labeneator · January 21, 2013 20:57
diff --git a/gistfile1.txt b/gistfile1.txt
 # Process
 sh-3.2# ps aux | grep " [1]3\W"
 root              13   0.0  0.3  2497244  13416   ??  Rs   Thu08PM   1:52.96 /usr/libexec/opendirectoryd

 # What file thinks
 sh-3.2# file /usr/libexec/opendirectoryd
 /usr/libexec/opendirectoryd: Mach-O universal binary with 2 architectures
 /usr/libexec/opendirectoryd (for architecture x86_64):  Mach-O 64-bit executable x86_64
 /usr/libexec/opendirectoryd (for architecture i386):	Mach-O executable i386

 # Manuals
 sh-3.2# man -k opendirectory
 dsexport(1)              - export records from OpenDirectory
 odproxyd(8)              - OpenDirectory proxy daemon
 odutil(1)                - allows caller to examine or change state of opendirectoryd(8)
 opendirectoryd(8)        - is a launchd(8) job for client access to local or remote directory systems
 pam_opendirectory(8)     - OpenDirectory PAM module


 # Validation

 sh-3.2# launchctl list |grep opend
 13  -	com.apple.opendirectoryd

 sh-3.2# tshark -i en1 -c 100 -s0 -w traffic.pcap
 Capturing on en1
 100 
 3 packets dropped

 sh-3.2# launchctl stop com.apple.opendirectoryd

 sh-3.2# tshark -i en1 -c 100 -s0 -w traffic1.pcap
 Capturing on en1
 100 


 # Comparing the pcaps

 # With opendirectoryd running
 sh-3.2# tshark -r traffic.pcap -R "dns" |wc -l
     100

 sh-3.2# tshark -r traffic.pcap -R "dns" | awk 'BEGIN{start_time=end_time=0} { if(start_time == 0) start_time=$2; end_time=$2; } END{print "Time in seconds to capture 100 packets: " end_time - start_time}'
 Time in seconds to capture 100 packets: 3.58054


 # With opendirectoryd stopped.
 sh-3.2# tshark -r traffic1.pcap -R "dns" |wc -l
      31
 sh-3.2# tshark -r traffic1.pcap -R "dns" | awk 'BEGIN{start_time=end_time=0} { if(start_time == 0) start_time=$2; end_time=$2; } END{print "Time in seconds to capture 100 packets: " end_time - start_time}'
 Time in seconds to capture 100 packets: 23.101
	# Process
	sh-3.2# ps aux \| grep " [1]3\W"
	root 13 0.0 0.3 2497244 13416 ?? Rs Thu08PM 1:52.96 /usr/libexec/opendirectoryd

	# What file thinks
	sh-3.2# file /usr/libexec/opendirectoryd
	/usr/libexec/opendirectoryd: Mach-O universal binary with 2 architectures
	/usr/libexec/opendirectoryd (for architecture x86_64): Mach-O 64-bit executable x86_64
	/usr/libexec/opendirectoryd (for architecture i386): Mach-O executable i386

	# Manuals
	sh-3.2# man -k opendirectory
	dsexport(1) - export records from OpenDirectory
	odproxyd(8) - OpenDirectory proxy daemon
	odutil(1) - allows caller to examine or change state of opendirectoryd(8)
	opendirectoryd(8) - is a launchd(8) job for client access to local or remote directory systems
	pam_opendirectory(8) - OpenDirectory PAM module


	# Validation

	sh-3.2# launchctl list \|grep opend
	13 - com.apple.opendirectoryd

	sh-3.2# tshark -i en1 -c 100 -s0 -w traffic.pcap
	Capturing on en1
	100
	3 packets dropped

	sh-3.2# launchctl stop com.apple.opendirectoryd

	sh-3.2# tshark -i en1 -c 100 -s0 -w traffic1.pcap
	Capturing on en1
	100


	# Comparing the pcaps

	# With opendirectoryd running
	sh-3.2# tshark -r traffic.pcap -R "dns" \|wc -l
	100

	sh-3.2# tshark -r traffic.pcap -R "dns" \| awk 'BEGIN{start_time=end_time=0} { if(start_time == 0) start_time=$2; end_time=$2; } END{print "Time in seconds to capture 100 packets: " end_time - start_time}'
	Time in seconds to capture 100 packets: 3.58054


	# With opendirectoryd stopped.
	sh-3.2# tshark -r traffic1.pcap -R "dns" \|wc -l
	31
	sh-3.2# tshark -r traffic1.pcap -R "dns" \| awk 'BEGIN{start_time=end_time=0} { if(start_time == 0) start_time=$2; end_time=$2; } END{print "Time in seconds to capture 100 packets: " end_time - start_time}'
	Time in seconds to capture 100 packets: 23.101