Documentation
¶
Index ¶
Constants ¶
View Source
const ( READ = 0 WRITE = 1 OPEN = 2 CLOSE = 3 STAT = 4 MMAP = 9 MPROTECT = 10 MUNMAP = 11 SELECT = 23 MADVISE = 28 SOCKET = 41 CONNECT = 42 ACCEPT = 43 SENDTO = 44 RECVFROM = 45 SHUTDOWN = 48 CLONE = 56 GETTIMEOFDAY = 96 GETID = 186 FUTEX = 202 SETROBUSTLIST = 273 ACCEPT4 = 288 )
Syscall numbers
View Source
const ( NORMAL = iota INSYSCALL )
States for a given thread
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConnectionDetails ¶
type ConnectionDetails struct {
Start int64
Stop int64
FromAddr net.IP
FromPort uint16
ToAddr net.IP
ToPort uint16
// contains filtered or unexported fields
}
ConnectionDetails ...
type Fd ¶
type Fd struct {
ConnectionDetails
// Fds are connections, and can have a causal-link to other Fds
Children []*Fd
// contains filtered or unexported fields
}
Fd represents a connect and subsequent connections caused by it.
type PTracer ¶
type PTracer struct {
// contains filtered or unexported fields
}
PTracer ptrace processed and threads
func (*PTracer) AttachedPIDs ¶
AttachedPIDs list the currently attached processes.
func (*PTracer) StopTracing ¶
StopTracing stops tracing all threads for the given pid
func (*PTracer) TraceProcess ¶
TraceProcess starts tracing the given pid
Source Files
Click to show internal directories.
Click to hide internal directories.