KB

-rwxr-xr-x

e2label

110.56 KB

-rwxr-xr-x

e2mmpstatus

34.31 KB

-rwxr-xr-x

e2scrub

7.12 KB

-rwxr-xr-x

e2scrub_all

5.27 KB

-rwxr-xr-x

e2undo

22.3 KB

-rwxr-xr-x

e4crypt

30.38 KB

-rwxr-xr-x

e4defrag

34.3 KB

-rwxr-xr-x

ebtables

219.16 KB

-rwxr-xr-x

ebtables-nft

219.16 KB

-rwxr-xr-x

ebtables-nft-restore

219.16 KB

-rwxr-xr-x

ebtables-nft-save

219.16 KB

-rwxr-xr-x

ebtables-restore

219.16 KB

-rwxr-xr-x

ebtables-save

219.16 KB

-rwxr-xr-x

ebtables-translate

219.16 KB

-rwxr-xr-x

era_check

1.36 MB

-rwxr-xr-x

era_dump

1.36 MB

-rwxr-xr-x

era_invalidate

1.36 MB

-rwxr-xr-x

era_restore

1.36 MB

-rwxr-xr-x

ethtool

651.68 KB

-rwxr-xr-x

execsnoop-bpfcc

9.82 KB

-rwxr-xr-x

execsnoop.bt

928 B

-rwxr-xr-x

exitsnoop-bpfcc

9.42 KB

-rwxr-xr-x

ext4dist-bpfcc

6.53 KB

-rwxr-xr-x

ext4slower-bpfcc

9.71 KB

-rwxr-xr-x

faillock

22.31 KB

-rwxr-xr-x

fatlabel

38.38 KB

-rwxr-xr-x

fdisk

114.42 KB

-rwxr-xr-x

filefrag

18.32 KB

-rwxr-xr-x

filegone-bpfcc

5.64 KB

-rwxr-xr-x

filelife-bpfcc

6.38 KB

-rwxr-xr-x

fileslower-bpfcc

7.2 KB

-rwxr-xr-x

filetop-bpfcc

6.35 KB

-rwxr-xr-x

findfs

14.38 KB

-rwxr-xr-x

fixparts

58.48 KB

-rwxr-xr-x

fsadm

24 KB

-rwxr-xr-x

fsck

42.42 KB

-rwxr-xr-x

fsck.btrfs

1.16 KB

-rwxr-xr-x

fsck.cramfs

30.44 KB

-rwxr-xr-x

fsck.ext2

364.34 KB

-rwxr-xr-x

fsck.ext3

364.34 KB

-rwxr-xr-x

fsck.ext4

364.34 KB

-rwxr-xr-x

fsck.fat

78.38 KB

-rwxr-xr-x

fsck.minix

54.41 KB

-rwxr-xr-x

fsck.msdos

78.38 KB

-rwxr-xr-x

fsck.vfat

78.38 KB

-rwxr-xr-x

fsck.xfs

2.51 KB

-rwxr-xr-x

fsfreeze

14.38 KB

-rwxr-xr-x

fstab-decode

14.3 KB

-rwxr-xr-x

fstrim

42.38 KB

-rwxr-xr-x

funccount-bpfcc

12.68 KB

-rwxr-xr-x

funcinterval-bpfcc

5.46 KB

-rwxr-xr-x

funclatency-bpfcc

11.28 KB

-rwxr-xr-x

funcslower-bpfcc

10.38 KB

-rwxr-xr-x

gdisk

198.48 KB

-rwxr-xr-x

genl

120.58 KB

-rwxr-xr-x

getcap

14.3 KB

-rwxr-xr-x

gethostlatency-bpfcc

3.82 KB

-rwxr-xr-x

gethostlatency.bt

1.19 KB

-rwxr-xr-x

getpcaps

14.3 KB

-rwxr-xr-x

getty

59.56 KB

-rwxr-xr-x

groupadd

71.13 KB

-rwxr-xr-x

groupdel

62.91 KB

-rwxr-xr-x

groupmems

58.34 KB

-rwxr-xr-x

groupmod

71.04 KB

-rwxr-xr-x

grpck

58.32 KB

-rwxr-xr-x

grpconv

50.16 KB

-rwxr-xr-x

grpunconv

50.16 KB

-rwxr-xr-x

grub-bios-setup

958.55 KB

-rwxr-xr-x

grub-install

1.17 MB

-rwxr-xr-x

grub-macbless

946.41 KB

-rwxr-xr-x

grub-mkconfig

8.63 KB

-rwxr-xr-x

grub-mkdevicemap

70.69 KB

-rwxr-xr-x

grub-probe

954.66 KB

-rwxr-xr-x

grub-reboot

4.73 KB

-rwxr-xr-x

grub-set-default

3.47 KB

-rwxr-xr-x

halt

1.43 MB

-rwxr-xr-x

hardirqs-bpfcc

6.85 KB

-rwxr-xr-x

hdparm

139.43 KB

-rwxr-xr-x

httxt2dbm

14.3 KB

-rwxr-xr-x

iconvconfig

34.47 KB

-rwxr-xr-x

ifconfig

77.17 KB

-rwxr-xr-x

iftop

62.62 KB

-rwxr-xr-x

init

98.45 KB

-rwxr-xr-x

inject-bpfcc

16.06 KB

-rwxr-xr-x

insmod

170.24 KB

-rwxr-xr-x

install-sgmlcatalog

4.44 KB

-rwxr-xr-x

installkernel

2.6 KB

-rwxr-xr-x

integritysetup

67.06 KB

-rwxr-xr-x

invoke-rc.d

16.13 KB

-rwxr-xr-x

iotop

113.64 KB

-rwxr-xr-x

iotop-c

113.64 KB

-rwxr-xr-x

754.8 KB

-rwxr-xr-x

ip6tables

219.16 KB

-rwxr-xr-x

ip6tables-apply

6.89 KB

-rwxr-xr-x

ip6tables-legacy

92.95 KB

-rwxr-xr-x

ip6tables-legacy-restore

92.95 KB

-rwxr-xr-x

ip6tables-legacy-save

92.95 KB

-rwxr-xr-x

ip6tables-nft

219.16 KB

-rwxr-xr-x

ip6tables-nft-restore

219.16 KB

-rwxr-xr-x

ip6tables-nft-save

219.16 KB

-rwxr-xr-x

ip6tables-restore

219.16 KB

-rwxr-xr-x

ip6tables-restore-translate

219.16 KB

-rwxr-xr-x

ip6tables-save

