#!/usr/sbin/dtrace -CZs
/*
 * browserspy.d - trace and report browser requests.
 *
 * URI structure:
 * <scheme>://<username>:<password>@<hostname>:<port>//<directory><basename>.<extension>;<param>?<query>#<ref>
 *
 * Probes:
 * mozilla<pid>:::load-start 
 * mozilla<pid>:::load-done
 *
 * Args:
 * 	arg0 is of type void * - unique_id
 *	arg1 is an enum nsTraceLoadType - TYPE_URI or TYPE_IMAGE
 *	arg2 is of type struct 	nsTraceLoadInfo * - pointer to the broken down URI info
 */

#pragma D option quiet

struct nsTraceLoadInfo {
    char * contentType;    
    char * spec;           
    char * scheme;        
    char * username;
    char * password;      
    char * hostPort;      
    char * host;          
    int    port;
    char * path;          
    char * filePath;      
    char * fileName;      
    char * fileExtension;      
    char * param;
    char * query;
    char * ref;
};

enum nsTraceLoadType {
    TYPE_URI = 1,
    TYPE_IMAGE
};

dtrace:::BEGIN
{
	printf("Tracing... Hit Ctrl-C to end.\n");
	top = 10;				/* top sites to print */
}

moz*:::load-start
{	
	this->loadType = arg1 == TYPE_URI ? "URI": "IMAGE";
	this->info = (struct nsTraceLoadInfo *) copyin(arg2,
	    sizeof (struct nsTraceLoadInfo));

	@scheme[pid, uid, copyinstr((uintptr_t)this->info->scheme)] = count();
	@ctype[pid, uid, copyinstr((uintptr_t)this->info->contentType)] =
	    count();
	@fext[pid, uid, copyinstr((uintptr_t)this->info->fileExtension)] =
	    count();
	@user[pid, uid, copyinstr((uintptr_t)this->info->username)] = count();
	@host[pid, uid, copyinstr((uintptr_t)this->info->host)] = count();
	@site[pid, uid, copyinstr((uintptr_t)this->info->spec)] = count();
}

dtrace:::END
{
	printf("\nBrowser requests by scheme,\n\n");
	printf("%8s %8s %-32s %8s\n", "PID", "UID", "SCHEME", "COUNT");
	printa("%8d %8d %-32s %@8d\n", @scheme);

	printf("\nBrowser requests by content type,\n\n");
	printf("%8s %8s %-32s %8s\n", "PID", "UID", "CONTENT TYPE", "COUNT");
	printa("%8d %8d %-32s %@8d\n", @ctype);

	printf("\nBrowser requests by file extension,\n\n");
	printf("%8s %8s %-32s %8s\n", "PID", "UID", "FILE EXT", "COUNT");
	printa("%8d %8d %-32s %@8d\n", @fext);

	printf("\nBrowser requests by username (if used),\n\n");
	printf("%8s %8s %-32s %8s\n", "PID", "UID", "USERNAME", "COUNT");
	printa("%8d %8d %-32s %@8d\n", @user);

	printf("\nBrowser requests by host,\n\n");
	printf("%8s %8s %8s %s\n", "PID", "UID", "COUNT", "HOST");
	printa("%8d %8d %@8d %s\n", @host);

	trunc(@site, top);
	printf("\nTop %d sites,\n\n", top);
	printf("%8s %8s %8s %s\n", "PID", "UID", "COUNT", "SITE");
	printa("%8d %8d %@8d %s\n", @site);
}