RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00
Code Releases Activity

Merge pull request #3590 from authmillenon/dist/enh/rm-old-sniffer-script

Browse Source 
tools: replace old sniffer script with gnrc sniffer
This commit is contained in:
Martine Lenders 2015-08-09 23:52:21 +02:00
commit f68ff2ae25
4 changed files with 60 additions and 243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
dist/tools/ng_sniffer/README.md vendored
View File

@ -1,89 +0,0 @@
# RIOT Sniffer Application
## About
This sniffer script can be used to sniff network traffic using RIOT based
nodes. It is primarily designed for sniffing wireless data traffic, but can also
well be used for wired network traffic, as long as the used network devices
support promiscuous mode and output of raw data.
The sniffer is based on a RIOT node running the [ng_sniffer application](https://github.com/RIOT-OS/applications/tree/master/ng_sniffer) application located in [RIOTs application repository](https://github.com/RIOT-OS/applications).
This node outputs received network traffic via a serial port in the Wireshark
pcap format. This output is then parsed by the `ng_sniffer.py` script included
in this folder run on a host computer.
The `ng_sniffer.py` script is a modified version of [malvira's script](https://github.com/malvira/libmc1322x/blob/master/tools/rftestrx2pcap.py) for the Redbee Ecotag
(https://github.com/malvira/libmc1322x/wiki/wireshark).
## Dependencies
The `ng_sniffer.py` script needs [pyserial](https://pypi.python.org/pypi/pyserial).
Installing the dependencies:
#### Debuntu
apt-get install python-serial
#### PIP
pip install pyserial
## Usage
General usage:
1. Flash an applicable RIOT node with the sniffer application from
(https://github.com/RIOT-OS/applications/tree/master/ng_sniffer)
2. Run the `ng_sniffer.py` script
```
$ ./ng_sniffer.py <tty> <baudrate> <channel> [outfile]
```
The script has the following parameters:
- **tty:** The serial port the RIOT board is connected to. Under Linux, this is
typically something like /dev/ttyUSB0 or /dev/ttyACM0. Under Windows,
this is typically something like COM0 or COM1
- **baudrate:** The baudrate the serial port is configured to. The default in
RIOT is 115200, though this is defined per board and some boards
have some other value defined per default. NOTE: when sniffing
networks where the on-air bitrate is > baudrate, it makes sense
to increase the baudrate so no data is skipped when sniffing.
- **channel:** The radio channel to use when sniffing. Possible values vary and
depend on the link-layer that is sniffed. This parameter is
ignored when sniffing wired networks.
- **[outfile]:** When this parameter is specified, the sniffer output is saved
into this file. See the examples below for alternatives to
specifying this parameter. (optional)
### Examples
The following examples are made when using the sniffer application together with
an `iot-lab_M3` node that is connected to /dev/ttyUSB1 (or COM1) and runs per
default with a baudrate of 500000.
#### Linux
Dump packets to a file:
```
$ ./ng_sniffer.py /dev/ttyUSB1 500000 17 > foo.pcap
```
This .pcap can then be opened in wireshark.
Alternatively for live captures, you can pipe directly into wireshark with:
```
$ ./ng_sniffer.py /dev/ttyUSB1 500000 17 | wireshark -k -i -
```
#### Windows
For windows you can use the optional third argument to output to a
.pcap:
```
$ ./ng_sniffer.py COM1 500000 17 foo.pcap
```

