Netstat in python. Does it's possible?

Re: Netstat in python. Does it's possible?

billie enlightened us with:[color=blue]
> Hi all. I don't know if Python is good for this kind of jobs but I'm
> wondering if it's possible emulate the "netstat" command in Python.[/color]

On Linux, you can read /proc for that info, iirc.

Sybren
--
The problem with the world is stupidity. Not saying there should be a
capital punishment for stupidity, but why don't we just take the
safety labels off of everything and let the problem solve itself?
Frank Zappa

Re: Netstat in python. Does it's possible?

billie wrote:[color=blue]
> Hi all. I don't know if Python is good for this kind of jobs but I'm
> wondering if it's possible emulate the "netstat" command in Python.[/color]

As a general recommendation, use strace(1) to answer this kind of
question. Run "strace -o tmp netstat", then inspect tmp to find out
how netstat obtained the information it reported.

As Sybren suggests, this can all be answered from /proc. For a
process you are interested in, list /proc/<pid>/fd (using os.listdir),
then read the contents of all links (using os.readlink). If the link
value starts with "[socket:", it's a socket. Then search
/proc/net/tcp for the ID. The line containing the ID will have
the information you want.

Regards,
Martin

Re: Netstat in python. Does it's possible?

On Sat, 11 Feb 2006 16:28:06 +0100, Martin v. Löwis <martin@v.loewi s.de> wrote:[color=blue]
> billie wrote:[color=green]
>> Hi all. I don't know if Python is good for this kind of jobs but I'm
>> wondering if it's possible emulate the "netstat" command in Python.[/color]
>
> As a general recommendation, use strace(1) to answer this kind of
> question. Run "strace -o tmp netstat", then inspect tmp to find out
> how netstat obtained the information it reported.[/color]

Good idea.

There might still be a problem for people doing things like this: netstat
might use unstable or non-public APIs to find the things it lists. This is
fine because it's typically your OS vendor who have to handle that (ship
another netstat when the /proc or /sys file system layout changes, etc).

If it works like that, you can access the APIs fine from Python -- but you
cannot write a portable 'pynetstat' without a lot of effort and maintenance.

/Jorgen

--
// Jorgen Grahn <grahn@ Ph'nglui mglw'nafh Cthulhu
\X/ snipabacken.dyn dns.org> R'lyeh wgah'nagl fhtagn!

Re: Netstat in python. Does it's possible?

Jorgen Grahn wrote:[color=blue]
> There might still be a problem for people doing things like this: netstat
> might use unstable or non-public APIs to find the things it lists. This is
> fine because it's typically your OS vendor who have to handle that (ship
> another netstat when the /proc or /sys file system layout changes, etc).[/color]

Right. However, on Unix, there aren't really that much "non-public"
APIs. If you can figure out what the system call number is, and you
have /usr/include/sys, you can typically come up with a way to call
this API.

It becomes tricky if netstat turns out to read /dev/kmem or some such.
[color=blue]
> If it works like that, you can access the APIs fine from Python -- but you
> cannot write a portable 'pynetstat' without a lot of effort and maintenance.[/color]

Well, to make that accessible from Python, you need to have Python
wrappers for all system calls involved (or for library routines that
use the system calls the right way). In case of /proc, this is easy;
if it is a ioctl(2), it might still be doable. If it is something
else, you may have to write a Python wrapper for that other system
call first.

Regards,
Martin

Re: Netstat in python. Does it's possible?

