-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Description
At the moment we scan /proc/net/tcp{6}
to detect which ports are being used/served in a workspace. While this works reliably, it has the major downside that we cannot tell wich process serves this port - information that would be handy to display. Also, because of the polling delay, there's a delay in port detection.
Possible solutions
seccomp-notify
User-namespaced workspaces make use of seccomp-notify. We could get notifications on accept
, and use the sockfd
to get more information about the socket (which port, which address). workspacekit would then provide a Unix socket on which we serve port status information (either re-using supervisor's StatusService or coming up with our own).
Alternatively, workspacekit could provide a file in a well-known location that offers port -> PID mappings, which we'd use to enhance the port information.
scanning /proc
To identify the process that's serving a port, we could also scan /proc
and match the sockets inode with the process FD. With proper caching it's conceivable that this solution could come in at an acceptable CPU/performance cost.
Activity
meysholdt commentedon Mar 8, 2021
To create the connection -> PID mapping, maybe https://github.com/raboof/nethogs can be of inspiration. It solves the problem to show traffic per process.
akosyakov commentedon Apr 13, 2021
Should we close #3059 as a duplicate? Besides the process, it would be useful to see the currently running foreground command.
stale commentedon Aug 4, 2021
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.