88
dist/tools/sniffer/README.md vendored
View File

@ -1,28 +1,27 @@
Using Wireshark to sniff 802.15.4/Zigbee/6lowpan traffic:
=========================================================
# RIOT Sniffer Application
Software
--------
In order to sniff any radio packets use the sniffer application from the in the
RIOT applications repository (https://github.com/RIOT-OS/applications/).
## About
Generating a .pcap
------------------
This sniffer script can be used to sniff network traffic using RIOT based
nodes. It is primarily designed for sniffing wireless data traffic, but can also
well be used for wired network traffic, as long as the used network devices
support promiscuous mode and output of raw data.
The next step is to run the control python script, rftestrx2pcap.py,
(part of RIOT). This script will set the channel on the node and then create a
.pcap with the packets received. The script is a modified version of [malvira's
script](https://github.com/malvira/libmc1322x/blob/master/tools/rftestrx2pcap.py)
for the Redbee Ecotag (https://github.com/malvira/libmc1322x/wiki/wireshark).
The sniffer is based on a RIOT node running the [sniffer application](https://github.com/RIOT-OS/applications/tree/master/ng_sniffer) application located in [RIOTs application repository](https://github.com/RIOT-OS/applications).
This node outputs received network traffic via a serial port in the Wireshark
pcap format. This output is then parsed by the `sniffer.py` script included
in this folder run on a host computer.
### Download rftestrx2pcap.py
The `sniffer.py` script is a modified version of [malvira's script](https://github.com/malvira/libmc1322x/blob/master/tools/rftestrx2pcap.py) for the Redbee Ecotag
(https://github.com/malvira/libmc1322x/wiki/wireshark).
[rftestrx2pcap.py](rftestrx2pcap.py)
### Install dependencies
## Dependencies
Needs [pyserial](https://pypi.python.org/pypi/pyserial)
The `sniffer.py` script needs [pyserial](https://pypi.python.org/pypi/pyserial).
Installing the dependencies:
#### Debuntu
apt-get install python-serial
@ -30,28 +29,61 @@ Needs [pyserial](https://pypi.python.org/pypi/pyserial)
#### PIP
pip install pyserial
### Usage
./rftestrx2pcap.py tty chan [outfile]
## Usage
rftestrx2pcap.py takes the tty/com port as the first argument and the radio
channel as the second (from 0 through 24). The third argument is an optional
output file.
General usage:
1. Flash an applicable RIOT node with the sniffer application from
(https://github.com/RIOT-OS/applications/tree/master/sniffer)
2. Run the `sniffer.py` script
```
$ ./sniffer.py <tty> <baudrate> <channel> [outfile]
```
The script has the following parameters:
- **tty:** The serial port the RIOT board is connected to. Under Linux, this is
typically something like /dev/ttyUSB0 or /dev/ttyACM0. Under Windows,
this is typically something like COM0 or COM1
- **baudrate:** The baudrate the serial port is configured to. The default in
RIOT is 115200, though this is defined per board and some boards
have some other value defined per default. NOTE: when sniffing
networks where the on-air bitrate is > baudrate, it makes sense
to increase the baudrate so no data is skipped when sniffing.
- **channel:** The radio channel to use when sniffing. Possible values vary and
depend on the link-layer that is sniffed. This parameter is
ignored when sniffing wired networks.
- **[outfile]:** When this parameter is specified, the sniffer output is saved
into this file. See the examples below for alternatives to
specifying this parameter. (optional)
### Examples
The following examples are made when using the sniffer application together with
an `iot-lab_M3` node that is connected to /dev/ttyUSB1 (or COM1) and runs per
default with a baudrate of 500000.
#### Linux
Dump packets to a file:
```
$ ./sniffer.py /dev/ttyUSB1 500000 17 > foo.pcap
```
$ ./rftestrx2pcap.py /dev/ttyUSB1 10 > foo.pcap
This .pcap can then be opened in wireshark.
This .pcap can then be opened in wireshark.Alternatively for live
captures, you can pipe directly into wireshark with:
$ ./rftestrx2pcap.py /dev/ttyUSB1 10 | wireshark -k -i -
Alternatively for live captures, you can pipe directly into wireshark with:
```
$ ./sniffer.py /dev/ttyUSB1 500000 17 | wireshark -k -i -
```
#### Windows
For windows you can use the optional third argument to output to a
.pcap:
$ ./rftestrx2pcap.py /dev/ttyUSB1 26 foo.pcap
```
$ ./sniffer.py COM1 500000 17 foo.pcap
```

126
dist/tools/sniffer/rftestrx2pcap.py vendored
View File

@ -1,126 +0,0 @@
#!/usr/bin/env python2
'''
(C) 2012, Mariano Alvira <mar@devl.org>
(C) 2014, Oliver Hahm <oliver.hahm@inria.fr>
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the Institute nor the names of its contributors
may be used to endorse or promote products derived from this software
without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
'''
import sys,os,time
from struct import pack
import re
import serial
if len(sys.argv) < 3:
sys.stderr.write( "Usage: %s tty channel [outfile]\n" %(sys.argv[0]))
sys.stderr.write( " channel = 11-26\n")
sys.exit(2)
# change the channel
try:
serport = serial.Serial(sys.argv[1], baudrate=115200, dsrdtr=0, rtscts=0, timeout=1)
serport.setDTR(0)
serport.setRTS(0)
except IOError:
print "error opening port"
sys.exit(2)
time.sleep(1)
chanstr = ''
sys.stderr.write('chan %s\n' % sys.argv[2])
serport.write('chan %s\n' % sys.argv[2])
while 1:
c = serport.read(1)
if (c == '\n'):
chanstr = ''
continue
chanstr += c
m = re.match(".*channel: (\w+)", chanstr)
if m:
chan = int(m.group(1))
sys.stderr.write(chanstr + '\n')
break
try:
sys.stderr.write('writing to file %s \n' % (sys.argv[3]))
outfile = open(sys.argv[3], 'w+b')
except IndexError:
outfile = sys.stdout
sys.stderr.write("RX: 0\r")
### PCAP setup
MAGIC = 0xa1b2c3d4
MAJOR = 2
MINOR = 4
ZONE = 0
SIG = 0
SNAPLEN = 0xffff
NETWORK = 230 # 802.15.4 no FCS
# output overall PCAP header
outfile.write(pack('<LHHLLLL', MAGIC, MAJOR, MINOR, ZONE, SIG, SNAPLEN, NETWORK))
count = 0
fileempty = 1
newpacket = 0
try:
while 1:
line = serport.readline().rstrip()
m_rftestline = re.match(".*rftest-rx --- len 0x(\w\w).*", line)
if m_rftestline:
newpacket = 1
t = time.time()
sec = int(t)
usec = (t - sec) * 100000
length = int(m_rftestline.group(1), 16)
continue
# if this is a new packet, add a packet header
if newpacket == 1:
newpacket = 0
outfile.write(pack('<LLLL',sec,usec,length,length))
outfile.flush()
count += 1
sys.stderr.write("RX: %d\r" % count)
# clear file empty flag
if fileempty:
fileempty = 0
if fileempty == 0 :
# write payload
for d in line.split(' '):
# do a match because their might be a \r floating around
m = re.match('.*(\w\w).*', d)
if m:
outfile.write(pack('<B', int(m.group(1),16)))
outfile.flush()
except KeyboardInterrupt:
# cn.close()
sys.exit(2)

0
dist/tools/ng_sniffer/ng_sniffer.py → dist/tools/sniffer/sniffer.py vendored
View File