219.16 KB

-rwxr-xr-x

ip6tables-translate

219.16 KB

-rwxr-xr-x

ipmaddr

18.3 KB

-rwxr-xr-x

iptables

219.16 KB

-rwxr-xr-x

iptables-apply

6.89 KB

-rwxr-xr-x

iptables-legacy

92.95 KB

-rwxr-xr-x

iptables-legacy-restore

92.95 KB

-rwxr-xr-x

iptables-legacy-save

92.95 KB

-rwxr-xr-x

iptables-nft

219.16 KB

-rwxr-xr-x

iptables-nft-restore

219.16 KB

-rwxr-xr-x

iptables-nft-save

219.16 KB

-rwxr-xr-x

iptables-restore

219.16 KB

-rwxr-xr-x

iptables-restore-translate

219.16 KB

-rwxr-xr-x

iptables-save

219.16 KB

-rwxr-xr-x

iptables-translate

219.16 KB

-rwxr-xr-x

iptunnel

18.3 KB

-rwxr-xr-x

iscsi-iname

18.3 KB

-rwxr-xr-x

iscsi_discovery

5.17 KB

-rwxr-xr-x

iscsiadm

370.43 KB

-rwxr-xr-x

iscsid

286.55 KB

-rwxr-xr-x

iscsistart

274.49 KB

-rwxr-xr-x

isosize

14.38 KB

-rwxr-xr-x

javacalls-bpfcc

55 B

-rwxr-xr-x

javaflow-bpfcc

54 B

-rwxr-xr-x

javagc-bpfcc

52 B

-rwxr-xr-x

javaobjnew-bpfcc

56 B

-rwxr-xr-x

javastat-bpfcc

54 B

-rwxr-xr-x

javathreads-bpfcc

57 B

-rwxr-xr-x

kbdrate

18.31 KB

-rwxr-xr-x

killall5

26.23 KB

-rwxr-xr-x

killsnoop-bpfcc

4.45 KB

-rwxr-xr-x

killsnoop.bt

873 B

-rwxr-xr-x

klockstat-bpfcc

13.04 KB

-rwxr-xr-x

kpartx

42.16 KB

-rwxr-xr-x

kvmexit-bpfcc

11.19 KB

-rwxr-xr-x

ldattach

26.38 KB

-rwxr-xr-x

ldconfig

387 B

-rwxr-xr-x

ldconfig.real

1 MB

-rwxr-xr-x

llcstat-bpfcc

4.48 KB

-rwxr-xr-x

loads.bt

1.1 KB

-rwxr-xr-x

locale-gen

4.21 KB

-rwxr-xr-x

logrotate

94.24 KB

-rwxr-xr-x

logsave

14.16 KB

-rwxr-xr-x

losetup

74.52 KB

-rwxr-xr-x

lsmod

170.24 KB

-rwxr-xr-x

luksformat

3.32 KB

-rwxr-xr-x

lvchange

3.01 MB

-rwxr-xr-x

lvconvert

3.01 MB

-rwxr-xr-x

lvcreate

3.01 MB

-rwxr-xr-x

lvdisplay

3.01 MB

-rwxr-xr-x

lvextend

3.01 MB

-rwxr-xr-x

lvm

3.01 MB

-rwxr-xr-x

lvmconfig

3.01 MB

-rwxr-xr-x

lvmdiskscan

3.01 MB

-rwxr-xr-x

lvmdump

10.12 KB

-rwxr-xr-x

lvmpolld

235.97 KB

-rwxr-xr-x

lvmsadc

3.01 MB

-rwxr-xr-x

lvmsar

3.01 MB

-rwxr-xr-x

lvreduce

3.01 MB

-rwxr-xr-x

lvremove

3.01 MB

-rwxr-xr-x

lvrename

3.01 MB

-rwxr-xr-x

lvresize

3.01 MB

-rwxr-xr-x

lvs

3.01 MB

-rwxr-xr-x

lvscan

3.01 MB

-rwxr-xr-x

lxc

589 B

-rwxr-xr-x

lxd

589 B

-rwxr-xr-x

make-bcache

22.38 KB

-rwxr-xr-x

make-ssl-cert

6.65 KB

-rwxr-xr-x

mariadbd

26.09 MB

-rwxr-xr-x

mdadm

622.21 KB

-rwxr-xr-x

mdflush-bpfcc

2.24 KB

-rwxr-xr-x

mdflush.bt

775 B

-rwxr-xr-x

mdmon

258.8 KB

-rwxr-xr-x

memleak-bpfcc

20.8 KB

-rwxr-xr-x

mii-tool

26.73 KB

-rwxr-xr-x

mkdosfs

50.83 KB

-rwxr-xr-x

mke2fs

130.62 KB

-rwxr-xr-x

mkfs

14.38 KB

-rwxr-xr-x

mkfs.bfs

22.38 KB

-rwxr-xr-x

mkfs.btrfs

560.3 KB

-rwxr-xr-x

mkfs.cramfs

34.32 KB

-rwxr-xr-x

mkfs.ext2

130.62 KB

-rwxr-xr-x

mkfs.ext3

130.62 KB

-rwxr-xr-x

mkfs.ext4

130.62 KB

-rwxr-xr-x

mkfs.fat

50.83 KB

-rwxr-xr-x

mkfs.minix

42.39 KB

-rwxr-xr-x

mkfs.msdos

50.83 KB

-rwxr-xr-x

mkfs.ntfs

66.38 KB

-rwxr-xr-x

mkfs.vfat

50.83 KB

-rwxr-xr-x

mkfs.xfs

438.99 KB

-rwxr-xr-x

mkhomedir_helper

22.34 KB

-rwxr-xr-x

mkinitramfs

15.39 KB

-rwxr-xr-x

mklost+found

14.3 KB

-rwxr-xr-x

mkntfs

66.38 KB

-rwxr-xr-x

mkswap

50.38 KB

-rwxr-xr-x

modinfo

170.24 KB

-rwxr-xr-x

modprobe

170.24 KB

-rwxr-xr-x

mount.fuse

18.3 KB

-rwxr-xr-x

mount.fuse3

18.3 KB

-rwxr-xr-x

mount.lowntfs-3g

118.98 KB

-rwxr-xr-x

mount.ntfs

159.01 KB

-rwxr-xr-x

mount.ntfs-3g

159.01 KB

-rwxr-xr-x

mountsnoop-bpfcc

14.62 KB

-rwxr-xr-x

mpathpersist

31.21 KB

-rwxr-xr-x

multipath

34.3 KB

-rwxr-xr-x

multipathc

18.3 KB

-rwxr-xr-x

multipathd

142.46 KB

