Documentation/filesystems/proc.txt

------------------------------------------------------------------------------
                       T H E  /proc   F I L E S Y S T E M
------------------------------------------------------------------------------
/proc/sys         Terrehon Bowden <terrehon@pacbell.net>        October 7 1999
                  Bodo Bauer <bb@ricochet.net>

2.4.x update	  Jorge Nerin <comandante@zaralinux.com>      November 14 2000
------------------------------------------------------------------------------
Version 1.3                                              Kernel version 2.2.12
					      Kernel version 2.4.0-test11-pre4
------------------------------------------------------------------------------

Table of Contents
-----------------

  0     Preface
  0.1	Introduction/Credits
  0.2	Legal Stuff

  1	Collecting System Information
  1.1	Process-Specific Subdirectories
  1.2	Kernel data
  1.3	IDE devices in /proc/ide
  1.4	Networking info in /proc/net
  1.5	SCSI info
  1.6	Parallel port info in /proc/parport
  1.7	TTY info in /proc/tty
  1.8	Miscellaneous kernel statistics in /proc/stat

  2	Modifying System Parameters
  2.1	/proc/sys/fs - File system data
  2.2	/proc/sys/fs/binfmt_misc - Miscellaneous binary formats
  2.3	/proc/sys/kernel - general kernel parameters
  2.4	/proc/sys/vm - The virtual memory subsystem
  2.5	/proc/sys/dev - Device specific parameters
  2.6	/proc/sys/sunrpc - Remote procedure calls
  2.7	/proc/sys/net - Networking stuff
  2.8	/proc/sys/net/ipv4 - IPV4 settings
  2.9	Appletalk
  2.10	IPX
  2.11	/proc/sys/fs/mqueue - POSIX message queues filesystem
  2.12	/proc/<pid>/oom_adj - Adjust the oom-killer score
  2.13	/proc/<pid>/oom_score - Display current oom-killer score
  2.14	/proc/<pid>/io - Display the IO accounting fields

------------------------------------------------------------------------------
Preface
------------------------------------------------------------------------------

0.1 Introduction/Credits
------------------------

This documentation is  part of a soon (or  so we hope) to be  released book on
the SuSE  Linux distribution. As  there is  no complete documentation  for the
/proc file system and we've used  many freely available sources to write these
chapters, it  seems only fair  to give the work  back to the  Linux community.
This work is  based on the 2.2.*  kernel version and the  upcoming 2.4.*. I'm
afraid it's still far from complete, but we  hope it will be useful. As far as
we know, it is the first 'all-in-one' document about the /proc file system. It
is focused  on the Intel  x86 hardware,  so if you  are looking for  PPC, ARM,
SPARC, AXP, etc., features, you probably  won't find what you are looking for.
It also only covers IPv4 networking, not IPv6 nor other protocols - sorry. But
additions and patches  are welcome and will  be added to this  document if you
mail them to Bodo.

We'd like  to  thank Alan Cox, Rik van Riel, and Alexey Kuznetsov and a lot of
other people for help compiling this documentation. We'd also like to extend a
special thank  you to Andi Kleen for documentation, which we relied on heavily
to create  this  document,  as well as the additional information he provided.
Thanks to  everybody  else  who contributed source or docs to the Linux kernel
and helped create a great piece of software... :)

If you  have  any comments, corrections or additions, please don't hesitate to
contact Bodo  Bauer  at  bb@ricochet.net.  We'll  be happy to add them to this
document.

The   latest   version    of   this   document   is    available   online   at
http://skaro.nightcrawler.com/~bb/Docs/Proc as HTML version.

If  the above  direction does  not works  for you,  ypu could  try the  kernel
mailing  list  at  linux-kernel@vger.kernel.org  and/or try  to  reach  me  at
comandante@zaralinux.com.

0.2 Legal Stuff
---------------

We don't  guarantee  the  correctness  of this document, and if you come to us
complaining about  how  you  screwed  up  your  system  because  of  incorrect
documentation, we won't feel responsible...

------------------------------------------------------------------------------
CHAPTER 1: COLLECTING SYSTEM INFORMATION
------------------------------------------------------------------------------

------------------------------------------------------------------------------
In This Chapter
------------------------------------------------------------------------------
* Investigating  the  properties  of  the  pseudo  file  system  /proc and its
  ability to provide information on the running Linux system
* Examining /proc's structure
* Uncovering  various  information  about the kernel and the processes running
  on the system
------------------------------------------------------------------------------


The proc  file  system acts as an interface to internal data structures in the
kernel. It  can  be  used to obtain information about the system and to change
certain kernel parameters at runtime (sysctl).

First, we'll  take  a  look  at the read-only parts of /proc. In Chapter 2, we
show you how you can use /proc/sys to change settings.

1.1 Process-Specific Subdirectories
-----------------------------------

The directory  /proc  contains  (among other things) one subdirectory for each
process running on the system, which is named after the process ID (PID).

The link  self  points  to  the  process reading the file system. Each process
subdirectory has the entries listed in Table 1-1.


Table 1-1: Process specific entries in /proc 
..............................................................................
 File		Content
 clear_refs	Clears page referenced bits shown in smaps output
 cmdline	Command line arguments
 cpu		Current and last cpu in which it was executed	(2.4)(smp)
 cwd		Link to the current working directory
 environ	Values of environment variables
 exe		Link to the executable of this process
 fd		Directory, which contains all file descriptors
 maps		Memory maps to executables and library files	(2.4)
 mem		Memory held by this process
 root		Link to the root directory of this process
 stat		Process status
 statm		Process memory status information
 status		Process status in human readable form
 wchan		If CONFIG_KALLSYMS is set, a pre-decoded wchan
 smaps		Extension based on maps, the rss size for each mapped file
..............................................................................

For example, to get the status information of a process, all you have to do is
read the file /proc/PID/status:

  >cat /proc/self/status 
  Name:   cat 
  State:  R (running) 
  Pid:    5452 
  PPid:   743 
  TracerPid:      0						(2.4)
  Uid:    501     501     501     501 
  Gid:    100     100     100     100 
  Groups: 100 14 16 
  VmSize:     1112 kB 
  VmLck:         0 kB 
  VmRSS:       348 kB 
  VmData:       24 kB 
  VmStk:        12 kB 
  VmExe:         8 kB 
  VmLib:      1044 kB 
  SigPnd: 0000000000000000 
  SigBlk: 0000000000000000 
  SigIgn: 0000000000000000 
  SigCgt: 0000000000000000 
  CapInh: 00000000fffffeff 
  CapPrm: 0000000000000000 
  CapEff: 0000000000000000 


This shows you nearly the same information you would get if you viewed it with
the ps  command.  In  fact,  ps  uses  the  proc  file  system  to  obtain its
information. The  statm  file  contains  more  detailed  information about the
process memory usage. Its seven fields are explained in Table 1-2.


Table 1-2: Contents of the statm files (as of 2.6.8-rc3)
..............................................................................
 Field    Content
 size     total program size (pages)		(same as VmSize in status)
 resident size of memory portions (pages)	(same as VmRSS in status)
 shared   number of pages that are shared	(i.e. backed by a file)
 trs      number of pages that are 'code'	(not including libs; broken,
							includes data segment)
 lrs      number of pages of library		(always 0 on 2.6)
 drs      number of pages of data/stack		(including libs; broken,
							includes library text)
 dt       number of dirty pages			(always 0 on 2.6)
..............................................................................

1.2 Kernel data
---------------

Similar to  the  process entries, the kernel data files give information about
the running kernel. The files used to obtain this information are contained in
/proc and  are  listed  in Table 1-3. Not all of these will be present in your
system. It  depends  on the kernel configuration and the loaded modules, which
files are there, and which are missing.

Table 1-3: Kernel info in /proc 
..............................................................................
 File        Content                                           
 apm         Advanced power management info                    
 buddyinfo   Kernel memory allocator information (see text)	(2.5)
 bus         Directory containing bus specific information     
 cmdline     Kernel command line                               
 cpuinfo     Info about the CPU                                
 devices     Available devices (block and character)           
 dma         Used DMS channels                                 
 filesystems Supported filesystems                             
 driver	     Various drivers grouped here, currently rtc (2.4)
 execdomains Execdomains, related to security			(2.4)
 fb	     Frame Buffer devices				(2.4)
 fs	     File system parameters, currently nfs/exports	(2.4)
 ide         Directory containing info about the IDE subsystem 
 interrupts  Interrupt usage                                   
 iomem	     Memory map						(2.4)
 ioports     I/O port usage                                    
 irq	     Masks for irq to cpu affinity			(2.4)(smp?)
 isapnp	     ISA PnP (Plug&Play) Info				(2.4)
 kcore       Kernel core image (can be ELF or A.OUT(deprecated in 2.4))   
 kmsg        Kernel messages                                   
 ksyms       Kernel symbol table                               
 loadavg     Load average of last 1, 5 & 15 minutes                
 locks       Kernel locks                                      
 meminfo     Memory info                                       
 misc        Miscellaneous                                     
 modules     List of loaded modules                            
 mounts      Mounted filesystems                               
 net         Networking info (see text)                        
 partitions  Table of partitions known to the system           
 pci	     Deprecated info of PCI bus (new way -> /proc/bus/pci/,
             decoupled by lspci					(2.4)
 rtc         Real time clock                                   
 scsi        SCSI info (see text)                              
 slabinfo    Slab pool info                                    
 stat        Overall statistics                                
 swaps       Swap space utilization                            
 sys         See chapter 2                                     
 sysvipc     Info of SysVIPC Resources (msg, sem, shm)		(2.4)
 tty	     Info of tty drivers
 uptime      System uptime                                     
 version     Kernel version                                    
 video	     bttv info of video resources			(2.4)
..............................................................................

