freebsd-nq/sys
Hiren Panchasara 86a996e6bd There are times when it would be really nice to have a record of the last few
packets and/or state transitions from each TCP socket. That would help with
narrowing down certain problems we see in the field that are hard to reproduce
without understanding the history of how we got into a certain state. This
change provides just that.

It saves copies of the last N packets in a list in the tcpcb. When the tcpcb is
destroyed, the list is freed. I thought this was likely to be more
performance-friendly than saving copies of the tcpcb. Plus, with the packets,
you should be able to reverse-engineer what happened to the tcpcb.

To enable the feature, you will need to compile a kernel with the TCPPCAP
option. Even then, the feature defaults to being deactivated. You can activate
it by setting a positive value for the number of captured packets. You can do
that on either a global basis or on a per-socket basis (via a setsockopt call).

There is no way to get the packets out of the kernel other than using kmem or
getting a coredump. I thought that would help some of the legal/privacy concerns
regarding such a feature. However, it should be possible to add a future effort
to export them in PCAP format.

I tested this at low scale, and found that there were no mbuf leaks and the peak
mbuf usage appeared to be unchanged with and without the feature.

The main performance concern I can envision is the number of mbufs that would be
used on systems with a large number of sockets. If you save five packets per
direction per socket and have 3,000 sockets, that will consume at least 30,000
mbufs just to keep these packets. I tried to reduce the concerns associated with
this by limiting the number of clusters (not mbufs) that could be used for this
feature. Again, in my testing, that appears to work correctly.

Differential Revision:	D3100
Submitted by:		Jonathan Looney <jlooney at juniper dot net>
Reviewed by:		gnn, hiren
2015-10-14 00:35:37 +00:00
..
amd64 Remove compatibility shims for legacy ATA device names. 2015-10-11 13:01:51 +00:00
arm Remove compatibility shims for legacy ATA device names. 2015-10-11 13:01:51 +00:00
arm64 Build changes that allow the modules on arm64. 2015-10-08 17:42:08 +00:00
boot Change gptldr from relocating 0xfff1 bytes of boot2 to relocating 0x20000 2015-10-08 15:38:34 +00:00
bsm
cam Make delete method set via kern.cam.da.X.delete_method persistent. 2015-10-11 18:26:06 +00:00
cddl FreeBSD-specific addition to r289191. 2015-10-12 18:15:25 +00:00
compat Properly format pointer size independent CloudABI system calls. 2015-10-08 05:27:45 +00:00
conf There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
contrib Flip on fast frames support for AR5416 and AR9300 series NICs. 2015-10-10 00:13:45 +00:00
crypto const'ify an arg that we don't update... 2015-07-29 23:37:15 +00:00
ddb Make kstack_pages a tunable on arm, x86, and powepc. On i386, the 2015-08-10 17:18:21 +00:00
dev NTB: MFV 58b88920: Document HW errata 2015-10-13 23:43:06 +00:00
fs Ensure that when a blockable open of fifo returns success, a valid 2015-09-20 21:18:33 +00:00
gdb
geom Remove compatibility shims for legacy ATA device names. 2015-10-11 13:01:51 +00:00
gnu Fixing a memory leak on module unloading. 2015-09-11 22:43:35 +00:00
i386 Remove compatibility shims for legacy ATA device names. 2015-10-11 13:01:51 +00:00
isa
kern There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
kgssapi
libkern Add the __aeabi_memclr8 symbol, clang 3.7 uses this. 2015-09-21 18:35:32 +00:00
mips Correct flash layout (this is a 4M flash unit). 2015-10-11 18:37:29 +00:00
modules urtwn(4): split *reg and *var parts (no functional change). 2015-10-12 05:14:49 +00:00
net Fix a bug that caused reinitialization failure of MAC addresses on 2015-10-07 06:32:34 +00:00
net80211 net80211: move ieee80211_free_node() call on error from ic_raw_xmit() to ieee80211_raw_output(). 2015-10-12 04:55:20 +00:00
netgraph Add support for PPP-Max-Payload PPPoE tag (RFC4638). 2015-09-11 09:15:27 +00:00
netinet There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
netinet6 Invoke lle_event for new entry iff it has lladdr set. 2015-10-04 19:10:27 +00:00
netipsec Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
netnatm
netpfil Bump number of prefixes in O_IP_<SRC|DST> from 15 to 31 (max possible). 2015-10-03 05:42:25 +00:00
netsmb
nfs Wait up to 10 seconds for late-initializing network interfaces to arrive. 2015-09-26 13:55:55 +00:00
nfsclient
nfsserver
nlm
ofed Fix build broken by r287861. 2015-09-16 15:40:08 +00:00
opencrypto Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
pc98 Remove compatibility shims for legacy ATA device names. 2015-10-11 13:01:51 +00:00
powerpc Use IIC_EBUSBSY and IIC_BUSERR status values consistantly across all drivers. 2015-10-09 22:49:50 +00:00
rpc Increase group limit for kerberized NFSv4 2015-09-26 16:30:16 +00:00
security fd: make 'rights' a manadatory argument to fget* functions 2015-07-05 19:05:16 +00:00
sparc64 Add support for weak symbols to the kernel linkers. It means that 2015-09-20 01:27:59 +00:00
sys There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
teken Sync HPA and VPA implementations with CUP. 2015-08-24 07:49:27 +00:00
tools save some bytes by using more concise SDT_PROBE<n> instead of SDT_PROBE 2015-09-28 12:14:16 +00:00
ufs In softdep_setup_freeblocks(): 2015-10-07 12:36:28 +00:00
vm Exploit r288122 to avoid pointlessly enqueueing a page that is about to be 2015-10-09 03:38:58 +00:00
x86 Ensure the client regions for unmapped bounce buffers created through bus_dmamap_load_phys() do not span multiple pages. 2015-10-13 02:17:56 +00:00
xdr
xen xen/console: Introduce a new console driver for Xen guest 2015-10-08 16:39:43 +00:00
Makefile Kill EoL whitespace. 2015-05-29 14:03:07 +00:00