-rwxr-xr-x

mysqld

26.09 MB

-rwxr-xr-x

mysqld_qslower-bpfcc

3.05 KB

-rwxr-xr-x

nameif

14.39 KB

-rwxr-xr-x

naptime.bt

1.01 KB

-rwxr-xr-x

needrestart

40.13 KB

-rwxr-xr-x

netplan

802 B

-rwxr-xr-x

netqtop-bpfcc

5.59 KB

-rwxr-xr-x

newusers

86.96 KB

-rwxr-xr-x

nfnl_osf

18.3 KB

-rwxr-xr-x

nfsdist-bpfcc

4.95 KB

-rwxr-xr-x

nfsslower-bpfcc

13.61 KB

-rwxr-xr-x

nft

26.23 KB

-rwxr-xr-x

nginx

1.25 MB

-rwxr-xr-x

nodegc-bpfcc

52 B

-rwxr-xr-x

nodestat-bpfcc

54 B

-rwxr-xr-x

nologin

14.3 KB

-rwxr-xr-x

ntfsclone

50.38 KB

-rwxr-xr-x

ntfscp

30.38 KB

-rwxr-xr-x

ntfslabel

22.38 KB

-rwxr-xr-x

ntfsresize

62.39 KB

-rwxr-xr-x

ntfsundelete

50.38 KB

-rwxr-xr-x

offcputime-bpfcc

13.46 KB

-rwxr-xr-x

offwaketime-bpfcc

15.31 KB

-rwxr-xr-x

on_ac_power

3.7 KB

-rwxr-xr-x

oomkill-bpfcc

2.04 KB

-rwxr-xr-x

oomkill.bt

1.17 KB

-rwxr-xr-x

opensnoop-bpfcc

14.24 KB

-rwxr-xr-x

opensnoop.bt

953 B

-rwxr-xr-x

overlayroot-chroot

2.45 KB

-rwxr-xr-x

ownership

14.45 KB

-rwxr-xr-x

pam-auth-update

20.96 KB

-rwxr-xr-x

pam_extrausers_chkpwd

26.31 KB

-rwxr-sr-x

pam_extrausers_update

34.31 KB

-rwxr-xr-x

pam_getenv

2.82 KB

-rwxr-xr-x

pam_namespace_helper

467 B

-rwxr-xr-x

pam_timestamp_check

14.31 KB

-rwxr-xr-x

parted

94.4 KB

-rwxr-xr-x

partprobe

14.38 KB

-rwxr-xr-x

pdata_tools

1.36 MB

-rwxr-xr-x

perlcalls-bpfcc

55 B

-rwxr-xr-x

perlflow-bpfcc

54 B

-rwxr-xr-x

perlstat-bpfcc

54 B

-rwxr-xr-x

php-fpm8.3

5.49 MB

-rwxr-xr-x

phpcalls-bpfcc

54 B

-rwxr-xr-x

phpdismod

7.11 KB

-rwxr-xr-x

phpenmod

7.11 KB

-rwxr-xr-x

phpflow-bpfcc

53 B

-rwxr-xr-x

phpquery

6.24 KB

-rwxr-xr-x

phpstat-bpfcc

53 B

-rwxr-xr-x

pidpersec-bpfcc

1.08 KB

-rwxr-xr-x

pidpersec.bt

628 B

-rwxr-xr-x

pivot_root

14.38 KB

-rwxr-xr-x

plipconfig

14.3 KB

-rwxr-xr-x

plymouthd

146.57 KB

-rwxr-xr-x

poweroff

1.43 MB

-rwxr-xr-x

ppchcalls-bpfcc

13.89 KB

-rwxr-xr-x

profile-bpfcc

14.41 KB

-rwxr-xr-x

pvchange

3.01 MB

-rwxr-xr-x

pvck

3.01 MB

-rwxr-xr-x

pvcreate

3.01 MB

-rwxr-xr-x

pvdisplay

3.01 MB

-rwxr-xr-x

pvmove

3.01 MB

-rwxr-xr-x

pvremove

3.01 MB

-rwxr-xr-x

pvresize

3.01 MB

-rwxr-xr-x

pvs

3.01 MB

-rwxr-xr-x

pvscan

3.01 MB

-rwxr-xr-x

pwck

54.29 KB

-rwxr-xr-x

pwconv

46.16 KB

-rwxr-xr-x

pwhistory_helper

22.31 KB

-rwxr-xr-x

pwunconv

46.16 KB

-rwxr-xr-x

pythoncalls-bpfcc

57 B

-rwxr-xr-x

pythonflow-bpfcc

56 B

-rwxr-xr-x

pythongc-bpfcc

54 B

-rwxr-xr-x

pythonstat-bpfcc

56 B

-rwxr-xr-x

rarp

32.33 KB

-rwxr-xr-x

rdmaucma-bpfcc

4.95 KB

-rwxr-xr-x

readahead-bpfcc

6.54 KB

-rwxr-xr-x

readprofile

22.41 KB

-rwxr-xr-x

reboot

1.43 MB

-rwxr-xr-x

remove-shell

1.08 KB

-rwxr-xr-x

reset-trace-bpfcc

3.42 KB

-rwxr-xr-x

resize2fs

70.3 KB

-rwxr-xr-x

resolvconf

158.67 KB

-rwxr-xr-x

rmmod

170.24 KB

-rwxr-xr-x

rmt

54.71 KB

-rwxr-xr-x

rmt-tar

54.71 KB

-rwxr-xr-x

route

68.27 KB

-rwxr-xr-x

rsyslogd

771.67 KB

-rwxr-xr-x

rtacct

28.31 KB

-rwxr-xr-x

rtcwake

34.38 KB

-rwxr-xr-x

rtmon

116.52 KB

-rwxr-xr-x

rubycalls-bpfcc

55 B

-rwxr-xr-x

rubyflow-bpfcc

54 B

-rwxr-xr-x

rubygc-bpfcc

52 B

-rwxr-xr-x

rubyobjnew-bpfcc

56 B

-rwxr-xr-x

rubystat-bpfcc

54 B

-rwxr-xr-x

runlevel

1.43 MB

-rwxr-xr-x

runqlat-bpfcc

9.3 KB

-rwxr-xr-x

runqlat.bt

788 B

-rwxr-xr-x

runqlen-bpfcc

8.05 KB

-rwxr-xr-x

runqlen.bt

1.01 KB

-rwxr-xr-x

runqslower-bpfcc

9.01 KB

-rwxr-xr-x

runuser

54.38 KB

-rwxr-xr-x

service

8.89 KB

-rwxr-xr-x

setcap

14.3 KB

-rwxr-xr-x

setuids.bt

1.76 KB

-rwxr-xr-x

setvesablank

14.37 KB