You can,  for  example,  check  which interrupts are currently in use and what
they are used for by looking in the file /proc/interrupts:

  > cat /proc/interrupts 
             CPU0        
    0:    8728810          XT-PIC  timer 
    1:        895          XT-PIC  keyboard 
    2:          0          XT-PIC  cascade 
    3:     531695          XT-PIC  aha152x 
    4:    2014133          XT-PIC  serial 
    5:      44401          XT-PIC  pcnet_cs 
    8:          2          XT-PIC  rtc 
   11:          8          XT-PIC  i82365 
   12:     182918          XT-PIC  PS/2 Mouse 
   13:          1          XT-PIC  fpu 
   14:    1232265          XT-PIC  ide0 
   15:          7          XT-PIC  ide1 
  NMI:          0 

In 2.4.* a couple of lines where added to this file LOC & ERR (this time is the
output of a SMP machine):

  > cat /proc/interrupts 

             CPU0       CPU1       
    0:    1243498    1214548    IO-APIC-edge  timer
    1:       8949       8958    IO-APIC-edge  keyboard
    2:          0          0          XT-PIC  cascade
    5:      11286      10161    IO-APIC-edge  soundblaster
    8:          1          0    IO-APIC-edge  rtc
    9:      27422      27407    IO-APIC-edge  3c503
   12:     113645     113873    IO-APIC-edge  PS/2 Mouse
   13:          0          0          XT-PIC  fpu
   14:      22491      24012    IO-APIC-edge  ide0
   15:       2183       2415    IO-APIC-edge  ide1
   17:      30564      30414   IO-APIC-level  eth0
   18:        177        164   IO-APIC-level  bttv
  NMI:    2457961    2457959 
  LOC:    2457882    2457881 
  ERR:       2155

NMI is incremented in this case because every timer interrupt generates a NMI
(Non Maskable Interrupt) which is used by the NMI Watchdog to detect lockups.

LOC is the local interrupt counter of the internal APIC of every CPU.

ERR is incremented in the case of errors in the IO-APIC bus (the bus that
connects the CPUs in a SMP system. This means that an error has been detected,
the IO-APIC automatically retry the transmission, so it should not be a big
problem, but you should read the SMP-FAQ.

In this context it could be interesting to note the new irq directory in 2.4.
It could be used to set IRQ to CPU affinity, this means that you can "hook" an
IRQ to only one CPU, or to exclude a CPU of handling IRQs. The contents of the
irq subdir is one subdir for each IRQ, and one file; prof_cpu_mask

For example 
  > ls /proc/irq/
  0  10  12  14  16  18  2  4  6  8  prof_cpu_mask
  1  11  13  15  17  19  3  5  7  9
  > ls /proc/irq/0/
  smp_affinity

The contents of the prof_cpu_mask file and each smp_affinity file for each IRQ
is the same by default:

  > cat /proc/irq/0/smp_affinity 
  ffffffff

It's a bitmask, in which you can specify which CPUs can handle the IRQ, you can
set it by doing:

  > echo 1 > /proc/irq/prof_cpu_mask

This means that only the first CPU will handle the IRQ, but you can also echo 5
which means that only the first and fourth CPU can handle the IRQ.

The way IRQs are routed is handled by the IO-APIC, and it's Round Robin
between all the CPUs which are allowed to handle it. As usual the kernel has
more info than you and does a better job than you, so the defaults are the
best choice for almost everyone.

There are  three  more  important subdirectories in /proc: net, scsi, and sys.
The general  rule  is  that  the  contents,  or  even  the  existence of these
directories, depend  on your kernel configuration. If SCSI is not enabled, the
directory scsi  may  not  exist. The same is true with the net, which is there
only when networking support is present in the running kernel.

The slabinfo  file  gives  information  about  memory usage at the slab level.
Linux uses  slab  pools for memory management above page level in version 2.2.
Commonly used  objects  have  their  own  slab  pool (such as network buffers,
directory cache, and so on).

..............................................................................

> cat /proc/buddyinfo

Node 0, zone      DMA      0      4      5      4      4      3 ...
Node 0, zone   Normal      1      0      0      1    101      8 ...
Node 0, zone  HighMem      2      0      0      1      1      0 ...

Memory fragmentation is a problem under some workloads, and buddyinfo is a 
useful tool for helping diagnose these problems.  Buddyinfo will give you a 
clue as to how big an area you can safely allocate, or why a previous
allocation failed.

Each column represents the number of pages of a certain order which are 
available.  In this case, there are 0 chunks of 2^0*PAGE_SIZE available in 
ZONE_DMA, 4 chunks of 2^1*PAGE_SIZE in ZONE_DMA, 101 chunks of 2^4*PAGE_SIZE 
available in ZONE_NORMAL, etc... 

..............................................................................

meminfo:

Provides information about distribution and utilization of memory.  This
varies by architecture and compile options.  The following is from a
16GB PIII, which has highmem enabled.  You may not have all of these fields.

> cat /proc/meminfo


MemTotal:     16344972 kB
MemFree:      13634064 kB
Buffers:          3656 kB
Cached:        1195708 kB
SwapCached:          0 kB
Active:         891636 kB
Inactive:      1077224 kB
HighTotal:    15597528 kB
HighFree:     13629632 kB
LowTotal:       747444 kB
LowFree:          4432 kB
SwapTotal:           0 kB
SwapFree:            0 kB
Dirty:             968 kB
Writeback:           0 kB
Mapped:         280372 kB
Slab:           684068 kB
CommitLimit:   7669796 kB
Committed_AS:   100056 kB
PageTables:      24448 kB
VmallocTotal:   112216 kB
VmallocUsed:       428 kB
VmallocChunk:   111088 kB

    MemTotal: Total usable ram (i.e. physical ram minus a few reserved
              bits and the kernel binary code)
     MemFree: The sum of LowFree+HighFree
     Buffers: Relatively temporary storage for raw disk blocks
              shouldn't get tremendously large (20MB or so)
      Cached: in-memory cache for files read from the disk (the
              pagecache).  Doesn't include SwapCached
  SwapCached: Memory that once was swapped out, is swapped back in but
              still also is in the swapfile (if memory is needed it
              doesn't need to be swapped out AGAIN because it is already
              in the swapfile. This saves I/O)
      Active: Memory that has been used more recently and usually not
              reclaimed unless absolutely necessary.
    Inactive: Memory which has been less recently used.  It is more
              eligible to be reclaimed for other purposes
   HighTotal:
    HighFree: Highmem is all memory above ~860MB of physical memory
              Highmem areas are for use by userspace programs, or
              for the pagecache.  The kernel must use tricks to access
              this memory, making it slower to access than lowmem.
    LowTotal:
     LowFree: Lowmem is memory which can be used for everything that
              highmem can be used for, but it is also available for the
              kernel's use for its own data structures.  Among many
              other things, it is where everything from the Slab is
              allocated.  Bad things happen when you're out of lowmem.
   SwapTotal: total amount of swap space available
    SwapFree: Memory which has been evicted from RAM, and is temporarily
              on the disk
       Dirty: Memory which is waiting to get written back to the disk
   Writeback: Memory which is actively being written back to the disk
      Mapped: files which have been mmaped, such as libraries
        Slab: in-kernel data structures cache
 CommitLimit: Based on the overcommit ratio ('vm.overcommit_ratio'),
              this is the total amount of  memory currently available to
              be allocated on the system. This limit is only adhered to
              if strict overcommit accounting is enabled (mode 2 in
              'vm.overcommit_memory').
              The CommitLimit is calculated with the following formula:
              CommitLimit = ('vm.overcommit_ratio' * Physical RAM) + Swap
              For example, on a system with 1G of physical RAM and 7G
              of swap with a `vm.overcommit_ratio` of 30 it would
              yield a CommitLimit of 7.3G.
              For more details, see the memory overcommit documentation
              in vm/overcommit-accounting.
Committed_AS: The amount of memory presently allocated on the system.
              The committed memory is a sum of all of the memory which
              has been allocated by processes, even if it has not been
              "used" by them as of yet. A process which malloc()'s 1G
              of memory, but only touches 300M of it will only show up
              as using 300M of memory even if it has the address space
              allocated for the entire 1G. This 1G is memory which has
              been "committed" to by the VM and can be used at any time
              by the allocating application. With strict overcommit
              enabled on the system (mode 2 in 'vm.overcommit_memory'),
              allocations which would exceed the CommitLimit (detailed
              above) will not be permitted. This is useful if one needs
              to guarantee that processes will not fail due to lack of
              memory once that memory has been successfully allocated.
  PageTables: amount of memory dedicated to the lowest level of page
              tables.
VmallocTotal: total size of vmalloc memory area
 VmallocUsed: amount of vmalloc area which is used
VmallocChunk: largest contigious block of vmalloc area which is free


1.3 IDE devices in /proc/ide
----------------------------

The subdirectory /proc/ide contains information about all IDE devices of which
the kernel  is  aware.  There is one subdirectory for each IDE controller, the
file drivers  and a link for each IDE device, pointing to the device directory
in the controller specific subtree.

