#!/usr/sbin/dtrace -CZs
/*
 * browserspy_time_URI_image.d - trace and report browser URI, Image loads and requests. 
 *      URI Requests have a matching load-start and load-done
 *      Image Requests have a matching load-start and load-done, indicating an image load from the network
 *      Image Loads only have a load-start - this measures all image loads both from cache and out on the network
 *      Image Loads = Cache Hits + Image Requests
 *
 * URI structure - spec:
 * <scheme>://<username>:<password>@<hostname>:<port>//<directory><basename>.<extension>;<param>?<query>#<ref>
 *
 * Probes:
 * mozilla<pid>:::load-start 
 * mozilla<pid>:::load-done
 *
 * Args:
 * 	arg0 is of type void * - unique_id
 *	arg1 is an enum nsTraceLoadType - TYPE_URI or TYPE_IMAGE_LOAD or TYPE_IMAGE_REQUEST
 *	arg2 is of type struct 	nsTraceLoadInfo * - pointer to the URI info
 *            
 */

#pragma D option quiet

/* Any member of nsTraceLoadInfo can be returned as "" except spec and scheme */
struct nsTraceLoadInfo {
    char * contentType;   /* mime type e.g. text/html - can be <null> */    
    char * spec;          /* Complete URI of above structure */
    char * prePath;       /* scheme://user:password@host:port */
    char * scheme;        /* protocol - http, file ... */ 
    char * userPass;      /* username:password */
    char * username;
    char * password;      
    char * hostPort;      /* host:port or just host if port = -1 */  
    char * host;          
    int    port;
    char * path;          /* path = <filepath>;<param>?<query>#<ref> */
    char * filePath;      /* <directory><basename>.<extension> */
    char * fileName;      /* <basename> */
    char * fileExtension; /* <extension> */     
    char * param;
    char * query;
    char * ref;
    int    imagestatus;
};
 
enum nsTraceLoadType {
    TYPE_URI = 1,
    TYPE_IMAGE_LOAD,
    TYPE_IMAGE_REQUEST
};

dtrace:::BEGIN
{
	printf("Tracing Browser Network Activity... Hit Ctrl-C to end.\n");
	top = 10;				/* top sites to print */
}

moz*:::load-start
{	
	type[pid, arg0] = (arg1 == TYPE_URI) ? "URI": ((arg1 == TYPE_IMAGE_LOAD)? "IMAGE_LOAD" : "IMAGE_REQ");
}

moz*:::load-start
/ type[pid, arg0] == "IMAGE_LOAD" /
{	
	@["IMAGE_LOAD", "Image Loads - Network and Cache"] = count();
}

moz*:::load-start
/type[pid, arg0] == "URI" || type[pid, arg0] == "IMAGE_REQ"/
{	
	@[type[pid, arg0], "Network Requests - Started"] = count();

	start[pid, arg0] = timestamp;
}

moz*:::load-done
/start[pid, arg0] && (type[pid, arg0] == "URI" || type[pid, arg0] == "IMAGE_REQ") /
{	
	@[type[pid, arg0], "Network Requests - Done"] = count();
	this->elapsed = timestamp - start[pid, arg0];

	this->info = (struct nsTraceLoadInfo *) copyin(arg2,
	    sizeof (struct nsTraceLoadInfo));

	this->sc = copyinstr((uintptr_t)this->info->scheme);
	@scheme[pid, uid, type[pid, arg0], this->sc] = count();
	@schemeavg[pid, uid, type[pid, arg0], this->sc] = avg(this->elapsed);
	@schemesum[pid, uid, type[pid, arg0], this->sc] = sum(this->elapsed);

	this->si = copyinstr((uintptr_t)this->info->spec);
	@site[pid, uid, type[pid, arg0], this->si] = count();
	@siteavg[pid, uid, type[pid, arg0], this->si] = avg(this->elapsed);
	@sitesum[pid, uid, type[pid, arg0], this->si] = sum(this->elapsed);

	this->ct = copyinstr((uintptr_t)this->info->contentType) ;
	@ctype[pid, uid, type[pid, arg0], this->ct == "" ? "<null>":this->ct] = count();
	@ctypeavg[pid, uid, type[pid, arg0], this->ct == "" ? "<null>":this->ct] = avg(this->elapsed);
	@ctypesum[pid, uid, type[pid, arg0], this->ct == "" ? "<null>":this->ct] = sum(this->elapsed);

	this->fe = copyinstr((uintptr_t)this->info->fileExtension) ;
	@fext[pid, uid, type[pid, arg0], this->fe == "" ? "<null>":this->fe] = count();
	@fextavg[pid, uid, type[pid, arg0], this->fe == "" ? "<null>":this->fe] = avg(this->elapsed);
	@fextsum[pid, uid, type[pid, arg0], this->fe == "" ? "<null>":this->fe] = sum(this->elapsed);