-rwxr-xr-x

setvtrgb

14.43 KB

-rwxr-xr-x

sfdisk

106.38 KB

-rwxr-xr-x

sgdisk

178.48 KB

-rwxr-xr-x

shadowconfig

2.22 KB

-rwxr-xr-x

shmsnoop-bpfcc

7.8 KB

-rwxr-xr-x

shutdown

1.43 MB

-rwxr-xr-x

slabratetop-bpfcc

6.38 KB

-rwxr-xr-x

slattach

36.08 KB

-rwxr-xr-x

sofdsnoop-bpfcc

8.06 KB

-rwxr-xr-x

softirqs-bpfcc

5.59 KB

-rwxr-xr-x

solisten-bpfcc

5.96 KB

-rwxr-xr-x

split-logfile

2.36 KB

-rwxr-xr-x

sshd

899.82 KB

-rwxr-xr-x

ssllatency.bt

2.08 KB

-rwxr-xr-x

sslsniff-bpfcc

13.68 KB

-rwxr-xr-x

sslsnoop.bt

1.99 KB

-rwxr-xr-x

stackcount-bpfcc

16.26 KB

-rwxr-xr-x

start-stop-daemon

47.49 KB

-rwxr-xr-x

statsnoop-bpfcc

4.92 KB

-rwxr-xr-x

statsnoop.bt

1.26 KB

-rwxr-xr-x

sudo_logsrvd

248.5 KB

-rwxr-xr-x

sudo_sendlog

131.67 KB

-rwxr-xr-x

sulogin

42.38 KB

-rwxr-xr-x

swapin.bt

600 B

-rwxr-xr-x

swaplabel

18.38 KB

-rwxr-xr-x

swapoff

22.38 KB

-rwxr-xr-x

swapon

42.38 KB

-rwxr-xr-x

switch_root

22.38 KB

-rwxr-xr-x

syncsnoop-bpfcc

1.27 KB

-rwxr-xr-x

syncsnoop.bt

839 B

-rwxr-xr-x

syscount-bpfcc

8.57 KB

-rwxr-xr-x

syscount.bt

872 B

-rwxr-xr-x

sysctl

30.38 KB

-rwxr-xr-x

tarcat

936 B

-rwxr-xr-x

630.08 KB

-rwxr-xr-x

tclcalls-bpfcc

54 B

-rwxr-xr-x

tclflow-bpfcc

53 B

-rwxr-xr-x

tclobjnew-bpfcc

55 B

-rwxr-xr-x

tclstat-bpfcc

53 B

-rwxr-xr-x

tcpaccept-bpfcc

9 KB

-rwxr-xr-x

tcpaccept.bt

1.71 KB

-rwxr-xr-x

tcpcong-bpfcc

20.11 KB

-rwxr-xr-x

tcpconnect-bpfcc

18.46 KB

-rwxr-xr-x

tcpconnect.bt

1.58 KB

-rwxr-xr-x

tcpconnlat-bpfcc

9.07 KB

-rwxr-xr-x

tcpdrop-bpfcc

7.44 KB

-rwxr-xr-x

tcpdrop.bt

2.41 KB

-rwxr-xr-x

tcplife-bpfcc

16.55 KB

-rwxr-xr-x

tcplife.bt

2.72 KB

-rwxr-xr-x

tcpretrans-bpfcc

13.77 KB

-rwxr-xr-x

tcpretrans.bt

2.07 KB

-rwxr-xr-x

tcprtt-bpfcc

8.7 KB

-rwxr-xr-x

tcpstates-bpfcc

13.73 KB

-rwxr-xr-x

tcpsubnet-bpfcc

7.63 KB

-rwxr-xr-x

tcpsynbl-bpfcc

2.12 KB

-rwxr-xr-x

tcpsynbl.bt

962 B

-rwxr-xr-x

tcptop-bpfcc

12.64 KB

-rwxr-xr-x

tcptracer-bpfcc

17.71 KB

-rwxr-xr-x

telinit

1.43 MB

-rwxr-xr-x

thin_check

1.36 MB

-rwxr-xr-x

thin_delta

1.36 MB

-rwxr-xr-x

thin_dump

1.36 MB

-rwxr-xr-x

thin_ls

1.36 MB

-rwxr-xr-x

thin_metadata_size

1.36 MB

-rwxr-xr-x

thin_repair

1.36 MB

-rwxr-xr-x

thin_restore

1.36 MB

-rwxr-xr-x

thin_rmap

1.36 MB

-rwxr-xr-x

thin_trim

1.36 MB

-rwxr-xr-x

threadsnoop-bpfcc

1.81 KB

-rwxr-xr-x

threadsnoop.bt

712 B

-rwxr-xr-x

tipc

90.52 KB

-rwxr-xr-x

tplist-bpfcc

4.06 KB

-rwxr-xr-x

trace-bpfcc

42.86 KB

-rwxr-xr-x

ttysnoop-bpfcc

7.51 KB

-rwxr-xr-x

tune2fs

110.56 KB

-rwxr-xr-x

ucalls

11.69 KB

-rwxr-xr-x

uflow

7.92 KB

-rwxr-xr-x

ufw

4.84 KB

-rwxr-xr-x

ugc

7.64 KB

-rwxr-xr-x

umount.udisks2

14.3 KB

-rwxr-xr-x

undump.bt

789 B

-rwxr-xr-x

unix_chkpwd

30.31 KB

-rwxr-sr-x

unix_update

34.31 KB

-rwxr-xr-x

uobjnew

6.04 KB

-rwxr-xr-x

update-ca-certificates

5.32 KB

-rwxr-xr-x

update-catalog

9.17 KB

-rwxr-xr-x

update-grub

64 B

-rwxr-xr-x

update-grub-gfxpayload

301 B

-rwxr-xr-x

update-grub2

64 B

-rwxr-xr-x

update-ieee-data

3.41 KB

-rwxr-xr-x

update-info-dir

1.66 KB

-rwxr-xr-x

update-initramfs

6.75 KB

-rwxr-xr-x

update-locale

2.99 KB

-rwxr-xr-x

update-passwd

34.56 KB

-rwxr-xr-x

update-pciids

1.74 KB

-rwxr-xr-x

update-rc.d

17.72 KB

-rwxr-xr-x

update-secureboot-policy

7.43 KB

-rwxr-xr-x

update-shells

3.89 KB

-rwxr-xr-x

update-xmlcatalog

16.88 KB

-rwxr-xr-x

upgrade-from-grub-legacy

1.56 KB

-rwxr-xr-x

usb_modeswitch

59.66 KB

-rwxr-xr-x

usb_modeswitch_dispatcher

26.78 KB

-rwxr-xr-x

useradd

139.88 KB