The file  drivers  contains general information about the drivers used for the
IDE devices:

  > cat /proc/ide/drivers
  ide-cdrom version 4.53
  ide-disk version 1.08

More detailed  information  can  be  found  in  the  controller  specific
subdirectories. These  are  named  ide0,  ide1  and  so  on.  Each  of  these
directories contains the files shown in table 1-4.


Table 1-4: IDE controller info in  /proc/ide/ide? 
..............................................................................
 File    Content                                 
 channel IDE channel (0 or 1)                    
 config  Configuration (only for PCI/IDE bridge) 
 mate    Mate name                               
 model   Type/Chipset of IDE controller          
..............................................................................

Each device  connected  to  a  controller  has  a separate subdirectory in the
controllers directory.  The  files  listed in table 1-5 are contained in these
directories.


Table 1-5: IDE device information 
..............................................................................
 File             Content                                    
 cache            The cache                                  
 capacity         Capacity of the medium (in 512Byte blocks) 
 driver           driver and version                         
 geometry         physical and logical geometry              
 identify         device identify block                      
 media            media type                                 
 model            device identifier                          
 settings         device setup                               
 smart_thresholds IDE disk management thresholds             
 smart_values     IDE disk management values                 
..............................................................................

The most  interesting  file is settings. This file contains a nice overview of
the drive parameters:

  # cat /proc/ide/ide0/hda/settings 
  name                    value           min             max             mode 
  ----                    -----           ---             ---             ---- 
  bios_cyl                526             0               65535           rw 
  bios_head               255             0               255             rw 
  bios_sect               63              0               63              rw 
  breada_readahead        4               0               127             rw 
  bswap                   0               0               1               r 
  file_readahead          72              0               2097151         rw 
  io_32bit                0               0               3               rw 
  keepsettings            0               0               1               rw 
  max_kb_per_request      122             1               127             rw 
  multcount               0               0               8               rw 
  nice1                   1               0               1               rw 
  nowerr                  0               0               1               rw 
  pio_mode                write-only      0               255             w 
  slow                    0               0               1               rw 
  unmaskirq               0               0               1               rw 
  using_dma               0               0               1               rw 


1.4 Networking info in /proc/net
--------------------------------

The subdirectory  /proc/net  follows  the  usual  pattern. Table 1-6 shows the
additional values  you  get  for  IP  version 6 if you configure the kernel to
support this. Table 1-7 lists the files and their meaning.


Table 1-6: IPv6 info in /proc/net 
..............................................................................
 File       Content                                               
 udp6       UDP sockets (IPv6)                                    
 tcp6       TCP sockets (IPv6)                                    
 raw6       Raw device statistics (IPv6)                          
 igmp6      IP multicast addresses, which this host joined (IPv6) 
 if_inet6   List of IPv6 interface addresses                      
 ipv6_route Kernel routing table for IPv6                         
 rt6_stats  Global IPv6 routing tables statistics                 
 sockstat6  Socket statistics (IPv6)                              
 snmp6      Snmp data (IPv6)                                      
..............................................................................


Table 1-7: Network info in /proc/net 
..............................................................................
 File          Content                                                         
 arp           Kernel  ARP table                                               
 dev           network devices with statistics                                 
 dev_mcast     the Layer2 multicast groups a device is listening too
               (interface index, label, number of references, number of bound
               addresses). 
 dev_stat      network device status                                           
 ip_fwchains   Firewall chain linkage                                          
 ip_fwnames    Firewall chain names                                            
 ip_masq       Directory containing the masquerading tables                    
 ip_masquerade Major masquerading table                                        
 netstat       Network statistics                                              
 raw           raw device statistics                                           
 route         Kernel routing table                                            
 rpc           Directory containing rpc info                                   
 rt_cache      Routing cache                                                   
 snmp          SNMP data                                                       
 sockstat      Socket statistics                                               
 tcp           TCP  sockets                                                    
 tr_rif        Token ring RIF routing table                                    
 udp           UDP sockets                                                     
 unix          UNIX domain sockets                                             
 wireless      Wireless interface data (Wavelan etc)                           
 igmp          IP multicast addresses, which this host joined                  
 psched        Global packet scheduler parameters.                             
 netlink       List of PF_NETLINK sockets                                      
 ip_mr_vifs    List of multicast virtual interfaces                            
 ip_mr_cache   List of multicast routing cache                                 
..............................................................................

You can  use  this  information  to see which network devices are available in
your system and how much traffic was routed over those devices:

  > cat /proc/net/dev 
  Inter-|Receive                                                   |[... 
   face |bytes    packets errs drop fifo frame compressed multicast|[... 
      lo:  908188   5596     0    0    0     0          0         0 [...         
    ppp0:15475140  20721   410    0    0   410          0         0 [...  
    eth0:  614530   7085     0    0    0     0          0         1 [... 
   
  ...] Transmit 
  ...] bytes    packets errs drop fifo colls carrier compressed 
  ...]  908188     5596    0    0    0     0       0          0 
  ...] 1375103    17405    0    0    0     0       0          0 
  ...] 1703981     5535    0    0    0     3       0          0 

In addition, each Channel Bond interface has it's own directory.  For
example, the bond0 device will have a directory called /proc/net/bond0/.
It will contain information that is specific to that bond, such as the
current slaves of the bond, the link status of the slaves, and how
many times the slaves link has failed.

1.5 SCSI info
-------------

If you  have  a  SCSI  host adapter in your system, you'll find a subdirectory
named after  the driver for this adapter in /proc/scsi. You'll also see a list
of all recognized SCSI devices in /proc/scsi:

  >cat /proc/scsi/scsi 
  Attached devices: 
  Host: scsi0 Channel: 00 Id: 00 Lun: 00 
    Vendor: IBM      Model: DGHS09U          Rev: 03E0 
    Type:   Direct-Access                    ANSI SCSI revision: 03 
  Host: scsi0 Channel: 00 Id: 06 Lun: 00 
    Vendor: PIONEER  Model: CD-ROM DR-U06S   Rev: 1.04 
    Type:   CD-ROM                           ANSI SCSI revision: 02 


The directory  named  after  the driver has one file for each adapter found in
the system.  These  files  contain information about the controller, including
the used  IRQ  and  the  IO  address range. The amount of information shown is
dependent on  the adapter you use. The example shows the output for an Adaptec
AHA-2940 SCSI adapter:

  > cat /proc/scsi/aic7xxx/0 
   
  Adaptec AIC7xxx driver version: 5.1.19/3.2.4 
  Compile Options: 
    TCQ Enabled By Default : Disabled 
    AIC7XXX_PROC_STATS     : Disabled 
    AIC7XXX_RESET_DELAY    : 5 
  Adapter Configuration: 
             SCSI Adapter: Adaptec AHA-294X Ultra SCSI host adapter 
                             Ultra Wide Controller 
      PCI MMAPed I/O Base: 0xeb001000 
   Adapter SEEPROM Config: SEEPROM found and used. 
        Adaptec SCSI BIOS: Enabled 
                      IRQ: 10 
                     SCBs: Active 0, Max Active 2, 
                           Allocated 15, HW 16, Page 255 
               Interrupts: 160328 
        BIOS Control Word: 0x18b6 
     Adapter Control Word: 0x005b 
     Extended Translation: Enabled 
  Disconnect Enable Flags: 0xffff 
       Ultra Enable Flags: 0x0001 
   Tag Queue Enable Flags: 0x0000 
  Ordered Queue Tag Flags: 0x0000 
  Default Tag Queue Depth: 8 
      Tagged Queue By Device array for aic7xxx host instance 0: 
        {255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255} 
      Actual queue depth per device for aic7xxx host instance 0: 
        {1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1} 
  Statistics: 
  (scsi0:0:0:0) 
    Device using Wide/Sync transfers at 40.0 MByte/sec, offset 8 
    Transinfo settings: current(12/8/1/0), goal(12/8/1/0), user(12/15/1/0) 
    Total transfers 160151 (74577 reads and 85574 writes) 
  (scsi0:0:6:0) 
    Device using Narrow/Sync transfers at 5.0 MByte/sec, offset 15 
    Transinfo settings: current(50/15/0/0), goal(50/15/0/0), user(50/15/0/0) 
    Total transfers 0 (0 reads and 0 writes) 


1.6 Parallel port info in /proc/parport
---------------------------------------

The directory  /proc/parport  contains information about the parallel ports of
your system.  It  has  one  subdirectory  for  each port, named after the port
number (0,1,2,...).

