freebsd-nq/sys/netinet
Hiren Panchasara 86a996e6bd There are times when it would be really nice to have a record of the last few
packets and/or state transitions from each TCP socket. That would help with
narrowing down certain problems we see in the field that are hard to reproduce
without understanding the history of how we got into a certain state. This
change provides just that.

It saves copies of the last N packets in a list in the tcpcb. When the tcpcb is
destroyed, the list is freed. I thought this was likely to be more
performance-friendly than saving copies of the tcpcb. Plus, with the packets,
you should be able to reverse-engineer what happened to the tcpcb.

To enable the feature, you will need to compile a kernel with the TCPPCAP
option. Even then, the feature defaults to being deactivated. You can activate
it by setting a positive value for the number of captured packets. You can do
that on either a global basis or on a per-socket basis (via a setsockopt call).

There is no way to get the packets out of the kernel other than using kmem or
getting a coredump. I thought that would help some of the legal/privacy concerns
regarding such a feature. However, it should be possible to add a future effort
to export them in PCAP format.

I tested this at low scale, and found that there were no mbuf leaks and the peak
mbuf usage appeared to be unchanged with and without the feature.

The main performance concern I can envision is the number of mbufs that would be
used on systems with a large number of sockets. If you save five packets per
direction per socket and have 3,000 sockets, that will consume at least 30,000
mbufs just to keep these packets. I tried to reduce the concerns associated with
this by limiting the number of clusters (not mbufs) that could be used for this
feature. Again, in my testing, that appears to work correctly.