-rwxr-xr-x

userdel

91.01 KB

-rwxr-xr-x

usermod

127.65 KB

-rwxr-xr-x

ustat

12.12 KB

-rwxr-xr-x

uthreads

4 KB

-rwxr-xr-x

uuidd

30.88 KB

-rwxr-xr-x

validlocale

1.73 KB

-rwxr-xr-x

vcstime

14.3 KB

-rwxr-xr-x

vdpa

34.56 KB

-rwxr-xr-x

veritysetup

43.94 KB

-rwxr-xr-x

vfscount-bpfcc

1.36 KB

-rwxr-xr-x

vfscount.bt

515 B

-rwxr-xr-x

vfsstat-bpfcc

4.06 KB

-rwxr-xr-x

vfsstat.bt

721 B

-rwxr-xr-x

vgcfgbackup

3.01 MB

-rwxr-xr-x

vgcfgrestore

3.01 MB

-rwxr-xr-x

vgchange

3.01 MB

-rwxr-xr-x

vgck

3.01 MB

-rwxr-xr-x

vgconvert

3.01 MB

-rwxr-xr-x

vgcreate

3.01 MB

-rwxr-xr-x

vgdisplay

3.01 MB

-rwxr-xr-x

vgexport

3.01 MB

-rwxr-xr-x

vgextend

3.01 MB

-rwxr-xr-x

vgimport

3.01 MB

-rwxr-xr-x

vgimportclone

3.01 MB

-rwxr-xr-x

vgmerge

3.01 MB

-rwxr-xr-x

vgmknodes

3.01 MB

-rwxr-xr-x

vgreduce

3.01 MB

-rwxr-xr-x

vgremove

3.01 MB

-rwxr-xr-x

vgrename

3.01 MB

-rwxr-xr-x

vgs

3.01 MB

-rwxr-xr-x

vgscan

3.01 MB

-rwxr-xr-x

vgsplit

3.01 MB

-rwxr-xr-x

vigr

60.69 KB

-rwxr-xr-x

vipw

60.69 KB

-rwxr-xr-x

virtiostat-bpfcc

8.69 KB

-rwxr-xr-x

visudo

252.71 KB

-rwxr-xr-x

vnstatd

93.28 KB

-rwxr-xr-x

vpddecode

14.58 KB

-rwxr-xr-x

vsftpd

156.48 KB

-rwxr-xr-x

wakeuptime-bpfcc

8.1 KB

-rwxr-xr-x

wipefs

38.38 KB

-rwxr-xr-x

writeback.bt

1.66 KB

-rwxr-xr-x

xfs_admin

2.12 KB

-rwxr-xr-x

xfs_bmap

695 B

-rwxr-xr-x

xfs_copy

90.44 KB

-rwxr-xr-x

xfs_db

688.56 KB

-rwxr-xr-x

xfs_estimate

14.16 KB

-rwxr-xr-x

xfs_freeze

800 B

-rwxr-xr-x

xfs_fsr

42.18 KB

-rwxr-xr-x

xfs_growfs

38.23 KB

-rwxr-xr-x

xfs_info

1.26 KB

-rwxr-xr-x

xfs_io

203.65 KB

-rwxr-xr-x

xfs_logprint

78.27 KB

-rwxr-xr-x

xfs_mdrestore

34.23 KB

-rwxr-xr-x

xfs_metadump

816 B

-rwxr-xr-x

xfs_mkfile

1.02 KB

-rwxr-xr-x

xfs_ncheck

685 B

-rwxr-xr-x

xfs_quota

90.16 KB

-rwxr-xr-x

xfs_repair

643.32 KB

-rwxr-xr-x

xfs_rtcp

18.15 KB

-rwxr-xr-x

xfs_scrub

106.27 KB

-rwxr-xr-x

xfs_scrub_all

7.66 KB

-rwxr-xr-x

xfs_spaceman

42.3 KB

-rwxr-xr-x

xfsdist-bpfcc

4.61 KB

-rwxr-xr-x

xfsdist.bt

972 B

-rwxr-xr-x

xfsslower-bpfcc

7.78 KB

-rwxr-xr-x

xtables-legacy-multi

92.95 KB

-rwxr-xr-x

xtables-monitor

219.16 KB

-rwxr-xr-x

xtables-nft-multi

219.16 KB

-rwxr-xr-x

zerofree

14.15 KB

-rwxr-xr-x

zfsdist-bpfcc

5.3 KB

-rwxr-xr-x

zfsslower-bpfcc

8.45 KB

-rwxr-xr-x

zic

66.39 KB

-rwxr-xr-x

zramctl

54.52 KB

-rwxr-xr-x

Code Editor : tcpconnect-bpfcc

#! /usr/bin/python3
# @lint-avoid-python-3-compatibility-imports
#
# tcpconnect    Trace TCP connect()s.
#               For Linux, uses BCC, eBPF. Embedded C.
#
# USAGE: tcpconnect [-h] [-c] [-t] [-p PID] [-P PORT [PORT ...]] [-4 | -6]
#
# All connection attempts are traced, even if they ultimately fail.
#
# This uses dynamic tracing of kernel functions, and will need to be updated
# to match kernel changes.
#
# Copyright (c) 2015 Brendan Gregg.
# Licensed under the Apache License, Version 2.0 (the "License")
#
# 25-Sep-2015   Brendan Gregg   Created this.
# 14-Feb-2016      "      "     Switch to bpf_perf_output.
# 09-Jan-2019   Takuma Kume     Support filtering by UID
# 30-Jul-2019   Xiaozhou Liu    Count connects.
# 07-Oct-2020   Nabil Schear    Correlate connects with DNS responses
# 08-Mar-2021   Suresh Kumar    Added LPORT option

from __future__ import print_function
from bcc import BPF
from bcc.containers import filter_by_containers
from bcc.utils import printb
import argparse
from socket import inet_ntop, ntohs, AF_INET, AF_INET6
from struct import pack
from time import sleep
from datetime import datetime