These directories contain the four files shown in Table 1-8.


Table 1-8: Files in /proc/parport 
..............................................................................
 File      Content                                                             
 autoprobe Any IEEE-1284 device ID information that has been acquired.         
 devices   list of the device drivers using that port. A + will appear by the
           name of the device currently using the port (it might not appear
           against any). 
 hardware  Parallel port's base address, IRQ line and DMA channel.             
 irq       IRQ that parport is using for that port. This is in a separate
           file to allow you to alter it by writing a new value in (IRQ
           number or none). 
..............................................................................

1.7 TTY info in /proc/tty
-------------------------

Information about  the  available  and actually used tty's can be found in the
directory /proc/tty.You'll  find  entries  for drivers and line disciplines in
this directory, as shown in Table 1-9.


Table 1-9: Files in /proc/tty 
..............................................................................
 File          Content                                        
 drivers       list of drivers and their usage                
 ldiscs        registered line disciplines                    
 driver/serial usage statistic and status of single tty lines 
..............................................................................

To see  which  tty's  are  currently in use, you can simply look into the file
/proc/tty/drivers:

  > cat /proc/tty/drivers 
  pty_slave            /dev/pts      136   0-255 pty:slave 
  pty_master           /dev/ptm      128   0-255 pty:master 
  pty_slave            /dev/ttyp       3   0-255 pty:slave 
  pty_master           /dev/pty        2   0-255 pty:master 
  serial               /dev/cua        5   64-67 serial:callout 
  serial               /dev/ttyS       4   64-67 serial 
  /dev/tty0            /dev/tty0       4       0 system:vtmaster 
  /dev/ptmx            /dev/ptmx       5       2 system 
  /dev/console         /dev/console    5       1 system:console 
  /dev/tty             /dev/tty        5       0 system:/dev/tty 
  unknown              /dev/tty        4    1-63 console 


1.8 Miscellaneous kernel statistics in /proc/stat
-------------------------------------------------

Various pieces   of  information about  kernel activity  are  available in the
/proc/stat file.  All  of  the numbers reported  in  this file are  aggregates
since the system first booted.  For a quick look, simply cat the file:

  > cat /proc/stat
  cpu  2255 34 2290 22625563 6290 127 456
  cpu0 1132 34 1441 11311718 3675 127 438
  cpu1 1123 0 849 11313845 2614 0 18
  intr 114930548 113199788 3 0 5 263 0 4 [... lots more numbers ...]
  ctxt 1990473
  btime 1062191376
  processes 2915
  procs_running 1
  procs_blocked 0

The very first  "cpu" line aggregates the  numbers in all  of the other "cpuN"
lines.  These numbers identify the amount of time the CPU has spent performing
different kinds of work.  Time units are in USER_HZ (typically hundredths of a
second).  The meanings of the columns are as follows, from left to right:

- user: normal processes executing in user mode
- nice: niced processes executing in user mode
- system: processes executing in kernel mode
- idle: twiddling thumbs
- iowait: waiting for I/O to complete
- irq: servicing interrupts
- softirq: servicing softirqs

The "intr" line gives counts of interrupts  serviced since boot time, for each
of the  possible system interrupts.   The first  column  is the  total of  all
interrupts serviced; each  subsequent column is the  total for that particular
interrupt.

The "ctxt" line gives the total number of context switches across all CPUs.

The "btime" line gives  the time at which the  system booted, in seconds since
the Unix epoch.

The "processes" line gives the number  of processes and threads created, which
includes (but  is not limited  to) those  created by  calls to the  fork() and
clone() system calls.

The  "procs_running" line gives the  number of processes  currently running on
CPUs.

The   "procs_blocked" line gives  the  number of  processes currently blocked,
waiting for I/O to complete.


------------------------------------------------------------------------------
Summary
------------------------------------------------------------------------------
The /proc file system serves information about the running system. It not only
allows access to process data but also allows you to request the kernel status
by reading files in the hierarchy.

The directory  structure  of /proc reflects the types of information and makes
it easy, if not obvious, where to look for specific data.
------------------------------------------------------------------------------

------------------------------------------------------------------------------
CHAPTER 2: MODIFYING SYSTEM PARAMETERS
------------------------------------------------------------------------------

------------------------------------------------------------------------------
In This Chapter
------------------------------------------------------------------------------
* Modifying kernel parameters by writing into files found in /proc/sys
* Exploring the files which modify certain parameters
* Review of the /proc/sys file tree
------------------------------------------------------------------------------


A very  interesting part of /proc is the directory /proc/sys. This is not only
a source  of  information,  it also allows you to change parameters within the
kernel. Be  very  careful  when attempting this. You can optimize your system,
but you  can  also  cause  it  to  crash.  Never  alter kernel parameters on a
production system.  Set  up  a  development machine and test to make sure that
everything works  the  way  you want it to. You may have no alternative but to
reboot the machine once an error has been made.

To change  a  value,  simply  echo  the new value into the file. An example is
given below  in the section on the file system data. You need to be root to do
this. You  can  create  your  own  boot script to perform this every time your
system boots.

The files  in /proc/sys can be used to fine tune and monitor miscellaneous and
general things  in  the operation of the Linux kernel. Since some of the files
can inadvertently  disrupt  your  system,  it  is  advisable  to  read  both
documentation and  source  before actually making adjustments. In any case, be
very careful  when  writing  to  any  of these files. The entries in /proc may
change slightly between the 2.1.* and the 2.2 kernel, so if there is any doubt
review the kernel documentation in the directory /usr/src/linux/Documentation.
This chapter  is  heavily  based  on the documentation included in the pre 2.2
kernels, and became part of it in version 2.2.1 of the Linux kernel.

2.1 /proc/sys/fs - File system data
-----------------------------------

This subdirectory  contains  specific  file system, file handle, inode, dentry
and quota information.

Currently, these files are in /proc/sys/fs:

dentry-state
------------

Status of  the  directory  cache.  Since  directory  entries  are  dynamically
allocated and  deallocated,  this  file indicates the current status. It holds
six values, in which the last two are not used and are always zero. The others
are listed in table 2-1.


Table 2-1: Status files of the directory cache 
..............................................................................
 File       Content                                                            
 nr_dentry  Almost always zero                                                 
 nr_unused  Number of unused cache entries                                     
 age_limit  
            in seconds after the entry may be reclaimed, when memory is short 
 want_pages internally                                                         
..............................................................................

dquot-nr and dquot-max
----------------------

The file dquot-max shows the maximum number of cached disk quota entries.

The file  dquot-nr  shows  the  number of allocated disk quota entries and the
number of free disk quota entries.

If the number of available cached disk quotas is very low and you have a large
number of simultaneous system users, you might want to raise the limit.

file-nr and file-max
--------------------

The kernel  allocates file handles dynamically, but doesn't free them again at
this time.

The value  in  file-max  denotes  the  maximum number of file handles that the
Linux kernel will allocate. When you get a lot of error messages about running
out of  file handles, you might want to raise this limit. The default value is
10% of  RAM in kilobytes.  To  change it, just  write the new number  into the
file:

  # cat /proc/sys/fs/file-max 
  4096 
  # echo 8192 > /proc/sys/fs/file-max 
  # cat /proc/sys/fs/file-max 
  8192 


This method  of  revision  is  useful  for  all customizable parameters of the
kernel - simply echo the new value to the corresponding file.

Historically, the three values in file-nr denoted the number of allocated file
handles,  the number of  allocated but  unused file  handles, and  the maximum
number of file handles. Linux 2.6 always  reports 0 as the number of free file
handles -- this  is not an error,  it just means that the  number of allocated
file handles exactly matches the number of used file handles.