Differential Revision:	D3100
Submitted by:		Jonathan Looney <jlooney at juniper dot net>
Reviewed by:		gnn, hiren
2015-10-14 00:35:37 +00:00
..
cc DCTCP (Data Center TCP) implementation. 2015-01-12 08:33:04 +00:00
khelp
libalias mdoc: fix rendering issues 2015-04-26 11:39:25 +00:00
accf_data.c
accf_dns.c In preparation of merging projects/sendfile, transform bare access to 2014-11-12 09:57:15 +00:00
accf_http.c In preparation of merging projects/sendfile, transform bare access to 2014-11-12 09:57:15 +00:00
cc.h DCTCP (Data Center TCP) implementation. 2015-01-12 08:33:04 +00:00
icmp6.h Implement Enhanced DAD algorithm for IPv6 described in 2015-03-02 17:30:26 +00:00
icmp_var.h
if_atm.c
if_atm.h
if_ether.c Fix regression from r287779, that bite me. If we call m_pullup() 2015-10-07 13:10:26 +00:00
if_ether.h * Do more fine-grained locking: call eventhandlers/free_entry 2015-09-14 16:48:19 +00:00
igmp_var.h - Rename 'struct igmp_ifinfo' into 'struct igmp_ifsoftc', since it really 2015-02-19 22:35:23 +00:00
igmp.c Convert in_ifaddr_lock and in6_ifaddr_lock to rmlock. 2015-07-29 08:12:05 +00:00
igmp.h
in_cksum.c
in_debug.c
in_gif.c Eliminate the use of m_copydata() in gif_encapcheck(). 2015-07-29 14:07:43 +00:00
in_kdtrace.c dd DTrace probe points, translators and a corresponding script 2015-09-13 15:50:55 +00:00
in_kdtrace.h dd DTrace probe points, translators and a corresponding script 2015-09-13 15:50:55 +00:00
in_mcast.c Convert in_ifaddr_lock and in6_ifaddr_lock to rmlock. 2015-07-29 08:12:05 +00:00
in_pcb.c Fix a kernel assertion issue introduced with r286227: 2015-08-08 08:40:36 +00:00
in_pcb.h Use Jenkins hash for TCP syncache. 2015-09-05 10:15:19 +00:00
in_pcbgroup.c Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific 2015-01-18 18:06:40 +00:00
in_proto.c Finish r274118: remove useless fields from struct domain. 2014-11-06 14:39:04 +00:00
in_rmx.c Rename rt_foreach_fib() to rt_foreach_fib_walk(). 2015-08-10 20:50:31 +00:00
in_rss.c Rename rss_soft_m2cpuid() -> rss_soft_m2cpuid_v4() in preparation for 2015-08-29 06:58:30 +00:00
in_rss.h Rename rss_soft_m2cpuid() -> rss_soft_m2cpuid_v4() in preparation for 2015-08-29 06:58:30 +00:00
in_systm.h Where appropriate, use the modern terms for the one true time base 2014-12-21 05:07:11 +00:00
in_var.h Convert in_ifaddr_lock and in6_ifaddr_lock to rmlock. 2015-07-29 08:12:05 +00:00
in.c rtsock requests for deleting interface address lles started to return EPERM 2015-09-27 04:54:29 +00:00
in.h Provide functions to determine presence of a given address 2015-04-17 11:57:06 +00:00
ip6.h Eliminate use of M_EXT in IP6_EXTHDR_CHECK() by trimming a redundant 2014-10-05 06:28:53 +00:00
ip_carp.c * Do more fine-grained locking: call eventhandlers/free_entry 2015-09-14 16:48:19 +00:00
ip_carp.h
ip_divert.c Convert netinet6/ to use new routing API. 2014-11-04 15:39:56 +00:00
ip_divert.h
ip_dummynet.h
ip_ecn.c
ip_ecn.h Remove unneded #include "opt_inet.h". 2015-07-31 09:02:28 +00:00
ip_encap.c Fix possible use after free in encap[46]_input(). 2015-06-18 18:28:38 +00:00
ip_encap.h
ip_fastfwd.c Remove incorrect layering violating code that: 2015-01-12 09:41:12 +00:00
ip_fw.h Make rule table kernel-index rewriting support any kind of objects. 2015-04-27 08:29:39 +00:00
ip_gre.c o Use new function ip_fillid() in all places throughout the kernel, 2015-04-01 22:26:39 +00:00
ip_icmp.c Convert in_ifaddr_lock and in6_ifaddr_lock to rmlock. 2015-07-29 08:12:05 +00:00
ip_icmp.h Where appropriate, use the modern terms for the one true time base 2014-12-21 05:07:11 +00:00
ip_id.c Provide a comment explaining issues with the counter(9) trick, so that 2015-04-02 14:22:59 +00:00
ip_input.c Replace rss_m2cpuid with rss_soft_m2cpuid_v4 for ip_direct_nh.nh_m2cpuid, 2015-09-06 20:20:48 +00:00
ip_ipsec.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
ip_ipsec.h Remove flag/flags argument from the following functions: 2014-12-11 18:35:34 +00:00
ip_mroute.c CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
ip_mroute.h
ip_options.c Use M_WRITABLE() and M_LEADINGSPACE() rather than checking M_EXT and 2015-01-06 14:32:28 +00:00
ip_options.h Make net.inet.ip.sourceroute, net.inet.ip.accept_sourceroute, and 2014-09-15 07:20:40 +00:00
ip_output.c Simplify ip[6] simploop: 2015-08-08 15:58:35 +00:00
ip_reass.c Fix RSS build - netisr input / NETISR_IP_DIRECT is used here. 2015-04-15 00:57:21 +00:00
ip_var.h fix a typo in a comment 2015-07-18 15:28:32 +00:00
ip.h Since the IETF has redefined the meaning of the tos field to accommodate 2015-07-18 06:48:30 +00:00
pim_var.h
pim.h
raw_ip.c Convert in_ifaddr_lock and in6_ifaddr_lock to rmlock. 2015-07-29 08:12:05 +00:00
sctp_asconf.c Provide consistent error causes whenever an ABORT chunk is sent. 2015-07-27 22:35:54 +00:00
sctp_asconf.h
sctp_auth.c Cleanup the handling of error causes for ERROR chunks. This fixes 2015-09-12 17:08:51 +00:00