# arguments
examples = """examples:
    ./tcpconnect           # trace all TCP connect()s
    ./tcpconnect -t        # include timestamps
    ./tcpconnect -d        # include DNS queries associated with connects
    ./tcpconnect -p 181    # only trace PID 181
    ./tcpconnect -P 80     # only trace port 80
    ./tcpconnect -P 80,81  # only trace port 80 and 81
    ./tcpconnect -4        # only trace IPv4 family
    ./tcpconnect -6        # only trace IPv6 family
    ./tcpconnect -U        # include UID
    ./tcpconnect -u 1000   # only trace UID 1000
    ./tcpconnect -c        # count connects per src ip and dest ip/port
    ./tcpconnect -L        # include LPORT while printing outputs
    ./tcpconnect --cgroupmap mappath  # only trace cgroups in this BPF map
    ./tcpconnect --mntnsmap mappath   # only trace mount namespaces in the map
"""
parser = argparse.ArgumentParser(
    description="Trace TCP connects",
    formatter_class=argparse.RawDescriptionHelpFormatter,
    epilog=examples)
parser.add_argument("-t", "--timestamp", action="store_true",
    help="include timestamp on output")
parser.add_argument("-p", "--pid",
    help="trace this PID only")
parser.add_argument("-P", "--port",
    help="comma-separated list of destination ports to trace.")
group = parser.add_mutually_exclusive_group()
group.add_argument("-4", "--ipv4", action="store_true",
    help="trace IPv4 family only")
group.add_argument("-6", "--ipv6", action="store_true",
    help="trace IPv6 family only")
parser.add_argument("-L", "--lport", action="store_true",
    help="include LPORT on output")
parser.add_argument("-U", "--print-uid", action="store_true",
    help="include UID on output")
parser.add_argument("-u", "--uid",
    help="trace this UID only")
parser.add_argument("-c", "--count", action="store_true",
    help="count connects per src ip and dest ip/port")
parser.add_argument("--cgroupmap",
    help="trace cgroups in this BPF map only")
parser.add_argument("--mntnsmap",
    help="trace mount namespaces in this BPF map only")
parser.add_argument("-d", "--dns", action="store_true",
    help="include likely DNS query associated with each connect")
parser.add_argument("--ebpf", action="store_true",
    help=argparse.SUPPRESS)
args = parser.parse_args()
debug = 0

# define BPF program
bpf_text = """
#include <uapi/linux/ptrace.h>
#include <net/sock.h>
#include <bcc/proto.h>

BPF_HASH(currsock, u32, struct sock *);

// separate data structs for ipv4 and ipv6
struct ipv4_data_t {
    u64 ts_us;
    u32 pid;
    u32 uid;
    u32 saddr;
    u32 daddr;
    u64 ip;
    u16 lport;
    u16 dport;
    char task[TASK_COMM_LEN];
};
BPF_PERF_OUTPUT(ipv4_events);

struct ipv6_data_t {
    u64 ts_us;
    u32 pid;
    u32 uid;
    unsigned __int128 saddr;
    unsigned __int128 daddr;
    u64 ip;
    u16 lport;
    u16 dport;
    char task[TASK_COMM_LEN];
};
BPF_PERF_OUTPUT(ipv6_events);

// separate flow keys per address family
struct ipv4_flow_key_t {
    u32 saddr;
    u32 daddr;
    u16 dport;
};
BPF_HASH(ipv4_count, struct ipv4_flow_key_t);

struct ipv6_flow_key_t {
    unsigned __int128 saddr;
    unsigned __int128 daddr;
    u16 dport;
};
BPF_HASH(ipv6_count, struct ipv6_flow_key_t);

int trace_connect_entry(struct pt_regs *ctx, struct sock *sk)
{
    if (container_should_be_filtered()) {
        return 0;
    }

u64 pid_tgid = bpf_get_current_pid_tgid();
    u32 pid = pid_tgid >> 32;
    u32 tid = pid_tgid;
    FILTER_PID

u32 uid = bpf_get_current_uid_gid();
    FILTER_UID

// stash the sock ptr for lookup on return
    currsock.update(&tid, &sk);

return 0;
};

static int trace_connect_return(struct pt_regs *ctx, short ipver)
{
    int ret = PT_REGS_RC(ctx);
    u64 pid_tgid = bpf_get_current_pid_tgid();
    u32 pid = pid_tgid >> 32;
    u32 tid = pid_tgid;

struct sock **skpp;
    skpp = currsock.lookup(&tid);
    if (skpp == 0) {
        return 0;   // missed entry
    }

if (ret != 0) {
        // failed to send SYNC packet, may not have populated
        // socket __sk_common.{skc_rcv_saddr, ...}
        currsock.delete(&tid);
        return 0;
    }

// pull in details
    struct sock *skp = *skpp;
    u16 lport = skp->__sk_common.skc_num;
    u16 dport = skp->__sk_common.skc_dport;

FILTER_PORT

FILTER_FAMILY

if (ipver == 4) {
        IPV4_CODE
    } else /* 6 */ {
        IPV6_CODE
    }

currsock.delete(&tid);

return 0;
}

int trace_connect_v4_return(struct pt_regs *ctx)
{
    return trace_connect_return(ctx, 4);
}

int trace_connect_v6_return(struct pt_regs *ctx)
{
    return trace_connect_return(ctx, 6);
}
"""

struct_init = {'ipv4':
        {'count':
               """
               struct ipv4_flow_key_t flow_key = {};
               flow_key.saddr = skp->__sk_common.skc_rcv_saddr;
               flow_key.daddr = skp->__sk_common.skc_daddr;
               flow_key.dport = ntohs(dport);
               ipv4_count.increment(flow_key);""",
          'trace':
               """
               struct ipv4_data_t data4 = {.pid = pid, .ip = ipver};
               data4.uid = bpf_get_current_uid_gid();
               data4.ts_us = bpf_ktime_get_ns() / 1000;
               data4.saddr = skp->__sk_common.skc_rcv_saddr;
               data4.daddr = skp->__sk_common.skc_daddr;
               data4.lport = lport;
               data4.dport = ntohs(dport);
               bpf_get_current_comm(&data4.task, sizeof(data4.task));
               ipv4_events.perf_submit(ctx, &data4, sizeof(data4));"""
               },
        'ipv6':
        {'count':
               """
               struct ipv6_flow_key_t flow_key = {};
               bpf_probe_read_kernel(&flow_key.saddr, sizeof(flow_key.saddr),
                   skp->__sk_common.skc_v6_rcv_saddr.in6_u.u6_addr32);
               bpf_probe_read_kernel(&flow_key.daddr, sizeof(flow_key.daddr),
                   skp->__sk_common.skc_v6_daddr.in6_u.u6_addr32);
               flow_key.dport = ntohs(dport);
               ipv6_count.increment(flow_key);""",
          'trace':
               """
               struct ipv6_data_t data6 = {.pid = pid, .ip = ipver};
               data6.uid = bpf_get_current_uid_gid();
               data6.ts_us = bpf_ktime_get_ns() / 1000;
               bpf_probe_read_kernel(&data6.saddr, sizeof(data6.saddr),
                   skp->__sk_common.skc_v6_rcv_saddr.in6_u.u6_addr32);
               bpf_probe_read_kernel(&data6.daddr, sizeof(data6.daddr),
                   skp->__sk_common.skc_v6_daddr.in6_u.u6_addr32);
               data6.lport = lport;
               data6.dport = ntohs(dport);
               bpf_get_current_comm(&data6.task, sizeof(data6.task));
               ipv6_events.perf_submit(ctx, &data6, sizeof(data6));"""
               }
               }

