Solved

How to get infomation about RPC events...

Posted on 1997-04-24
7
425 Views
Last Modified: 2013-12-26
> I am trying to figure out some information like
> when the server sends the events and when the client
> receives from the client/server applications which are
> using RPC libraries.
> Actually, I'd like to trace events between the server and
> client. How can I figure out when the server receive a
> event from the client and what event it is. Vice versa.
> When the client invoke a clnt_call() library, can we know
> what the exact time is ?
> While the server is wating for events at the dispatch
> routine, if a event is arrived, how can we get the time
> and info like what type of events is ?
> Is these possible or not ?
> Please give me some comments ASAP.

> Young W. Cho

Thank you for your answer.
I am so sorry to mislead you to understand my question incorrectly.
The main focus on this problem is that we can figure out
event trace between some processes from the outside of the
related processes.
For example, let's assume that we are debugging or monitoring two processes. Can we get some event trace information from these processes independently, like
what type of events was sent or when that event was received.
I'd like to know those kind of information from the process
without knowing their help independently.
Thanks in advance.

Young W Cho    
0
Comment
Question by:ywcho
  • 4
  • 3
7 Comments
 

Expert Comment

by:waslap
ID: 1292650
I assume you use ONC RPC. To monitor server events you'll have to write your own RPC main event loop. Could look something like

fd_set readfd;
while ( 1 )
{
   readfd = svc_fdset;
   FD_SET( 0, &readfd );

   switch (select(getdtablesize(), &readfd, (fd_set*)0,(fd_set*)0,struct timeval *)0))
   {
       case -1:
           if ( errno == EBADF )
               continue;
           perror( "Select failed" );
           return;
       case 0:
           return;
   }
   /* get the time here on do what you want with it */
   svc_getreqset( &readfd );
}

If you need to go even closer you search for the file created by rpcgen that dispatches the calls. It will be xxx_svc.c where xxx is your appname. Different platforms implement the dispatcher different but it should most probably be a switch statement decoding arguments, calling the service routine and encoding the result. Here you should extract the more detailed info such as whether it was a ping request.

For the clnt_call all I can think of is for you to put your monitoring of the time in the stub generated by rpcgen

Hope I understand you question correctly

0
 

Author Comment

by:ywcho
ID: 1292651
Edited text of question
0
 

Author Comment

by:ywcho
ID: 1292652
Please take a look at additional explanation for my question.
I am so sorry for you to be misleaded due to drawing my problem
incorrectly.

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Accepted Solution

by:
waslap earned 50 total points
ID: 1292653
Only way I can think of now that might give you some vague idea of what is going on from the outside is to truss it ( strace on linux ) as RPC's are most probably built on sockets and thus will use read/write system calls. Apart from that a SUN machine has snoop which may help you to monitor RPC events by running
snoop -i rpc.cap -V | grep RPC
as the root user where rpc.cap is a file dump of the communications session obtained by a previous snoop. You may have accurate time info included as well. Please do 'man snoop' to get more info ( that is if you have access to SUN machine )
0
 

Author Comment

by:ywcho
ID: 1292654
Thank you for your comments again.
I coudln't find the tools(strace, snoop) that you mentioned.
"ttysnoop" and "strace" are all that I have found on an archive
server, but these are for Linux.
Again, the problem I have faced is that I am looking for
the way to figure out who sent the event and which event a client
sent, if server received an event. I'd like to do this out side of these processes. If we can do this in the middle of debugging,
it could be possible. I have tried to do on debugging. I could find where an event was sent from the tranport(SVCXPRT), but I couldn't who sent it(which process).
In the server side, I could get the port number of a client process, but I couldn't identify the process with that port number in the client side.
Is there any way to identify a specific process with the port number ?

Thanks in advance.

Young W Cho
0
 

Expert Comment

by:waslap
ID: 1292655
strace is the linux equivalent of truss as found under Unix normally. ttysnoop wouldn't help you as it is used to see what someone is typing on his terminal at present. Under linux, the SVCXPRT structure has the member
struct sockaddr_in xp_raddr;
The macro in svc.h
#define svc_getcaller(x) (&(x)->xp_raddr)
is said to be the approved way to access that member. It contains both the IP and port. Use inet_ntoa() to convert to human readable form. This is however to get the address and not the pid. I assume your testing client and server on same machine. I'm not sure whether I understand your problem correct still. You have access to the sources or are you trying to figure out what some app does for which you don't have source ? Only way then is to have packet monitor such as SUN's snoop application. If you want pid and you have access to sources, maybe you can add pid field to your XDR structs and send pid along with rest of request. Use getpid() to get the process's pid.
Hope it helps
0
 

Author Comment

by:ywcho
ID: 1292656
Thank you for your comments.
My testing client and server are running on different machines.
Also I coouldn't use struss since it couldn't get information from the process debugged.
Actually, I am trying to develop a tool which inspects a process and finds out who sent this event if the process received an event at its dispatcher routine. But I don't want the source code
of the process. As you mentioned before, we can get the address and the port number of a client. However, I can't identify the client process with the port number. If we can get the port number of the client process when the clnt_call() is invoked,
I could identify the client process through comparing the port number received in the server and it of the client.
I am so sorry to disturb you for long time.
Please give me a idea if you have.
Thanks,
Have a nice day.

Young W Cho

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
xyBalance chalenge 58 88
substring method in java 1 98
fizzArray  challenge 1 63
Annoying "thing" blocks my view 4 82
Introduction: Displaying information on the statusbar.   Continuing from the third article about sudoku.   Open the project in visual studio. Status bar – let’s display the timestamp there.  We need to get the timestamp from the document s…
Introduction: Dialogs (2) modeless dialog and a worker thread.  Handling data shared between threads.  Recursive functions. Continuing from the tenth article about sudoku.   Last article we worked with a modal dialog to help maintain informat…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now