netlink_proc_event 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rakeTasks +7 -0
- data/README.md +3 -3
- data/lib/netlink_proc_event/libnl.rb +27 -4
- data/lib/netlink_proc_event/version.rb +1 -1
- data/lib/netlink_proc_event.rb +4 -3
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4baea63f3658d59c9b8509fc3870600c167c54f1
|
|
4
|
+
data.tar.gz: 1e94e8a58fd00d5f34a5a808f8caf2442e23e739
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 502f362a6f3c576c68bc1479b8661abf0b0d08cd20741abaf0cbf6d71b31ab510c88c543db0e24c471618c52b64a14749ddb2e2f4b18b3b62a4b6715ee572669
|
|
7
|
+
data.tar.gz: 4e4e587c8ad3f0ece039604a5aaf04a806a491e3b8dc951cee76e3927434b49c2006e764c1b467a8650d9c1b0bd40c7bce3b153f1af4f926b928433a786a8d72
|
data/.rakeTasks
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<Settings><!--This file was automatically generated by Ruby plugin.
|
|
3
|
+
You are allowed to:
|
|
4
|
+
1. Remove rake task
|
|
5
|
+
2. Add existing rake tasks
|
|
6
|
+
To add existing rake tasks automatically delete this file and reload the project.
|
|
7
|
+
--><RakeGroup description="" fullCmd="" taksId="rake"><RakeTask description="Build netlink_proc_event-0.1.0.gem into the pkg directory" fullCmd="build" taksId="build" /><RakeTask description="Build and install netlink_proc_event-0.1.0.gem into system gems" fullCmd="install" taksId="install" /><RakeTask description="Create tag v0.1.0 and build and push netlink_proc_event-0.1.0.gem to Rubygems" fullCmd="release" taksId="release" /><RakeGroup description="" fullCmd="" taksId="release"><RakeTask description="" fullCmd="release:guard_clean" taksId="guard_clean" /><RakeTask description="" fullCmd="release:rubygem_push" taksId="rubygem_push" /><RakeTask description="" fullCmd="release:source_control_push" taksId="source_control_push" /></RakeGroup></RakeGroup></Settings>
|
data/README.md
CHANGED
|
@@ -24,15 +24,15 @@ Or install it yourself as:
|
|
|
24
24
|
require 'netlink_proc_event'
|
|
25
25
|
|
|
26
26
|
NetlinkProcEvent.on :PROC_EVENT_FORK do |event|
|
|
27
|
-
puts "#{event[:
|
|
27
|
+
puts "#{event[:parent_pid]} forked into #{event[:child_pid]}"
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
NetlinkProcEvent.on :PROC_EVENT_EXEC do |event|
|
|
31
|
-
puts "#{event[:
|
|
31
|
+
puts "#{event[:process_pid]} exec'd"
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
NetlinkProcEvent.on :PROC_EVENT_EXIT do |event|
|
|
35
|
-
puts "#{event[:
|
|
35
|
+
puts "#{event[:process_pid]} killed"
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
loop do
|
|
@@ -37,7 +37,31 @@ module NetlinkProcEvent
|
|
|
37
37
|
:PROC_EVENT_COMM , 0x00000200,
|
|
38
38
|
:PROC_EVENT_EXIT , -0x80000000)
|
|
39
39
|
|
|
40
|
-
class
|
|
40
|
+
class ForkProcEvent < FFI::Struct
|
|
41
|
+
layout :parent_pid, :uint32,
|
|
42
|
+
:parent_tgid, :uint32,
|
|
43
|
+
:child_pid, :uint32,
|
|
44
|
+
:child_tgid, :uint32
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
class ExecProcEvent < FFI::Struct
|
|
48
|
+
layout :process_pid, :uint32,
|
|
49
|
+
:process_tgid, :uint32
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
class ExitProcEvent < FFI::Struct
|
|
53
|
+
layout :process_pid, :uint32,
|
|
54
|
+
:process_tgid, :uint32,
|
|
55
|
+
:exit_signal, :uint32
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
class EventData < FFI::Union
|
|
59
|
+
layout :fork, ForkProcEvent,
|
|
60
|
+
:exec, ExecProcEvent,
|
|
61
|
+
:exit, ExitProcEvent
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
class ProcEvent < FFI::Struct
|
|
41
65
|
layout :idx, :uint32,
|
|
42
66
|
:val, :uint32,
|
|
43
67
|
:seq, :uint32,
|
|
@@ -47,11 +71,10 @@ module NetlinkProcEvent
|
|
|
47
71
|
:what, Event,
|
|
48
72
|
:cpu, :uint32,
|
|
49
73
|
:timestamp_ns, :uint64,
|
|
50
|
-
:
|
|
51
|
-
:tid, :uint32
|
|
74
|
+
:event_data, EventData
|
|
52
75
|
end
|
|
53
76
|
|
|
54
|
-
class
|
|
77
|
+
class CnMsg < FFI::Struct
|
|
55
78
|
layout :idx, :uint32,
|
|
56
79
|
:val, :uint32,
|
|
57
80
|
:seq, :uint32,
|
data/lib/netlink_proc_event.rb
CHANGED
|
@@ -28,7 +28,7 @@ module NetlinkProcEvent
|
|
|
28
28
|
|
|
29
29
|
if msg_length > 0 && msg_ptr && msg_valid
|
|
30
30
|
msg_payload_ptr = Libnl.nlmsg_data(msg_ptr)
|
|
31
|
-
msg_payload = Libnl::
|
|
31
|
+
msg_payload = Libnl::ProcEvent.new(msg_payload_ptr)
|
|
32
32
|
handle_event(msg_payload)
|
|
33
33
|
end
|
|
34
34
|
end
|
|
@@ -75,7 +75,7 @@ module NetlinkProcEvent
|
|
|
75
75
|
msg = Libnl.nlmsg_alloc_simple(Libnl::NLMSG_DONE, 0)
|
|
76
76
|
data = Libnl.nlmsg_reserve(msg, 24, 4)
|
|
77
77
|
|
|
78
|
-
proc_message = Libnl::
|
|
78
|
+
proc_message = Libnl::CnMsg.new(data)
|
|
79
79
|
proc_message[:idx] = Libnl::CN_IDX_PROC
|
|
80
80
|
proc_message[:val] = Libnl::CN_VAL_PROC
|
|
81
81
|
proc_message[:data] = 1
|
|
@@ -90,7 +90,8 @@ module NetlinkProcEvent
|
|
|
90
90
|
|
|
91
91
|
def handle_event(event)
|
|
92
92
|
if event_handlers[event[:what]]
|
|
93
|
-
|
|
93
|
+
type = event[:what].to_s.split('_').last.downcase.to_sym
|
|
94
|
+
event_handlers[event[:what]].each{ |handler| handler.call(event[:event_data][type]) }
|
|
94
95
|
true
|
|
95
96
|
else
|
|
96
97
|
false
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: netlink_proc_event
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Christopher Aue
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -60,6 +60,7 @@ extensions: []
|
|
|
60
60
|
extra_rdoc_files: []
|
|
61
61
|
files:
|
|
62
62
|
- ".gitignore"
|
|
63
|
+
- ".rakeTasks"
|
|
63
64
|
- ".rspec"
|
|
64
65
|
- ".ruby-version"
|
|
65
66
|
- Gemfile
|