# This defines an additional BPF program that instruments udp_recvmsg system
# call to locate DNS response packets on UDP port 53. When these packets are
# located, the data is copied to user-space where python will parse them with
# dnslib.
#
# uses a percpu array of length 1 to store the dns_data_t off the stack to
# allow for a maximum DNS packet length of 512 bytes.
dns_bpf_text = """
#include <net/inet_sock.h>

#define MAX_PKT 512
struct dns_data_t {
    u8  pkt[MAX_PKT];
};

BPF_PERF_OUTPUT(dns_events);

// store msghdr pointer captured on syscall entry to parse on syscall return
BPF_HASH(tbl_udp_msg_hdr, u64, struct msghdr *);

// single element per-cpu array to hold the current event off the stack
BPF_PERCPU_ARRAY(dns_data,struct dns_data_t,1);

int trace_udp_recvmsg(struct pt_regs *ctx)
{
    __u64 pid_tgid = bpf_get_current_pid_tgid();
    struct sock *sk = (struct sock *)PT_REGS_PARM1(ctx);
    struct inet_sock *is = inet_sk(sk);

// only grab port 53 packets, 13568 is ntohs(53)
    if (is->inet_dport == 13568) {
        struct msghdr *msghdr = (struct msghdr *)PT_REGS_PARM2(ctx);
        tbl_udp_msg_hdr.update(&pid_tgid, &msghdr);
    }
    return 0;
}

int trace_udp_ret_recvmsg(struct pt_regs *ctx)
{
    __u64 pid_tgid = bpf_get_current_pid_tgid();
    u32 zero = 0;
    struct msghdr **msgpp = tbl_udp_msg_hdr.lookup(&pid_tgid);
    if (msgpp == 0)
        return 0;

struct msghdr *msghdr = (struct msghdr *)*msgpp;
    if (msghdr->msg_iter.TYPE_FIELD != ITER_IOVEC)
        goto delete_and_return;

int copied = (int)PT_REGS_RC(ctx);
    if (copied < 0)
        goto delete_and_return;
    size_t buflen = (size_t)copied;

if (buflen > msghdr->msg_iter.iov->iov_len)
        goto delete_and_return;

if (buflen > MAX_PKT)
        buflen = MAX_PKT;

struct dns_data_t *data = dns_data.lookup(&zero);
    if (!data) // this should never happen, just making the verifier happy
        return 0;

void *iovbase = msghdr->msg_iter.iov->iov_base;
    bpf_probe_read(data->pkt, buflen, iovbase);
    dns_events.perf_submit(ctx, data, buflen);

delete_and_return:
    tbl_udp_msg_hdr.delete(&pid_tgid);
    return 0;
}

#include <uapi/linux/udp.h>

int trace_udpv6_recvmsg(struct pt_regs *ctx)
{
    struct sk_buff *skb = (struct sk_buff *)PT_REGS_PARM2(ctx);
    struct udphdr *hdr = (void*)skb->head + skb->transport_header;
    struct dns_data_t *event;
    int zero = 0;
    void *data;

/* hex(53) = 0x0035, htons(0x0035) = 0x3500 */
    if (hdr->source != 0x3500)
        return 0;

/* skip UDP header */
    data = skb->data + 8;

event = dns_data.lookup(&zero);
    if (!event)
        return 0;

bpf_probe_read(event->pkt, sizeof(event->pkt), data);
    dns_events.perf_submit(ctx, event, sizeof(*event));
    return 0;
}
"""

if args.count and args.dns:
    print("Error: you may not specify -d/--dns with -c/--count.")
    exit()

# code substitutions
if args.count:
    bpf_text = bpf_text.replace("IPV4_CODE", struct_init['ipv4']['count'])
    bpf_text = bpf_text.replace("IPV6_CODE", struct_init['ipv6']['count'])
else:
    bpf_text = bpf_text.replace("IPV4_CODE", struct_init['ipv4']['trace'])
    bpf_text = bpf_text.replace("IPV6_CODE", struct_init['ipv6']['trace'])

if args.pid:
    bpf_text = bpf_text.replace('FILTER_PID',
        'if (pid != %s) { return 0; }' % args.pid)
if args.port:
    dports = [int(dport) for dport in args.port.split(',')]
    dports_if = ' && '.join(['dport != %d' % ntohs(dport) for dport in dports])
    bpf_text = bpf_text.replace('FILTER_PORT',
        'if (%s) { currsock.delete(&tid); return 0; }' % dports_if)
if args.ipv4:
    bpf_text = bpf_text.replace('FILTER_FAMILY',
        'if (ipver != 4) { return 0; }')
elif args.ipv6:
    bpf_text = bpf_text.replace('FILTER_FAMILY',
        'if (ipver != 6) { return 0; }')
if args.uid:
    bpf_text = bpf_text.replace('FILTER_UID',
        'if (uid != %s) { return 0; }' % args.uid)
bpf_text = filter_by_containers(args) + bpf_text

bpf_text = bpf_text.replace('FILTER_PID', '')
bpf_text = bpf_text.replace('FILTER_PORT', '')
bpf_text = bpf_text.replace('FILTER_FAMILY', '')
bpf_text = bpf_text.replace('FILTER_UID', '')

if args.dns:
    if BPF.kernel_struct_has_field(b'iov_iter', b'iter_type') == 1:
        dns_bpf_text = dns_bpf_text.replace('TYPE_FIELD', 'iter_type')
    else:
        dns_bpf_text = dns_bpf_text.replace('TYPE_FIELD', 'type')
    bpf_text += dns_bpf_text

if debug or args.ebpf:
    print(bpf_text)
    if args.ebpf:
        exit()

