Avoid "unmatched close events"
schu opened this issue · comments
We only expect to see "unmatched close events" for connections initiated before tcptracer-bpf was started. Currently, we also see them for any TCP connection where tcp_*_connect
didn't succeed (for example when connecting to a closed port) as we don't report those events:
https://github.com/weaveworks/tcptracer-bpf/blob/master/tcptracer-bpf.c#L415-L419
To reproduce, run the test tracer (sudo -E ./tests/tracer
) and connect to a closed port, e.g. nc -w 1 google.com 56789