mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-12-26 06:53:52 +01:00
Merge pull request #3884 from cgundogan/pr/sniffer/socketify
sniffer: extend script to support sockets
This commit is contained in:
Cenk Gündoğan
commit
0b7c7fbbb6
48
dist/tools/sniffer/README.md
vendored
48
dist/tools/sniffer/README.md
vendored
@ -9,7 +9,7 @@ well be used for wired network traffic, as long as the used network devices
|
||||
support promiscuous mode and output of raw data.
|
||||
|
||||
The sniffer is based on a RIOT node running the [sniffer application](https://github.com/RIOT-OS/applications/tree/master/sniffer) application located in [RIOTs application repository](https://github.com/RIOT-OS/applications).
|
||||
This node outputs received network traffic via a serial port in the Wireshark
|
||||
This node outputs received network traffic via a serial port or a network socket in the Wireshark
|
||||
pcap format. This output is then parsed by the `sniffer.py` script included
|
||||
in this folder run on a host computer.
|
||||
|
||||
@ -38,19 +38,30 @@ General usage:
|
||||
(https://github.com/RIOT-OS/applications/tree/master/sniffer)
|
||||
|
||||
2. Run the `sniffer.py` script
|
||||
For serial port:
|
||||
```
|
||||
$ ./sniffer.py <tty> <baudrate> <channel> [outfile]
|
||||
$ ./sniffer.py serial <tty> <baudrate> <channel> [outfile]
|
||||
```
|
||||
For network socket:
|
||||
```
|
||||
$ ./sniffer.py socket <host> <port> <channel> [outfile]
|
||||
```
|
||||
The script has the following parameters:
|
||||
|
||||
- **connType:** The type of connection to use. Either `serial` for serial ports or
|
||||
`socket` for network sockets.
|
||||
- **host:** The host if the `socket` connection type is in use.
|
||||
- **port:** The port of the host if the `socket` connection type is in use.
|
||||
- **tty:** The serial port the RIOT board is connected to. Under Linux, this is
|
||||
typically something like /dev/ttyUSB0 or /dev/ttyACM0. Under Windows,
|
||||
this is typically something like COM0 or COM1
|
||||
this is typically something like COM0 or COM1. This option is used
|
||||
for the `serial` connection type.
|
||||
- **baudrate:** The baudrate the serial port is configured to. The default in
|
||||
RIOT is 115200, though this is defined per board and some boards
|
||||
have some other value defined per default. NOTE: when sniffing
|
||||
networks where the on-air bitrate is > baudrate, it makes sense
|
||||
to increase the baudrate so no data is skipped when sniffing.
|
||||
This option is used for the `serial` connection type.
|
||||
- **channel:** The radio channel to use when sniffing. Possible values vary and
|
||||
depend on the link-layer that is sniffed. This parameter is
|
||||
ignored when sniffing wired networks.
|
||||
@ -62,28 +73,45 @@ The script has the following parameters:
|
||||
### Examples
|
||||
|
||||
The following examples are made when using the sniffer application together with
|
||||
an `iotlab-m3` node that is connected to /dev/ttyUSB1 (or COM1) and runs per
|
||||
default with a baudrate of 500000.
|
||||
an `iotlab-m3` node that is connected to /dev/ttyUSB1 (or COM1) (`serial` connection type)
|
||||
and runs per default with a baudrate of 500000. For the `socket` connection type port 20000
|
||||
is used.
|
||||
|
||||
#### Linux
|
||||
#### Linux (serial)
|
||||
|
||||
Dump packets to a file:
|
||||
```
|
||||
$ ./sniffer.py /dev/ttyUSB1 500000 17 > foo.pcap
|
||||
$ ./sniffer.py serial /dev/ttyUSB1 500000 17 > foo.pcap
|
||||
```
|
||||
|
||||
This .pcap can then be opened in wireshark.
|
||||
|
||||
Alternatively for live captures, you can pipe directly into wireshark with:
|
||||
```
|
||||
$ ./sniffer.py /dev/ttyUSB1 500000 17 | wireshark -k -i -
|
||||
$ ./sniffer.py serial /dev/ttyUSB1 500000 17 | wireshark -k -i -
|
||||
```
|
||||
|
||||
#### Windows
|
||||
#### Windows (serial)
|
||||
|
||||
For windows you can use the optional third argument to output to a
|
||||
.pcap:
|
||||
|
||||
```
|
||||
$ ./sniffer.py COM1 500000 17 foo.pcap
|
||||
$ ./sniffer.py serial COM1 500000 17 foo.pcap
|
||||
```
|
||||
|
||||
#### IoT-Lab Testbed (socket)
|
||||
|
||||
Start an experiment either via the website provided by the IoT-Lab testbed or
|
||||
by using the RIOT specific iotlab Makefile with 3 neighboring `iotlab-m3` nodes,
|
||||
where one of them runs the sniffer application and the others run the `gnrc_networking` application.
