# Sniff unix sockets traffic?

## point3

Hi!

I was wondering how to sniff traffic in unix domain sockets (if it's possible)?

this is dump from netstat -a

```
Active UNIX domain sockets (servers and established)

Proto RefCnt Flags       Type       State         I-Node Path

unix  4      [ ]         DGRAM                    6938   /dev/log

unix  2      [ ]         DGRAM                    1069   @udevd

unix  2      [ ACC ]     STREAM     LISTENING     103100 /tmp/.aksusb

unix  3      [ ]         STREAM     CONNECTED     103118 /tmp/.aksusb

unix  3      [ ]         STREAM     CONNECTED     103117

unix  2      [ ]         DGRAM                    103098

unix  2      [ ]         DGRAM                    6955
```

Thanks!

----------

## moocha

You could use strace. 

```
strace -e trace=read,write,open,close,unlink -p pid
```

 will attach to the running process with the specified PID and monitor operations on the file descriptors it owns. That should also catch UNIX streams. There are more command line parameters to strace, controlling for example how much of each read / write is captured, etc etc. See its manpage for details.

strace is provided by the dev-util/strace package.

----------