In article <43EE7B7E.50508 02@v.loewis.de> ,
Martin v. Löwis <martin@v.loewi s.de> wrote:[color=blue]
>Jorgen Grahn wrote:[color=green]
>> There might still be a problem for people doing things like this: netstat
>> might use unstable or non-public APIs to find the things it lists. This is
>> fine because it's typically your OS vendor who have to handle that (ship
>> another netstat when the /proc or /sys file system layout changes, etc).[/color]
>
>Right. However, on Unix, there aren't really that much "non-public"
>APIs. If you can figure out what the system call number is, and you
>have /usr/include/sys, you can typically come up with a way to call
>this API.
>
>It becomes tricky if netstat turns out to read /dev/kmem or some such.
>[color=green]
>> If it works like that, you can access the APIs fine from Python -- but you
>> cannot write a portable 'pynetstat' without a lot of effort and maintenance.[/color]
>
>Well, to make that accessible from Python, you need to have Python
>wrappers for all system calls involved (or for library routines that
>use the system calls the right way). In case of /proc, this is easy;
>if it is a ioctl(2), it might still be doable. If it is something
>else, you may have to write a Python wrapper for that other system
>call first.[/color]

Re: Netstat in python. Does it's possible?

On Sun, 12 Feb 2006 01:04:14 +0100, Martin v. Löwis <martin@v.loewi s.de> wrote:[color=blue]
> Jorgen Grahn wrote:[color=green]
>> There might still be a problem for people doing things like this: netstat
>> might use unstable or non-public APIs to find the things it lists. This is
>> fine because it's typically your OS vendor who have to handle that (ship
>> another netstat when the /proc or /sys file system layout changes, etc).[/color]
>
> Right. However, on Unix, there aren't really that much "non-public"
> APIs. If you can figure out what the system call number is, and you
> have /usr/include/sys, you can typically come up with a way to call
> this API.[/color]

I was thinking mostly about /proc, /sys and related file systems. I have a
feeling parts of them they change quite frequently under Linux, and of
course under other Unices they may look completely different, or be absent.

Like Mr Laird said elsewhere, the best thing might be to popen() netstat
and parse its output.

/Jorgen

--
// Jorgen Grahn <grahn@ Ph'nglui mglw'nafh Cthulhu
\X/ snipabacken.dyn dns.org> R'lyeh wgah'nagl fhtagn!

Re: Netstat in python. Does it's possible?

Jorgen Grahn wrote:[color=blue]
> I was thinking mostly about /proc, /sys and related file systems. I have a
> feeling parts of them they change quite frequently under Linux, and of
> course under other Unices they may look completely different, or be absent.
>
> Like Mr Laird said elsewhere, the best thing might be to popen() netstat
> and parse its output.[/color]

Hmm. And the netstat output cannot change, and is identical across all
systems?

I agree that the format of the proc file system is different across
systems (or other systems don't use netstat at all), however, on all
systems I'm aware of, there is a certain committment to keeping the
proc file system stable for applications (on Solaris more so than
on Linux).

Regards,
Martin

Re: Netstat in python. Does it's possible?

Thank you all for your helping.

Re: Netstat in python. Does it's possible?

On Sun, 12 Feb 2006 22:56:06 +0100, Martin v. Löwis <martin@v.loewi s.de> wrote:[color=blue]
> Jorgen Grahn wrote:[color=green]
>> I was thinking mostly about /proc, /sys and related file systems. I have a
>> feeling parts of them they change quite frequently under Linux, and of
>> course under other Unices they may look completely different, or be absent.
>>
>> Like Mr Laird said elsewhere, the best thing might be to popen() netstat
>> and parse its output.[/color]
>
> Hmm. And the netstat output cannot change, and is identical across all
> systems?[/color]

I was going to mention that complication, but I didn't want to depress the
original poster any more ...

/Jorgen

--
// Jorgen Grahn <grahn@ Ph'nglui mglw'nafh Cthulhu
\X/ snipabacken.dyn dns.org> R'lyeh wgah'nagl fhtagn!

hi guys, on this note, have a look at my pynetstat program, and its various incarnations. I haven't worked on it for a while, and it's totally limited to lunix, but it's still great hehe. It started as a frontend for netstat, but now it's almost 100% my own code, connection details from /proc/net/tcp and program/pid details from the /proc/[0-9]+

EDIT: eschelon.co.uk is my site with pynetstat hehe... dependencies on the 'current' version are... twisted (twistedmatrix. com), pygtk (pygtk.org), subversion for getting the bleeding edge version.. get the latest tarball from