diff --git a/dist/tools/ng_sniffer/README.md b/dist/tools/ng_sniffer/README.md deleted file mode 100644 index 1451b722d0..0000000000 --- a/dist/tools/ng_sniffer/README.md +++ /dev/null @@ -1,89 +0,0 @@ -# RIOT Sniffer Application - - -## About - -This sniffer script can be used to sniff network traffic using RIOT based -nodes. It is primarily designed for sniffing wireless data traffic, but can also -well be used for wired network traffic, as long as the used network devices -support promiscuous mode and output of raw data. - -The sniffer is based on a RIOT node running the [ng_sniffer application](https://github.com/RIOT-OS/applications/tree/master/ng_sniffer) application located in [RIOTs application repository](https://github.com/RIOT-OS/applications). -This node outputs received network traffic via a serial port in the Wireshark -pcap format. This output is then parsed by the `ng_sniffer.py` script included -in this folder run on a host computer. - -The `ng_sniffer.py` script is a modified version of [malvira's script](https://github.com/malvira/libmc1322x/blob/master/tools/rftestrx2pcap.py) for the Redbee Ecotag -(https://github.com/malvira/libmc1322x/wiki/wireshark). - - -## Dependencies - -The `ng_sniffer.py` script needs [pyserial](https://pypi.python.org/pypi/pyserial). - -Installing the dependencies: - -#### Debuntu - apt-get install python-serial - -#### PIP - pip install pyserial - - -## Usage - -General usage: - -1. Flash an applicable RIOT node with the sniffer application from -(https://github.com/RIOT-OS/applications/tree/master/ng_sniffer) - -2. Run the `ng_sniffer.py` script -``` -$ ./ng_sniffer.py [outfile] -``` -The script has the following parameters: - -- **tty:** The serial port the RIOT board is connected to. Under Linux, this is - typically something like /dev/ttyUSB0 or /dev/ttyACM0. Under Windows, - this is typically something like COM0 or COM1 -- **baudrate:** The baudrate the serial port is configured to. The default in - RIOT is 115200, though this is defined per board and some boards - have some other value defined per default. NOTE: when sniffing - networks where the on-air bitrate is > baudrate, it makes sense - to increase the baudrate so no data is skipped when sniffing. -- **channel:** The radio channel to use when sniffing. Possible values vary and - depend on the link-layer that is sniffed. This parameter is - ignored when sniffing wired networks. -- **[outfile]:** When this parameter is specified, the sniffer output is saved - into this file. See the examples below for alternatives to - specifying this parameter. (optional) - - -### Examples - -The following examples are made when using the sniffer application together with -an `iot-lab_M3` node that is connected to /dev/ttyUSB1 (or COM1) and runs per -default with a baudrate of 500000. - -#### Linux - -Dump packets to a file: -``` -$ ./ng_sniffer.py /dev/ttyUSB1 500000 17 > foo.pcap -``` - -This .pcap can then be opened in wireshark. - -Alternatively for live captures, you can pipe directly into wireshark with: -``` -$ ./ng_sniffer.py /dev/ttyUSB1 500000 17 | wireshark -k -i - -``` - -#### Windows - -For windows you can use the optional third argument to output to a -.pcap: - -``` -$ ./ng_sniffer.py COM1 500000 17 foo.pcap -``` diff --git a/dist/tools/sniffer/README.md b/dist/tools/sniffer/README.md index 2ab867c660..d2f72624fe 100644 --- a/dist/tools/sniffer/README.md +++ b/dist/tools/sniffer/README.md @@ -1,28 +1,27 @@ -Using Wireshark to sniff 802.15.4/Zigbee/6lowpan traffic: -========================================================= +# RIOT Sniffer Application -Software --------- -In order to sniff any radio packets use the sniffer application from the in the -RIOT applications repository (https://github.com/RIOT-OS/applications/). +## About -Generating a .pcap ------------------- +This sniffer script can be used to sniff network traffic using RIOT based +nodes. It is primarily designed for sniffing wireless data traffic, but can also +well be used for wired network traffic, as long as the used network devices +support promiscuous mode and output of raw data. -The next step is to run the control python script, rftestrx2pcap.py, -(part of RIOT). This script will set the channel on the node and then create a -.pcap with the packets received. The script is a modified version of [malvira's -script](https://github.com/malvira/libmc1322x/blob/master/tools/rftestrx2pcap.py) -for the Redbee Ecotag (https://github.com/malvira/libmc1322x/wiki/wireshark). +The sniffer is based on a RIOT node running the [sniffer application](https://github.com/RIOT-OS/applications/tree/master/ng_sniffer) application located in [RIOTs application