在Embedded device中,常常廠商會將很多指令移除.
在追蹤系統狀態會遇到麻煩,但這些系統指令也是去讀取分析系統提供的資訊.
因此我們可以自己去觀看
例如 : 想知道目前 tcp socket recv-q / send-q / from which process 就透過下面方法查詢
    TCP 狀態資訊 : cat /proc/net/tcp

sl:                     kernel hash slot for socket
local_address:  local adress and port (hex)
rem_address:   remote adress and port (hex)
st:                     status
tx_queue:         transmission queue
rx_queue:         receiving queue
uid:                   socket creator uid

表示都是以16進位表示 可以自己換算 或者弄個小程式來看.

    fp = fopen("/proc/net/tcp", "r");
    if(fp != 0) {
        fgets(buf, 512, fp);
        while(fgets(buf, 512, fp)){
            n = sscanf(buf, " %d: %x:%x %x:%x %x %x:%x",
                       &num, &laddr.u, &lport, &raddr.u, &rport,
                       &state, &txq, &rxq);
            if(n == 8) {
                addr2str(laddr, lport, lip);
                addr2str(raddr, rport, rip);
    
                printf("tcp   %6d %6d %-22s %-22s %s\n", 
                       txq, rxq, lip, rip,
                       state2str(state));
            }   
        }   
        fclose(fp);
    }
呈現如下 :
Proto Recv-Q Send-Q Local Address          Foreign Address        State
tcp        0      0 127.0.0.1:25           0.0.0.0:*              LISTEN
tcp        0      0 0.0.0.0:445            0.0.0.0:*              LISTEN
tcp        0      0 0.0.0.0:39434          0.0.0.0:*              LISTEN
tcp        0      0 0.0.0.0:139            0.0.0.0:*              LISTEN
tcp        0      0 0.0.0.0:111            0.0.0.0:*              LISTEN
tcp        0      0 0.0.0.0:22             0.0.0.0:*              LISTEN
tcp        0      0 127.0.0.1:631          0.0.0.0:*              LISTEN
tcp        0      0 10.32.4.120:445        10.32.3.197:49200      ESTABLISHED
tcp        0      0 10.32.4.120:22         10.32.2.86:12651       ESTABLISHED
tcp        0      0 10.32.4.120:22         10.32.3.197:55830      ESTABLISHED
tcp      712      0 10.32.4.120:22         10.32.1.117:1296       ESTABLISHED
tcp        0      0 10.32.4.120:22         10.32.1.117:1377       ESTABLISHED

如何找到使用這個socket port 的 process呢? 可以透過 inode 收尋
root@ /root# cat /proc/net/tcp
  sl  local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode                                                     
   0: 00000000:C000 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 1874 1 c4398460 300 0 0 2 -1                              
   1: 00000000:2320 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 938 1 c4398000 300 0 0 2 -1                               
   2: 00000000:022A 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 2510 1 c439b480 300 0 0 2 -1                              
   3: 0100007F:E211 0100007F:2537 08 00000000:00000001 00:00000000 00000000     0        0 2300 1 c43995e0 21 4 26 10 -1                             
   4: A404200A:D39B B8C8FE36:01BB 08 00000000:00000001 00:00000000 00000000     0        0 2182 1 c4398d20 28 4 10 10 -1

root@ /root# ls -l /proc/*/fd/* | grep "socket:\[1874\]"
lrwx------ 1 root root 64 Mar 27 11:01 /proc/955/fd/4 -> socket:[1874]

/proc//fd/ -> socket[xxxx]
可以看到 PID 是 955 , 透過 ps 就可以知道是哪一隻!!
root@ /root# ps | grep 955
955 root 75396 S ushare -f /etc/ushare.conf -w -t -o
3891 root 1032 S grep 95