# process event
def print_ipv4_event(cpu, data, size):
    event = b["ipv4_events"].event(data)
    global start_ts
    if args.timestamp:
        if start_ts == 0:
            start_ts = event.ts_us
        printb(b"%-9.3f" % ((float(event.ts_us) - start_ts) / 1000000), nl="")
    if args.print_uid:
        printb(b"%-6d" % event.uid, nl="")
    dest_ip = inet_ntop(AF_INET, pack("I", event.daddr)).encode()
    if args.lport:
        printb(b"%-7d %-12.12s %-2d %-16s %-6d %-16s %-6d %s" % (event.pid,
            event.task, event.ip,
            inet_ntop(AF_INET, pack("I", event.saddr)).encode(), event.lport,
            dest_ip, event.dport, print_dns(dest_ip)))
    else:
        printb(b"%-7d %-12.12s %-2d %-16s %-16s %-6d %s" % (event.pid,
            event.task, event.ip,
            inet_ntop(AF_INET, pack("I", event.saddr)).encode(),
            dest_ip, event.dport, print_dns(dest_ip)))

def print_ipv6_event(cpu, data, size):
    event = b["ipv6_events"].event(data)
    global start_ts
    if args.timestamp:
        if start_ts == 0:
            start_ts = event.ts_us
        printb(b"%-9.3f" % ((float(event.ts_us) - start_ts) / 1000000), nl="")
    if args.print_uid:
        printb(b"%-6d" % event.uid, nl="")
    dest_ip = inet_ntop(AF_INET6, event.daddr).encode()
    if args.lport:
        printb(b"%-7d %-12.12s %-2d %-16s %-6d %-16s %-6d %s" % (event.pid,
            event.task, event.ip,
            inet_ntop(AF_INET6, event.saddr).encode(), event.lport,
            dest_ip, event.dport, print_dns(dest_ip)))
    else:
        printb(b"%-7d %-12.12s %-2d %-16s %-16s %-6d %s" % (event.pid,
            event.task, event.ip,
            inet_ntop(AF_INET6, event.saddr).encode(),
            dest_ip, event.dport, print_dns(dest_ip)))

def depict_cnt(counts_tab, l3prot='ipv4'):
    for k, v in sorted(counts_tab.items(),
                       key=lambda counts: counts[1].value, reverse=True):
        depict_key = ""
        if l3prot == 'ipv4':
            depict_key = "%-25s %-25s %-20s" % \
                         ((inet_ntop(AF_INET, pack('I', k.saddr))),
                          inet_ntop(AF_INET, pack('I', k.daddr)), k.dport)
        else:
            depict_key = "%-25s %-25s %-20s" % \
                         ((inet_ntop(AF_INET6, k.saddr)),
                          inet_ntop(AF_INET6, k.daddr), k.dport)

print("%s %-10d" % (depict_key, v.value))

def print_dns(dest_ip):
    if not args.dns:
        return b""

dnsname, timestamp = dns_cache.get(dest_ip, (None, None))
    if timestamp is not None:
        diff = datetime.now() - timestamp
        diff = float(diff.seconds) * 1000 + float(diff.microseconds) / 1000
    else:
        diff = 0
    if dnsname is None:
        dnsname = b"No DNS Query"
        if dest_ip == b"127.0.0.1" or dest_ip == b"::1":
            dnsname = b"localhost"
    retval = b"%s" % dnsname
    if diff > DELAY_DNS:
        retval += b" (%.3fms)" % diff
    return retval

if args.dns:
    try:
        import dnslib
        from cachetools import TTLCache
    except ImportError:
        print("Error: The python packages dnslib and cachetools are required "
                "to use the -d/--dns option.")
        print("Install this package with:")
        print("\t$ pip3 install dnslib cachetools")
        print("   or")
        print("\t$ sudo apt-get install python3-dnslib python3-cachetools "
              "(on Ubuntu 18.04+)")
        exit(1)

# 24 hours
    DEFAULT_TTL = 86400

# Cache Size in entries
    DNS_CACHE_SIZE = 10240

# delay in ms in which to warn users of long delay between the query
    # and the connect that used the IP
    DELAY_DNS = 100

dns_cache = TTLCache(maxsize=DNS_CACHE_SIZE, ttl=DEFAULT_TTL)

# process event
    def save_dns(cpu, data, size):
        event = b["dns_events"].event(data)
        payload = event.pkt[:size]

# pass the payload to dnslib for parsing
        dnspkt = dnslib.DNSRecord.parse(payload)
        # lets only look at responses
        if dnspkt.header.qr != 1:
            return
        # must be some questions in there
        if dnspkt.header.q != 1:
            return
        # make sure there are answers
        if dnspkt.header.a == 0 and dnspkt.header.aa == 0:
            return

# lop off the trailing .
        question = ("%s" % dnspkt.q.qname)[:-1].encode('utf-8')

for answer in dnspkt.rr:
            # skip all but A and AAAA records
            if answer.rtype == 1 or answer.rtype == 28:
                dns_cache[str(answer.rdata).encode('utf-8')] = (question,
                                                              datetime.now())

# initialize BPF
b = BPF(text=bpf_text)
b.attach_kprobe(event="tcp_v4_connect", fn_name="trace_connect_entry")
b.attach_kprobe(event="tcp_v6_connect", fn_name="trace_connect_entry")
b.attach_kretprobe(event="tcp_v4_connect", fn_name="trace_connect_v4_return")
b.attach_kretprobe(event="tcp_v6_connect", fn_name="trace_connect_v6_return")
if args.dns:
    b.attach_kprobe(event="udp_recvmsg", fn_name="trace_udp_recvmsg")
    b.attach_kretprobe(event="udp_recvmsg", fn_name="trace_udp_ret_recvmsg")
    b.attach_kprobe(event="udpv6_queue_rcv_one_skb", fn_name="trace_udpv6_recvmsg")

print("Tracing connect ... Hit Ctrl-C to end")
if args.count:
    try:
        while True:
            sleep(99999999)
    except KeyboardInterrupt:
        pass

# header
    print("\n%-25s %-25s %-20s %-10s" % (
        "LADDR", "RADDR", "RPORT", "CONNECTS"))
    depict_cnt(b["ipv4_count"])
    depict_cnt(b["ipv6_count"], l3prot='ipv6')
# read events
else:
    # header
    if args.timestamp:
        print("%-9s" % ("TIME(s)"), end="")
    if args.print_uid:
        print("%-6s" % ("UID"), end="")
    if args.lport:
        print("%-7s %-12s %-2s %-16s %-6s %-16s %-6s" % ("PID", "COMM", "IP", "SADDR",
            "LPORT", "DADDR", "DPORT"), end="")
    else:
        print("%-7s %-12s %-2s %-16s %-16s %-6s" % ("PID", "COMM", "IP", "SADDR",
            "DADDR", "DPORT"), end="")
    if args.dns:
        print(" QUERY")
    else:
        print()

start_ts = 0

# read events
    b["ipv4_events"].open_perf_buffer(print_ipv4_event)
    b["ipv6_events"].open_perf_buffer(print_ipv6_event)
    if args.dns:
        b["dns_events"].open_perf_buffer(save_dns)
    while True:
        try:
            b.perf_buffer_poll()
        except KeyboardInterrupt:
            exit()

${this.title}

Code Editor : tcpconnect-bpfcc