Attempts to  allocate more  file descriptors than  file-max are  reported with
printk, look for "VFS: file-max limit <number> reached".

inode-state and inode-nr
------------------------

The file inode-nr contains the first two items from inode-state, so we'll skip
to that file...

inode-state contains  two  actual numbers and five dummy values. The numbers
are nr_inodes and nr_free_inodes (in order of appearance).

nr_inodes
~~~~~~~~~

Denotes the  number  of  inodes the system has allocated. This number will
grow and shrink dynamically.

nr_free_inodes
--------------

Represents the  number of free inodes. Ie. The number of inuse inodes is
(nr_inodes - nr_free_inodes).

aio-nr and aio-max-nr
---------------------

aio-nr is the running total of the number of events specified on the
io_setup system call for all currently active aio contexts.  If aio-nr
reaches aio-max-nr then io_setup will fail with EAGAIN.  Note that
raising aio-max-nr does not result in the pre-allocation or re-sizing
of any kernel data structures.

2.2 /proc/sys/fs/binfmt_misc - Miscellaneous binary formats
-----------------------------------------------------------

Besides these  files, there is the subdirectory /proc/sys/fs/binfmt_misc. This
handles the kernel support for miscellaneous binary formats.

Binfmt_misc provides  the ability to register additional binary formats to the
Kernel without  compiling  an additional module/kernel. Therefore, binfmt_misc
needs to  know magic numbers at the beginning or the filename extension of the
binary.

It works by maintaining a linked list of structs that contain a description of
a binary  format,  including  a  magic  with size (or the filename extension),
offset and  mask,  and  the  interpreter name. On request it invokes the given
interpreter with  the  original  program  as  argument,  as  binfmt_java  and
binfmt_em86 and  binfmt_mz  do.  Since binfmt_misc does not define any default
binary-formats, you have to register an additional binary-format.

There are two general files in binfmt_misc and one file per registered format.
The two general files are register and status.

Registering a new binary format
-------------------------------

To register a new binary format you have to issue the command

  echo :name:type:offset:magic:mask:interpreter: > /proc/sys/fs/binfmt_misc/register 



with appropriate  name (the name for the /proc-dir entry), offset (defaults to
0, if  omitted),  magic, mask (which can be omitted, defaults to all 0xff) and
last but  not  least,  the  interpreter that is to be invoked (for example and
testing /bin/echo).  Type  can be M for usual magic matching or E for filename
extension matching (give extension in place of magic).

Check or reset the status of the binary format handler
------------------------------------------------------

If you  do a cat on the file /proc/sys/fs/binfmt_misc/status, you will get the
current status (enabled/disabled) of binfmt_misc. Change the status by echoing
0 (disables)  or  1  (enables)  or  -1  (caution:  this  clears all previously
registered binary  formats)  to status. For example echo 0 > status to disable
binfmt_misc (temporarily).

Status of a single handler
--------------------------

Each registered  handler has an entry in /proc/sys/fs/binfmt_misc. These files
perform the  same function as status, but their scope is limited to the actual
binary format.  By  cating this file, you also receive all related information
about the interpreter/magic of the binfmt.

Example usage of binfmt_misc (emulate binfmt_java)
--------------------------------------------------

  cd /proc/sys/fs/binfmt_misc  
  echo ':Java:M::\xca\xfe\xba\xbe::/usr/local/java/bin/javawrapper:' > register  
  echo ':HTML:E::html::/usr/local/java/bin/appletviewer:' > register  
  echo ':Applet:M::<!--applet::/usr/local/java/bin/appletviewer:' > register 
  echo ':DEXE:M::\x0eDEX::/usr/bin/dosexec:' > register 


These four  lines  add  support  for  Java  executables and Java applets (like
binfmt_java, additionally  recognizing the .html extension with no need to put
<!--applet> to  every  applet  file).  You  have  to  install  the JDK and the
shell-script /usr/local/java/bin/javawrapper  too.  It  works  around  the
brokenness of  the Java filename handling. To add a Java binary, just create a
link to the class-file somewhere in the path.

2.3 /proc/sys/kernel - general kernel parameters
------------------------------------------------

This directory  reflects  general  kernel  behaviors. As I've said before, the
contents depend  on  your  configuration.  Here you'll find the most important
files, along with descriptions of what they mean and how to use them.

acct
----

The file contains three values; highwater, lowwater, and frequency.

It exists  only  when  BSD-style  process  accounting is enabled. These values
control its behavior. If the free space on the file system where the log lives
goes below  lowwater  percentage,  accounting  suspends.  If  it  goes  above
highwater percentage,  accounting  resumes. Frequency determines how often you
check the amount of free space (value is in seconds). Default settings are: 4,
2, and  30.  That is, suspend accounting if there is less than 2 percent free;
resume it  if we have a value of 3 or more percent; consider information about
the amount of free space valid for 30 seconds

ctrl-alt-del
------------

When the value in this file is 0, ctrl-alt-del is trapped and sent to the init
program to  handle a graceful restart. However, when the value is greater that
zero, Linux's  reaction  to  this key combination will be an immediate reboot,
without syncing its dirty buffers.

[NOTE]
    When a  program  (like  dosemu)  has  the  keyboard  in  raw  mode,  the
    ctrl-alt-del is  intercepted  by  the  program  before it ever reaches the
    kernel tty  layer,  and  it is up to the program to decide what to do with
    it.

domainname and hostname
-----------------------

These files  can  be controlled to set the NIS domainname and hostname of your
box. For the classic darkstar.frop.org a simple:

  # echo "darkstar" > /proc/sys/kernel/hostname 
  # echo "frop.org" > /proc/sys/kernel/domainname 


would suffice to set your hostname and NIS domainname.

osrelease, ostype and version
-----------------------------

The names make it pretty obvious what these fields contain:

  > cat /proc/sys/kernel/osrelease 
  2.2.12 
   
  > cat /proc/sys/kernel/ostype 
  Linux 
   
  > cat /proc/sys/kernel/version 
  #4 Fri Oct 1 12:41:14 PDT 1999 


The files  osrelease and ostype should be clear enough. Version needs a little
more clarification.  The  #4 means that this is the 4th kernel built from this
source base and the date after it indicates the time the kernel was built. The
only way to tune these values is to rebuild the kernel.

panic
-----

The value  in  this  file  represents  the  number of seconds the kernel waits
before rebooting  on  a  panic.  When  you  use  the  software  watchdog,  the
recommended setting  is  60. If set to 0, the auto reboot after a kernel panic
is disabled, which is the default setting.

printk
------

The four values in printk denote
* console_loglevel,
* default_message_loglevel,
* minimum_console_loglevel and
* default_console_loglevel
respectively.

These values  influence  printk()  behavior  when  printing  or  logging error
messages, which  come  from  inside  the  kernel.  See  syslog(2)  for  more
information on the different log levels.

console_loglevel
----------------

Messages with a higher priority than this will be printed to the console.

default_message_level
---------------------

Messages without an explicit priority will be printed with this priority.

minimum_console_loglevel
------------------------

Minimum (highest) value to which the console_loglevel can be set.

default_console_loglevel
------------------------

Default value for console_loglevel.

sg-big-buff
-----------

This file  shows  the size of the generic SCSI (sg) buffer. At this point, you
can't tune  it  yet,  but  you  can  change  it  at  compile  time  by editing
include/scsi/sg.h and changing the value of SG_BIG_BUFF.

If you use a scanner with SANE (Scanner Access Now Easy) you might want to set
this to a higher value. Refer to the SANE documentation on this issue.

modprobe
--------

The location  where  the  modprobe  binary  is  located.  The kernel uses this
program to load modules on demand.

unknown_nmi_panic
-----------------

The value in this file affects behavior of handling NMI. When the value is
non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel
debugging information is displayed on console.

NMI switch that most IA32 servers have fires unknown NMI up, for example.
If a system hangs up, try pressing the NMI switch.

nmi_watchdog
------------

Enables/Disables the NMI watchdog on x86 systems.  When the value is non-zero
the NMI watchdog is enabled and will continuously test all online cpus to
determine whether or not they are still functioning properly.

Because the NMI watchdog shares registers with oprofile, by disabling the NMI
watchdog, oprofile may have more registers to utilize.

maps_protect
------------

Enables/Disables the protection of the per-process proc entries "maps" and
"smaps".  When enabled, the contents of these files are visible only to
readers that are allowed to ptrace() the given process.


2.4 /proc/sys/vm - The virtual memory subsystem
-----------------------------------------------

The files  in  this directory can be used to tune the operation of the virtual
memory (VM)  subsystem  of  the  Linux  kernel.

vfs_cache_pressure
------------------

Controls the tendency of the kernel to reclaim the memory which is used for
caching of directory and inode objects.

At the default value of vfs_cache_pressure=100 the kernel will attempt to
reclaim dentries and inodes at a "fair" rate with respect to pagecache and
swapcache reclaim.  Decreasing vfs_cache_pressure causes the kernel to prefer
to retain dentry and inode caches.  Increasing vfs_cache_pressure beyond 100
causes the kernel to prefer to reclaim dentries and inodes.

dirty_background_ratio
----------------------

Contains, as a percentage of total system memory, the number of pages at which
the pdflush background writeback daemon will start writing out dirty data.

dirty_ratio
-----------------

Contains, as a percentage of total system memory, the number of pages at which
a process which is generating disk writes will itself start writing out dirty
data.

dirty_writeback_centisecs
-------------------------

The pdflush writeback daemons will periodically wake up and write `old' data
out to disk.  This tunable expresses the interval between those wakeups, in
100'ths of a second.

Setting this to zero disables periodic writeback altogether.

dirty_expire_centisecs
----------------------

This tunable is used to define when dirty data is old enough to be eligible
for writeout by the pdflush daemons.  It is expressed in 100'ths of a second. 
Data which has been dirty in-memory for longer than this interval will be
written out next time a pdflush daemon wakes up.

legacy_va_layout
----------------

If non-zero, this sysctl disables the new 32-bit mmap mmap layout - the kernel
will use the legacy (2.4) layout for all processes.

lower_zone_protection
---------------------

For some specialised workloads on highmem machines it is dangerous for
the kernel to allow process memory to be allocated from the "lowmem"
zone.  This is because that memory could then be pinned via the mlock()
system call, or by unavailability of swapspace.

And on large highmem machines this lack of reclaimable lowmem memory
can be fatal.

So the Linux page allocator has a mechanism which prevents allocations
which _could_ use highmem from using too much lowmem.  This means that
a certain amount of lowmem is defended from the possibility of being
captured into pinned user memory.

(The same argument applies to the old 16 megabyte ISA DMA region.  This
mechanism will also defend that region from allocations which could use
highmem or lowmem).

The `lower_zone_protection' tunable determines how aggressive the kernel is
in defending these lower zones.  The default value is zero - no
protection at all.

If you have a machine which uses highmem or ISA DMA and your
applications are using mlock(), or if you are running with no swap then
you probably should increase the lower_zone_protection setting.

The units of this tunable are fairly vague.  It is approximately equal
to "megabytes," so setting lower_zone_protection=100 will protect around 100
megabytes of the lowmem zone from user allocations.  It will also make
those 100 megabytes unavailable for use by applications and by
pagecache, so there is a cost.

The effects of this tunable may be observed by monitoring
/proc/meminfo:LowFree.  Write a single huge file and observe the point
at which LowFree ceases to fall.

A reasonable value for lower_zone_protection is 100.

page-cluster
------------

page-cluster controls the number of pages which are written to swap in
a single attempt.  The swap I/O size.

It is a logarithmic value - setting it to zero means "1 page", setting
it to 1 means "2 pages", setting it to 2 means "4 pages", etc.

The default value is three (eight pages at a time).  There may be some
small benefits in tuning this to a different value if your workload is
swap-intensive.

overcommit_memory
-----------------

Controls overcommit of system memory, possibly allowing processes
to allocate (but not use) more memory than is actually available.


0	-	Heuristic overcommit handling. Obvious overcommits of
		address space are refused. Used for a typical system. It
		ensures a seriously wild allocation fails while allowing
