bpftrace查看网络丢包

 

apt install -y bpftrace

 

icmpdrop.bt

#!/usr/bin/env bpftrace

#ifndef BPFTRACE_HAVE_BTF
#include <linux/socket.h>
#include <net/sock.h>
#else
#include <sys/socket.h>
#endif

BEGIN
{
  printf("Tracing icmp drops. Hit Ctrl-C to end.\n");
  printf("%-8s %-8s %-8s %-8s %-8s\n", "TIME", "PID", "COMM", "SADDR", "DADDR");
}

tracepoint:skb:kfree_skb
{
  $reason = args->reason;
  $skb = (struct sk_buff *)args->skbaddr;
  $sk = ((struct sock *) $skb->sk);
  $inet_family = $sk->__sk_common.skc_family;

  $iphd = ((struct iphdr *)($skb->head + $skb->network_header));
  $srcaddr = $iphd->saddr;
  $dstaddr = $iphd->daddr;
  $srcip = ntop($iphd->saddr);
  $dstip = ntop($iphd->daddr);
  if ($iphd->protocol == IPPROTO_ICMP && $inet_family == AF_INET && $reason > SKB_DROP_REASON_NOT_SPECIFIED) {
    time("%H:%M:%S ");
    printf("%-8d %-8s %-8s %-8s\n", pid, comm, $srcip, $dstip);
  }
}

 

bpftrace icmpdrop.bt
tc qdisc add dev ens33 root netem loss 10%

 

ping丢了3个包。