|
||||
|
||||
Now you can bind the sniffer node to localhost:
|
||||
ssh -L 20000:_node-id_:20000 _user_@_site_.iot-lab.info
|
||||
|
||||
Then you can dump or observe the traffic generated by the other nodes running the `gnrc_networking`
|
||||
application via one of the following commands:
|
||||
```
|
||||
$ ./sniffer.py socket localhost 20000 26 > foo.pcap
|
||||
$ ./sniffer.py socket localhost 20000 26 | wireshark -k -i -
|
||||
```
|
||||
|
||||
54
dist/tools/sniffer/sniffer.py
vendored
54
dist/tools/sniffer/sniffer.py
vendored
@ -1,9 +1,11 @@
|
||||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
'''
|
||||
(C) 2012, Mariano Alvira <mar@devl.org>
|
||||
(C) 2014, Oliver Hahm <oliver.hahm@inria.fr>
|
||||
(C) 2015, Hauke Petersen <hauke.petersen@fu-berlin.de>
|
||||
(C) 2015, Martine Lenders <mlenders@inf.fu-berlin.de>
|
||||
(C) 2015, Cenk Gündoğan <cnkgndgn@gmail.com>
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions
|
||||
@ -33,6 +35,7 @@ SUCH DAMAGE.
|
||||
from __future__ import print_function
|
||||
import sys
|
||||
import re
|
||||
import socket
|
||||
from time import sleep, time
|
||||
from struct import pack
|
||||
from serial import Serial
|
||||
@ -103,29 +106,53 @@ def generate_pcap(port, out):
|
||||
out.flush()
|
||||
|
||||
|
||||
def connect(argv):
|
||||
connType = argv[1]
|
||||
|
||||
conn = None
|
||||
if connType == "serial":
|
||||
# open serial port
|
||||
try:
|
||||
conn = Serial(argv[2], argv[3], dsrdtr=0, rtscts=0,
|
||||
timeout=1)
|
||||
except IOError:
|
||||
print("error opening serial port", file=sys.stderr)
|
||||
sys.exit(2)
|
||||
elif connType == "socket":
|
||||
host = argv[2]
|
||||
port = int(argv[3])
|
||||
|
||||
try:
|
||||
sock = socket.socket()
|
||||
sock.connect((host, port))
|
||||
conn = sock.makefile("r+b", bufsize=0)
|
||||
except IOError:
|
||||
print("error connecting to %s:%s" % (host, port), file=sys.stderr)
|
||||
sys.exit(2)
|
||||
else:
|
||||
print("error: unsupported connection type. Use \"serial\" or \"socket\"")
|
||||
sys.exit(2)
|
||||
|
||||
return conn
|
||||
|
||||
def main(argv):
|
||||
if len(argv) < 4:
|
||||
print("Usage: %s tty baudrate channel [outfile]" % (argv[0]),
|
||||
if len(argv) < 5:
|
||||
print("Usage: %s serial tty baudrate channel [outfile]\n"
|
||||
" %s socket host port channel [outfile]" % (argv[0], argv[0]),
|
||||
file=sys.stderr)
|
||||
print(" channel = 11-26", file=sys.stderr)
|
||||
sys.exit(2)
|
||||
|
||||
# open serial port
|
||||
try:
|
||||
serport = Serial(argv[1], argv[2], dsrdtr=0, rtscts=0,
|
||||
timeout=1)
|
||||
except IOError:
|
||||
print("error opening port", file=sys.stderr)
|
||||
sys.exit(2)
|
||||
conn = connect(argv)
|
||||
|
||||
sleep(1)
|
||||
configure_interface(serport, int(argv[3]))
|
||||
configure_interface(conn, int(argv[4]))
|
||||
sleep(1)
|
||||
|
||||
# figure out where to write
|
||||
try:
|
||||
sys.stderr.write('trying to open file %s\n' % argv[4])
|
||||
outfile = open(argv[4], 'w+b')
|
||||
sys.stderr.write('trying to open file %s\n' % argv[5])
|
||||
outfile = open(argv[5], 'w+b')
|
||||
except IndexError:
|
||||
if sys.version_info > (3,):
|
||||
outfile = sys.stdout.buffer
|
||||
@ -133,8 +160,9 @@ def main(argv):
|
||||
outfile = sys.stdout
|
||||
|
||||
try:
|
||||
generate_pcap(serport, outfile)
|
||||
generate_pcap(conn, outfile)
|
||||
except KeyboardInterrupt:
|
||||
conn.close()
|
||||
print()
|
||||
sys.exit(2)
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user