		overcommit to reduce swap usage.  root is allowed to
		allocate slightly more memory in this mode. This is the
		default.

1	-	Always overcommit. Appropriate for some scientific
		applications.

2	-	Don't overcommit. The total address space commit
		for the system is not permitted to exceed swap plus a
		configurable percentage (default is 50) of physical RAM.
		Depending on the percentage you use, in most situations
		this means a process will not be killed while attempting
		to use already-allocated memory but will receive errors
		on memory allocation as	appropriate.

overcommit_ratio
----------------

Percentage of physical memory size to include in overcommit calculations
(see above.)

Memory allocation limit = swapspace + physmem * (overcommit_ratio / 100)

	swapspace = total size of all swap areas
	physmem = size of physical memory in system

nr_hugepages and hugetlb_shm_group
----------------------------------

nr_hugepages configures number of hugetlb page reserved for the system.

hugetlb_shm_group contains group id that is allowed to create SysV shared
memory segment using hugetlb page.

laptop_mode
-----------

laptop_mode is a knob that controls "laptop mode". All the things that are
controlled by this knob are discussed in Documentation/laptop-mode.txt.

block_dump
----------

block_dump enables block I/O debugging when set to a nonzero value. More
information on block I/O debugging is in Documentation/laptop-mode.txt.

swap_token_timeout
------------------

This file contains valid hold time of swap out protection token. The Linux
VM has token based thrashing control mechanism and uses the token to prevent
unnecessary page faults in thrashing situation. The unit of the value is
second. The value would be useful to tune thrashing behavior.

drop_caches
-----------

Writing to this will cause the kernel to drop clean caches, dentries and
inodes from memory, causing that memory to become free.

To free pagecache:
	echo 1 > /proc/sys/vm/drop_caches
To free dentries and inodes:
	echo 2 > /proc/sys/vm/drop_caches
To free pagecache, dentries and inodes:
	echo 3 > /proc/sys/vm/drop_caches

As this is a non-destructive operation and dirty objects are not freeable, the
user should run `sync' first.


2.5 /proc/sys/dev - Device specific parameters
----------------------------------------------

Currently there is only support for CDROM drives, and for those, there is only
one read-only  file containing information about the CD-ROM drives attached to
the system:

  >cat /proc/sys/dev/cdrom/info 
  CD-ROM information, Id: cdrom.c 2.55 1999/04/25 
   
  drive name:             sr0     hdb 
  drive speed:            32      40 
  drive # of slots:       1       0 
  Can close tray:         1       1 
  Can open tray:          1       1 
  Can lock tray:          1       1 
  Can change speed:       1       1 
  Can select disk:        0       1 
  Can read multisession:  1       1 
  Can read MCN:           1       1 
  Reports media changed:  1       1 
  Can play audio:         1       1 


You see two drives, sr0 and hdb, along with a list of their features.

2.6 /proc/sys/sunrpc - Remote procedure calls
---------------------------------------------

This directory  contains four files, which enable or disable debugging for the
RPC functions NFS, NFS-daemon, RPC and NLM. The default values are 0. They can
be set to one to turn debugging on. (The default value is 0 for each)

2.7 /proc/sys/net - Networking stuff
------------------------------------

The interface  to  the  networking  parts  of  the  kernel  is  located  in
/proc/sys/net. Table  2-3  shows all possible subdirectories. You may see only
some of them, depending on your kernel's configuration.


Table 2-3: Subdirectories in /proc/sys/net 
..............................................................................
 Directory Content             Directory  Content            
 core      General parameter   appletalk  Appletalk protocol 
 unix      Unix domain sockets netrom     NET/ROM            
 802       E802 protocol       ax25       AX25               
 ethernet  Ethernet protocol   rose       X.25 PLP layer     
 ipv4      IP version 4        x25        X.25 protocol      
 ipx       IPX                 token-ring IBM token ring     
 bridge    Bridging            decnet     DEC net            
 ipv6      IP version 6                   
..............................................................................

We will  concentrate  on IP networking here. Since AX15, X.25, and DEC Net are
only minor players in the Linux world, we'll skip them in this chapter. You'll
find some  short  info on Appletalk and IPX further on in this chapter. Review
the online  documentation  and the kernel source to get a detailed view of the
parameters for  those  protocols.  In  this  section  we'll  discuss  the
subdirectories printed  in  bold letters in the table above. As default values
are suitable for most needs, there is no need to change these values.

/proc/sys/net/core - Network core options
-----------------------------------------

rmem_default
------------

The default setting of the socket receive buffer in bytes.

rmem_max
--------

The maximum receive socket buffer size in bytes.

wmem_default
------------

The default setting (in bytes) of the socket send buffer.

wmem_max
--------

The maximum send socket buffer size in bytes.

message_burst and message_cost
------------------------------

These parameters  are used to limit the warning messages written to the kernel
log from  the  networking  code.  They  enforce  a  rate  limit  to  make  a
denial-of-service attack  impossible. A higher message_cost factor, results in
fewer messages that will be written. Message_burst controls when messages will
be dropped.  The  default  settings  limit  warning messages to one every five
seconds.

warnings
--------

This controls console messages from the networking stack that can occur because
of problems on the network like duplicate address or bad checksums. Normally,
this should be enabled, but if the problem persists the messages can be
disabled.


netdev_max_backlog
------------------

Maximum number  of  packets,  queued  on  the  INPUT  side, when the interface
receives packets faster than kernel can process them.

optmem_max
----------

Maximum ancillary buffer size allowed per socket. Ancillary data is a sequence
of struct cmsghdr structures with appended data.

/proc/sys/net/unix - Parameters for Unix domain sockets
-------------------------------------------------------

There are  only  two  files  in this subdirectory. They control the delays for
deleting and destroying socket descriptors.

2.8 /proc/sys/net/ipv4 - IPV4 settings
--------------------------------------

IP version  4  is  still the most used protocol in Unix networking. It will be
replaced by  IP version 6 in the next couple of years, but for the moment it's
the de  facto  standard  for  the  internet  and  is  used  in most networking
environments around  the  world.  Because  of the importance of this protocol,
we'll have a deeper look into the subtree controlling the behavior of the IPv4
subsystem of the Linux kernel.

Let's start with the entries in /proc/sys/net/ipv4.

ICMP settings
-------------

icmp_echo_ignore_all and icmp_echo_ignore_broadcasts
----------------------------------------------------

Turn on (1) or off (0), if the kernel should ignore all ICMP ECHO requests, or
just those to broadcast and multicast addresses.

Please note that if you accept ICMP echo requests with a broadcast/multi\-cast
destination address  your  network  may  be  used as an exploder for denial of
service packet flooding attacks to other hosts.

icmp_destunreach_rate, icmp_echoreply_rate, icmp_paramprob_rate and icmp_timeexeed_rate
---------------------------------------------------------------------------------------

Sets limits  for  sending  ICMP  packets  to specific targets. A value of zero
disables all  limiting.  Any  positive  value sets the maximum package rate in
hundredth of a second (on Intel systems).

IP settings
-----------

ip_autoconfig
-------------

This file contains the number one if the host received its IP configuration by
RARP, BOOTP, DHCP or a similar mechanism. Otherwise it is zero.

ip_default_ttl
--------------

TTL (Time  To  Live) for IPv4 interfaces. This is simply the maximum number of
hops a packet may travel.

ip_dynaddr
----------

Enable dynamic  socket  address rewriting on interface address change. This is
useful for dialup interface with changing IP addresses.

ip_forward
----------

Enable or  disable forwarding of IP packages between interfaces. Changing this
value resets  all other parameters to their default values. They differ if the
kernel is configured as host or router.

ip_local_port_range
-------------------

Range of  ports  used  by  TCP  and UDP to choose the local port. Contains two
numbers, the  first  number  is the lowest port, the second number the highest
local port.  Default  is  1024-4999.  Should  be  changed  to  32768-61000 for
high-usage systems.

ip_no_pmtu_disc
---------------

Global switch  to  turn  path  MTU  discovery off. It can also be set on a per
socket basis by the applications or on a per route basis.

ip_masq_debug
-------------

Enable/disable debugging of IP masquerading.

IP fragmentation settings
-------------------------

ipfrag_high_trash and ipfrag_low_trash
--------------------------------------

Maximum memory  used to reassemble IP fragments. When ipfrag_high_thresh bytes
of memory  is  allocated  for  this  purpose,  the  fragment handler will toss
packets until ipfrag_low_thresh is reached.

ipfrag_time
-----------

Time in seconds to keep an IP fragment in memory.

TCP settings
------------

tcp_ecn
-------

This file controls the use of the ECN bit in the IPv4 headers. This is a new
feature about Explicit Congestion Notification, but some routers and firewalls
block traffic that has this bit set, so it could be necessary to echo 0 to
/proc/sys/net/ipv4/tcp_ecn if you want to talk to these sites. For more info
you could read RFC2481.

tcp_retrans_collapse
--------------------

Bug-to-bug compatibility with some broken printers. On retransmit, try to send
larger packets to work around bugs in certain TCP stacks. Can be turned off by
setting it to zero.

tcp_keepalive_probes
--------------------

Number of  keep  alive  probes  TCP  sends  out,  until  it  decides  that the
connection is broken.

tcp_keepalive_time
------------------

How often  TCP  sends out keep alive messages, when keep alive is enabled. The
default is 2 hours.

tcp_syn_retries
---------------

Number of  times  initial  SYNs  for  a  TCP  connection  attempt  will  be
retransmitted. Should  not  be  higher  than 255. This is only the timeout for
outgoing connections,  for  incoming  connections the number of retransmits is
defined by tcp_retries1.

tcp_sack
--------

Enable select acknowledgments after RFC2018.

tcp_timestamps
--------------

Enable timestamps as defined in RFC1323.

tcp_stdurg
----------

Enable the  strict  RFC793 interpretation of the TCP urgent pointer field. The
default is  to  use  the  BSD  compatible interpretation of the urgent pointer
pointing to the first byte after the urgent data. The RFC793 interpretation is
to have  it  point  to  the last byte of urgent data. Enabling this option may
lead to interoperability problems. Disabled by default.

tcp_syncookies
--------------

Only valid  when  the  kernel  was  compiled  with CONFIG_SYNCOOKIES. Send out
syncookies when  the  syn backlog queue of a socket overflows. This is to ward
off the common 'syn flood attack'. Disabled by default.

Note that  the  concept  of a socket backlog is abandoned. This means the peer
may not  receive  reliable  error  messages  from  an  over loaded server with
syncookies enabled.

tcp_window_scaling
------------------

Enable window scaling as defined in RFC1323.

tcp_fin_timeout
---------------

The length  of  time  in  seconds  it  takes to receive a final FIN before the
socket is  always  closed.  This  is  strictly  a  violation  of  the  TCP
specification, but required to prevent denial-of-service attacks.

tcp_max_ka_probes
-----------------

Indicates how  many  keep alive probes are sent per slow timer run. Should not
be set too high to prevent bursts.

tcp_max_syn_backlog
-------------------

Length of  the per socket backlog queue. Since Linux 2.2 the backlog specified
in listen(2)  only  specifies  the  length  of  the  backlog  queue of already
established sockets. When more connection requests arrive Linux starts to drop
packets. When  syncookies  are  enabled the packets are still answered and the
maximum queue is effectively ignored.

tcp_retries1
------------

Defines how  often  an  answer  to  a  TCP connection request is retransmitted
before giving up.

tcp_retries2
------------

Defines how often a TCP packet is retransmitted before giving up.

Interface specific settings
---------------------------

In the directory /proc/sys/net/ipv4/conf you'll find one subdirectory for each
interface the  system  knows about and one directory calls all. Changes in the
all subdirectory  affect  all  interfaces,  whereas  changes  in  the  other
subdirectories affect  only  one  interface.  All  directories  have  the same
entries:

accept_redirects
----------------

This switch  decides  if the kernel accepts ICMP redirect messages or not. The
default is 'yes' if the kernel is configured for a regular host and 'no' for a
router configuration.

accept_source_route
-------------------

Should source  routed  packages  be  accepted  or  declined.  The  default  is
dependent on  the  kernel  configuration.  It's 'yes' for routers and 'no' for
hosts.

bootp_relay
~~~~~~~~~~~