sctp_auth.h Use a consistent type for the number of HMAC algorithms. 2014-09-16 14:20:33 +00:00
sctp_bsd_addr.c Minimize the usage of SCTP_BUF_IS_EXTENDED. 2015-01-10 20:49:57 +00:00
sctp_bsd_addr.h
sctp_cc_functions.c Fix and cleanup the debug information. This has no user-visible changes. 2015-05-28 16:00:23 +00:00
sctp_constants.h Ensure that ERROR chunks are always padded by implementing this 2015-09-11 13:54:33 +00:00
sctp_crc32.c
sctp_crc32.h
sctp_dtrace_declare.h
sctp_dtrace_define.h
sctp_header.h Cleanup the handling of error causes for ERROR chunks. This fixes 2015-09-12 17:08:51 +00:00
sctp_indata.c Cleanup the handling of error causes for ERROR chunks. This fixes 2015-09-12 17:08:51 +00:00
sctp_indata.h Don't take the port numbers for packets containing ABORT chunks from 2015-08-02 16:07:30 +00:00
sctp_input.c Fix compilation issue introduced in r287717. 2015-09-12 21:23:24 +00:00
sctp_input.h Add FIB support for SCTP. 2015-06-17 15:20:14 +00:00
sctp_lock_bsd.h
sctp_os_bsd.h Move including netinet/icmp6.h around to avoid a problem when including 2015-07-25 18:26:09 +00:00
sctp_os.h
sctp_output.c Ensure that ERROR chunks are always padded by implementing this 2015-09-11 13:54:33 +00:00
sctp_output.h Fix an issue with MAC OS locking and also optimize the case 2015-07-24 14:09:03 +00:00
sctp_pcb.c Provide consistent error causes whenever an ABORT chunk is sent. 2015-07-27 22:35:54 +00:00
sctp_pcb.h Add FIB support for SCTP. 2015-06-17 15:20:14 +00:00
sctp_peeloff.c Add a SCTP socket option to limit the cwnd for each path. 2015-03-10 19:49:25 +00:00
sctp_peeloff.h
sctp_ss_functions.c
sctp_structs.h Fix several problems with Stream Reset. 2015-07-22 11:30:37 +00:00
sctp_syscalls.c Fix two KTRACE related bugs. 2015-06-19 21:55:12 +00:00
sctp_sysctl.c Fix the exporting of SCTP association states to userland. Without this, 2015-08-29 09:14:32 +00:00
sctp_sysctl.h Remove redundant 'man page' 2015-09-15 21:16:45 +00:00
sctp_timer.c Fix the timeout for INIT retransmissions in the case where RTO_MIN is 2015-10-13 18:27:55 +00:00
sctp_timer.h
sctp_uio.h Export the ssthresh value per SCTP path via the sysctl interface. 2015-07-07 06:34:28 +00:00
sctp_usrreq.c Fix the exporting of SCTP association states to userland. Without this, 2015-08-29 09:14:32 +00:00
sctp_var.h Stop the heartbeat timer when removing a net. 2015-06-14 17:48:44 +00:00
sctp.h Cleanup the handling of error causes for ERROR chunks. This fixes 2015-09-12 17:08:51 +00:00
sctputil.c Add a NULL pointer check to silence the clang code analyzer. 2015-09-04 09:22:16 +00:00
sctputil.h Fix the exporting of SCTP association states to userland. Without this, 2015-08-29 09:14:32 +00:00
siftr.c Move the SIFTR DTrace probe out of the writing thread context 2015-04-30 17:43:40 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
tcp_hostcache.h Add scope zone id to the in_endpoints and hc_metrics structures. 2014-09-10 16:26:18 +00:00
tcp_input.c There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcp_lro.c Fix leak in tcp_lro_rx. Simply clearing M_PKTHDR isn't enough, any tags 2015-06-30 17:19:58 +00:00
tcp_lro.h
tcp_offload.c Convert netinet6/ to use new routing API. 2014-11-04 15:39:56 +00:00
tcp_offload.h
tcp_output.c There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcp_pcap.c There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcp_pcap.h There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcp_reass.c Eliminate nd6_nud_hint() and its TCP bindings. 2015-09-27 05:29:34 +00:00
tcp_sack.c Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed. 2014-11-07 09:39:05 +00:00
tcp_seq.h
tcp_subr.c There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcp_syncache.c Use Jenkins hash for TCP syncache. 2015-09-05 10:15:19 +00:00
tcp_syncache.h Use Jenkins hash for TCP syncache. 2015-09-05 10:15:19 +00:00
tcp_timer.c dd DTrace probe points, translators and a corresponding script 2015-09-13 15:50:55 +00:00
tcp_timer.h Put r284245 back in place: If at first this fix was seen as a temporary 2015-08-30 13:44:39 +00:00
tcp_timewait.c Decompose TCP INP_INFO lock to increase short-lived TCP connections scalability: 2015-08-03 12:13:54 +00:00
tcp_usrreq.c There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcp_var.h There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcp.h There are times when it would be really nice to have a record of the last few 2015-10-14 00:35:37 +00:00
tcpip.h
toecore.c Replace toe_nd6_resolve() with nd6_resolve(). 2015-09-22 19:05:44 +00:00
toecore.h * Convert TOE framework to use new routing api. 2014-10-25 18:25:00 +00:00
udp_usrreq.c get_inpcbinfo() and get_pcblist() are UDP local functions and 2015-08-27 15:27:41 +00:00
udp_var.h get_inpcbinfo() and get_pcblist() are UDP local functions and 2015-08-27 15:27:41 +00:00
udp.h
udplite.h