	this->un = copyinstr((uintptr_t)this->info->username) ;
	@user[pid, uid, type[pid, arg0], this->un == "" ? "<null>":this->un] = count();
	@useravg[pid, uid, type[pid, arg0], this->un == "" ? "<null>":this->un] = avg(this->elapsed);
	@usersum[pid, uid, type[pid, arg0], this->un == "" ? "<null>":this->un] = sum(this->elapsed);

	this->hs = copyinstr((uintptr_t)this->info->host) ;
	@host[pid, uid, type[pid, arg0], this->hs == "" ? "<null>":this->hs] = count();
	@hostavg[pid, uid, type[pid, arg0], this->hs == "" ? "<null>":this->hs] = avg(this->elapsed);
	@hostsum[pid, uid, type[pid, arg0], this->hs == "" ? "<null>":this->hs] = sum(this->elapsed);

	start[pid, arg0] = 0;
	type[pid, arg0] = NULL;
}

dtrace:::END
{
	/* URI Stats */
	setopt("aggsortpos", "0");
	printf("\nLOAD PROBE STATS:\n\n");
	printf("%-11s %-38s %8s\n", "TYPE", "TOTAL", "COUNT");
	printa("%-11s %-38s %@8d\n", @);

	printf("\nURI structure:\n");
	printf("<scheme>://<username>:<password>@<host>:<port>//<directory><basename>.<extension>;<param>?<query>#<ref>\n");

	printf("\nBrowser requests by scheme,\n\n");
	normalize(@schemeavg, 1000000);
	normalize(@schemesum, 1000000);
	setopt("aggsortpos", "2");
	printf("%8s %8s %10s %8s %11s %11s   %-36s\n", "PID", "UID", "TYPE", "COUNT", "AVG(msec)", "SUM(msec)", "SCHEME");
	printa("%8d %8d %10s %@8d %@11d %@11d   %-36s\n", @scheme, @schemeavg, @schemesum);

	printf("\nBrowser requests by content type,\n\n");
	normalize(@ctypeavg, 1000000);
	normalize(@ctypesum, 1000000);
	printf("%8s %8s %10s %8s %11s %11s   %-36s\n", "PID", "UID", "TYPE", "COUNT", "AVG(msec)", "SUM(msec)", "CONTENT_TYPE");
	printa("%8d %8d %10s %@8d %@11d %@11d   %-36s\n", @ctype, @ctypeavg, @ctypesum);

	printf("\nBrowser requests by username (if used),\n\n");
	normalize(@useravg, 1000000);
	normalize(@usersum, 1000000);
	printf("%8s %8s %10s %8s %11s %11s   %-36s\n", "PID", "UID", "TYPE", "COUNT", "AVG(msec)", "SUM(msec)", "USERNAME");
	printa("%8d %8d %10s %@8d %@11d %@11d   %-36s\n", @user, @useravg, @usersum);

	printf("\nBrowser requests by file extension,\n\n");
	normalize(@fextavg, 1000000);
	normalize(@fextsum, 1000000);
	printf("%8s %8s %10s %8s %11s %11s   %-36s\n", "PID", "UID", "TYPE", "COUNT", "AVG(msec)", "SUM(msec)", "FILE_EXT");
	printa("%8d %8d %10s %@8d %@11d %@11d   %-36s\n", @fext, @fextavg, @fextsum);

	printf("\nBrowser requests by host,\n\n");
	normalize(@hostavg, 1000000);
	normalize(@hostsum, 1000000);
	printf("%8s %8s %10s %8s %11s %11s   %-36s\n", "PID", "UID", "TYPE", "COUNT", "AVG(msec)", "SUM(msec)", "HOST");
	printa("%8d %8d %10s %@8d %@11d %@11d   %-36s\n", @host, @hostavg, @hostsum);

	printf("\nTop %d sites,\n", top);
	trunc(@site, top);
	trunc(@siteavg, top);
	trunc(@sitesum, top);
	normalize(@siteavg, 1000000);
	normalize(@sitesum, 1000000);
	printf("\n%8s %8s %10s %8s   %-36s\n", "PID", "UID", "TYPE", "COUNT", "SITE");
	printa("%8d %8d %10s %@8d    %-36.80s\n", @site);
	printf("\n%8s %8s %10s %8s   %-36s\n\n", "PID", "UID", "TYPE", "AVG(msec)", "SITE");
	printa("%8d %8d %10s %@8d    %-36.80s\n", @siteavg);
	printf("\n%8s %8s %10s %8s   %-36s\n\n", "PID", "UID", "TYPE", "SUM(msec)", "SITE");
	printa("%8d %8d %10s %@8d    %-36.80s\n", @sitesum);

}