Accept packets  with source address 0.b.c.d with destinations not to this host
as local ones. It is supposed that a BOOTP relay daemon will catch and forward
such packets.

The default  is  0,  since this feature is not implemented yet (kernel version
2.2.12).

forwarding
----------

Enable or disable IP forwarding on this interface.

log_martians
------------

Log packets with source addresses with no known route to kernel log.

mc_forwarding
-------------

Do multicast routing. The kernel needs to be compiled with CONFIG_MROUTE and a
multicast routing daemon is required.

proxy_arp
---------

Does (1) or does not (0) perform proxy ARP.

rp_filter
---------

Integer value determines if a source validation should be made. 1 means yes, 0
means no.  Disabled by default, but local/broadcast address spoofing is always
on.

If you  set this to 1 on a router that is the only connection for a network to
the net,  it  will  prevent  spoofing  attacks  against your internal networks
(external addresses  can  still  be  spoofed), without the need for additional
firewall rules.

secure_redirects
----------------

Accept ICMP  redirect  messages  only  for gateways, listed in default gateway
list. Enabled by default.

shared_media
------------

If it  is  not  set  the kernel does not assume that different subnets on this
device can communicate directly. Default setting is 'yes'.

send_redirects
--------------

Determines whether to send ICMP redirects to other hosts.

Routing settings
----------------

The directory  /proc/sys/net/ipv4/route  contains  several  file  to  control
routing issues.

error_burst and error_cost
--------------------------

These  parameters  are used to limit how many ICMP destination unreachable to 
send  from  the  host  in question. ICMP destination unreachable messages are 
sent  when  we  cannot reach  the next hop while trying to transmit a packet. 
It  will also print some error messages to kernel logs if someone is ignoring 
our   ICMP  redirects.  The  higher  the  error_cost  factor  is,  the  fewer 
destination  unreachable  and error messages will be let through. Error_burst 
controls  when  destination  unreachable  messages and error messages will be
dropped. The default settings limit warning messages to five every second.

flush
-----

Writing to this file results in a flush of the routing cache.

gc_elasticity, gc_interval, gc_min_interval_ms, gc_timeout, gc_thresh
---------------------------------------------------------------------

Values to  control  the  frequency  and  behavior  of  the  garbage collection
algorithm for the routing cache. gc_min_interval is deprecated and replaced
by gc_min_interval_ms.


max_size
--------

Maximum size  of  the routing cache. Old entries will be purged once the cache
reached has this size.

max_delay, min_delay
--------------------

Delays for flushing the routing cache.

redirect_load, redirect_number
------------------------------

Factors which  determine  if  more ICPM redirects should be sent to a specific
host. No  redirects  will be sent once the load limit or the maximum number of
redirects has been reached.

redirect_silence
----------------

Timeout for redirects. After this period redirects will be sent again, even if
this has been stopped, because the load or number limit has been reached.

Network Neighbor handling
-------------------------

Settings about how to handle connections with direct neighbors (nodes attached
to the same link) can be found in the directory /proc/sys/net/ipv4/neigh.

As we  saw  it  in  the  conf directory, there is a default subdirectory which
holds the  default  values, and one directory for each interface. The contents
of the  directories  are identical, with the single exception that the default
settings contain additional options to set garbage collection parameters.