repository](https://github.com/RIOT-OS/applications). +This node outputs received network traffic via a serial port in the Wireshark +pcap format. This output is then parsed by the `sniffer.py` script included +in this folder run on a host computer. -### Download rftestrx2pcap.py +The `sniffer.py` script is a modified version of [malvira's script](https://github.com/malvira/libmc1322x/blob/master/tools/rftestrx2pcap.py) for the Redbee Ecotag +(https://github.com/malvira/libmc1322x/wiki/wireshark). -[rftestrx2pcap.py](rftestrx2pcap.py) -### Install dependencies +## Dependencies -Needs [pyserial](https://pypi.python.org/pypi/pyserial) +The `sniffer.py` script needs [pyserial](https://pypi.python.org/pypi/pyserial). + +Installing the dependencies: #### Debuntu apt-get install python-serial @@ -30,28 +29,61 @@ Needs [pyserial](https://pypi.python.org/pypi/pyserial) #### PIP pip install pyserial -### Usage - ./rftestrx2pcap.py tty chan [outfile] +## Usage -rftestrx2pcap.py takes the tty/com port as the first argument and the radio -channel as the second (from 0 through 24). The third argument is an optional -output file. +General usage: + +1. Flash an applicable RIOT node with the sniffer application from +(https://github.com/RIOT-OS/applications/tree/master/sniffer) + +2. Run the `sniffer.py` script +``` +$ ./sniffer.py [outfile] +``` +The script has the following parameters: + +- **tty:** The serial port the RIOT board is connected to. Under Linux, this is + typically something like /dev/ttyUSB0 or /dev/ttyACM0. Under Windows, + this is typically something like COM0 or COM1 +- **baudrate:** The baudrate the serial port is configured to. The default in + RIOT is 115200, though this is defined per board and some boards + have some other value defined per default. NOTE: when sniffing + networks where the on-air bitrate is > baudrate, it makes sense + to increase the baudrate so no data is skipped when sniffing. +- **channel:** The radio channel to use when sniffing. Possible values vary and + depend on the link-layer that is sniffed. This parameter is + ignored when sniffing wired networks. +- **[outfile]:** When this parameter is specified, the sniffer output is saved + into this file. See the examples below for alternatives to + specifying this parameter. (optional) + + +### Examples + +The following examples are made when using the sniffer application together with +an `iot-lab_M3` node that is connected to /dev/ttyUSB1 (or COM1) and runs per +default with a baudrate of 500000. #### Linux Dump packets to a file: +``` +$ ./sniffer.py /dev/ttyUSB1 500000 17 > foo.pcap +``` - $ ./rftestrx2pcap.py /dev/ttyUSB1 10 > foo.pcap +This .pcap can then be opened in wireshark. -This .pcap can then be opened in wireshark.Alternatively for live -captures, you can pipe directly into wireshark with: - - $ ./rftestrx2pcap.py /dev/ttyUSB1 10 | wireshark -k -i - +Alternatively for live captures, you can pipe directly into wireshark with: +``` +$ ./sniffer.py /dev/ttyUSB1 500000 17 | wireshark -k -i - +``` #### Windows For windows you can use the optional third argument to output to a .pcap: - $ ./rftestrx2pcap.py /dev/ttyUSB1 26 foo.pcap +``` +$ ./sniffer.py COM1 500000 17 foo.pcap +``` diff --git a/dist/tools/sniffer/rftestrx2pcap.py b/dist/tools/sniffer/rftestrx2pcap.py deleted file mode 100755 index 55f5d3dd3e..0000000000 --- a/dist/tools/sniffer/rftestrx2pcap.py +++ /dev/null @@ -1,126 +0,0 @@ -#!/usr/bin/env python2 -''' -(C) 2012, Mariano Alvira -(C) 2014, Oliver Hahm -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. -''' - -import sys,os,time -from struct import pack -import re -import serial - -if len(sys.argv) < 3: - sys.stderr.write( "Usage: %s tty channel [outfile]\n" %(sys.argv[0])) - sys.stderr.write( " channel = 11-26\n") - sys.exit(2) - -# change the channel - -try: - serport = serial.Serial(sys.argv[1], baudrate=115200, dsrdtr=0, rtscts=0, timeout=1) - serport.setDTR(0) - serport.setRTS(0) -except IOError: - print "error opening port" - sys.exit(2) - -time.sleep(1) -chanstr = '' -sys.stderr.write('chan %s\n' % sys.argv[2]) -serport.write('chan %s\n' % sys.argv[2]) -while 1: - c = serport.read(1) - if (c == '\n'): - chanstr = '' - continue - chanstr += c - m = re.match(".*channel: (\w+)", chanstr) - if m: - chan = int(m.group(1)) - sys.stderr.write(chanstr + '\n') - break - -try: - sys.stderr.write('writing to file %s \n' % (sys.argv[3])) - outfile = open(sys.argv[3], 'w+b') -except IndexError: - outfile = sys.stdout - -sys.stderr.write("RX: 0\r") - -### PCAP setup -MAGIC = 0xa1b2c3d4 -MAJOR = 2 -MINOR = 4 -ZONE = 0 -SIG = 0 -SNAPLEN = 0xffff -NETWORK = 230 # 802.15.4 no FCS - -# output overall PCAP header -outfile.write(pack('