In the interface directories you'll find the following entries:

base_reachable_time, base_reachable_time_ms
-------------------------------------------

A base  value  used for computing the random reachable time value as specified
in RFC2461.

Expression of base_reachable_time, which is deprecated, is in seconds.
Expression of base_reachable_time_ms is in milliseconds.

retrans_time, retrans_time_ms
-----------------------------

The time between retransmitted Neighbor Solicitation messages.
Used for address resolution and to determine if a neighbor is
unreachable.

Expression of retrans_time, which is deprecated, is in 1/100 seconds (for
IPv4) or in jiffies (for IPv6).
Expression of retrans_time_ms is in milliseconds.

unres_qlen
----------

Maximum queue  length  for a pending arp request - the number of packets which
are accepted from other layers while the ARP address is still resolved.

anycast_delay
-------------

Maximum for  random  delay  of  answers  to  neighbor solicitation messages in
jiffies (1/100  sec). Not yet implemented (Linux does not have anycast support
yet).

ucast_solicit
-------------

Maximum number of retries for unicast solicitation.

mcast_solicit
-------------

Maximum number of retries for multicast solicitation.

delay_first_probe_time
----------------------

Delay for  the  first  time  probe  if  the  neighbor  is  reachable.  (see
gc_stale_time)

locktime
--------

An ARP/neighbor  entry  is only replaced with a new one if the old is at least
locktime old. This prevents ARP cache thrashing.

proxy_delay
-----------

Maximum time  (real  time is random [0..proxytime]) before answering to an ARP
request for  which  we have an proxy ARP entry. In some cases, this is used to
prevent network flooding.

proxy_qlen
----------

Maximum queue length of the delayed proxy arp timer. (see proxy_delay).

app_solicit
----------

Determines the  number of requests to send to the user level ARP daemon. Use 0
to turn off.

gc_stale_time
-------------

Determines how  often  to  check  for stale ARP entries. After an ARP entry is
stale it  will  be resolved again (which is useful when an IP address migrates
to another  machine).  When  ucast_solicit is greater than 0 it first tries to
send an  ARP  packet  directly  to  the  known  host  When  that  fails  and
mcast_solicit is greater than 0, an ARP request is broadcasted.

2.9 Appletalk
-------------

The /proc/sys/net/appletalk  directory  holds the Appletalk configuration data
when Appletalk is loaded. The configurable parameters are:

aarp-expiry-time
----------------

The amount  of  time  we keep an ARP entry before expiring it. Used to age out
old hosts.

aarp-resolve-time
-----------------

The amount of time we will spend trying to resolve an Appletalk address.

aarp-retransmit-limit
---------------------

The number of times we will retransmit a query before giving up.

aarp-tick-time
--------------

Controls the rate at which expires are checked.

The directory  /proc/net/appletalk  holds the list of active Appletalk sockets
on a machine.

The fields  indicate  the DDP type, the local address (in network:node format)
the remote  address,  the  size of the transmit pending queue, the size of the
received queue  (bytes waiting for applications to read) the state and the uid
owning the socket.

/proc/net/atalk_iface lists  all  the  interfaces  configured for appletalk.It
shows the  name  of the interface, its Appletalk address, the network range on
that address  (or  network number for phase 1 networks), and the status of the
interface.

/proc/net/atalk_route lists  each  known  network  route.  It lists the target
(network) that the route leads to, the router (may be directly connected), the
route flags, and the device the route is using.

2.10 IPX
--------

The IPX protocol has no tunable values in proc/sys/net.

The IPX  protocol  does,  however,  provide  proc/net/ipx. This lists each IPX
socket giving  the  local  and  remote  addresses  in  Novell  format (that is
network:node:port). In  accordance  with  the  strange  Novell  tradition,
everything but the port is in hex. Not_Connected is displayed for sockets that
are not  tied to a specific remote address. The Tx and Rx queue sizes indicate
the number  of  bytes  pending  for  transmission  and  reception.  The  state
indicates the  state  the  socket  is  in and the uid is the owning uid of the
socket.

The /proc/net/ipx_interface  file lists all IPX interfaces. For each interface
it gives  the network number, the node number, and indicates if the network is
the primary  network.  It  also  indicates  which  device  it  is bound to (or
Internal for  internal  networks)  and  the  Frame  Type if appropriate. Linux
supports 802.3,  802.2,  802.2  SNAP  and DIX (Blue Book) ethernet framing for
IPX.

The /proc/net/ipx_route  table  holds  a list of IPX routes. For each route it
gives the  destination  network, the router node (or Directly) and the network
address of the router (or Connected) for internal networks.

2.11 /proc/sys/fs/mqueue - POSIX message queues filesystem
----------------------------------------------------------

The "mqueue"  filesystem provides  the necessary kernel features to enable the
creation of a  user space  library that  implements  the  POSIX message queues
API (as noted by the  MSG tag in the  POSIX 1003.1-2001 version  of the System
Interfaces specification.)

The "mqueue" filesystem contains values for determining/setting  the amount of
resources used by the file system.

/proc/sys/fs/mqueue/queues_max is a read/write  file for  setting/getting  the
maximum number of message queues allowed on the system.

/proc/sys/fs/mqueue/msg_max  is  a  read/write file  for  setting/getting  the
maximum number of messages in a queue value.  In fact it is the limiting value
for another (user) limit which is set in mq_open invocation. This attribute of
a queue must be less or equal then msg_max.

/proc/sys/fs/mqueue/msgsize_max is  a read/write  file for setting/getting the
maximum  message size value (it is every  message queue's attribute set during
its creation).

2.12 /proc/<pid>/oom_adj - Adjust the oom-killer score
------------------------------------------------------

This file can be used to adjust the score used to select which processes
should be killed in an  out-of-memory  situation.  Giving it a high score will
increase the likelihood of this process being killed by the oom-killer.  Valid
values are in the range -16 to +15, plus the special value -17, which disables
oom-killing altogether for this process.

2.13 /proc/<pid>/oom_score - Display current oom-killer score
-------------------------------------------------------------

------------------------------------------------------------------------------
This file can be used to check the current score used by the oom-killer is for
any given <pid>. Use it together with /proc/<pid>/oom_adj to tune which
process should be killed in an out-of-memory situation.

------------------------------------------------------------------------------
Summary
------------------------------------------------------------------------------
Certain aspects  of  kernel  behavior  can be modified at runtime, without the
need to  recompile  the kernel, or even to reboot the system. The files in the
/proc/sys tree  can  not only be read, but also modified. You can use the echo
command to write value into these files, thereby changing the default settings
of the kernel.
------------------------------------------------------------------------------

2.14  /proc/<pid>/io - Display the IO accounting fields
-------------------------------------------------------

This file contains IO statistics for each running process

Example
-------

test:/tmp # dd if=/dev/zero of=/tmp/test.dat &
[1] 3828

test:/tmp # cat /proc/3828/io
rchar: 323934931
wchar: 323929600
syscr: 632687
syscw: 632675
read_bytes: 0
write_bytes: 323932160
cancelled_write_bytes: 0


Description
-----------

rchar
-----

I/O counter: chars read
The number of bytes which this task has caused to be read from storage. This
is simply the sum of bytes which this process passed to read() and pread().
It includes things like tty IO and it is unaffected by whether or not actual
physical disk IO was required (the read might have been satisfied from
pagecache)


wchar
-----

I/O counter: chars written
The number of bytes which this task has caused, or shall cause to be written
to disk. Similar caveats apply here as with rchar.


syscr
-----

I/O counter: read syscalls
Attempt to count the number of read I/O operations, i.e. syscalls like read()
and pread().


syscw
-----

I/O counter: write syscalls
Attempt to count the number of write I/O operations, i.e. syscalls like
write() and pwrite().


read_bytes
----------

I/O counter: bytes read
Attempt to count the number of bytes which this process really did cause to
be fetched from the storage layer. Done at the submit_bio() level, so it is
accurate for block-backed filesystems. <please add status regarding NFS and
CIFS at a later time>


write_bytes
-----------

I/O counter: bytes written
Attempt to count the number of bytes which this process caused to be sent to
the storage layer. This is done at page-dirtying time.


cancelled_write_bytes
---------------------

The big inaccuracy here is truncate. If a process writes 1MB to a file and
then deletes the file, it will in fact perform no writeout. But it will have
been accounted as having caused 1MB of write.
In other words: The number of bytes which this process caused to not happen,
by truncating pagecache. A task can cause "negative" IO too. If this task
truncates some dirty pagecache, some IO which another task has been accounted
for (in it's write_bytes) will not be happening. We _could_ just subtract that
from the truncating task's write_bytes, but there is information loss in doing
that.


Note
----

At its current implementation state, this is a bit racy on 32-bit machines: if
process A reads process B's /proc/pid/io while process B is updating one of
those 64-bit counters, process A could see an intermediate result.


More information about this can be found within the taskstats documentation in
Documentation/accounting.

------------------------------------------------------------------------------