search

RIOT-OS / applications

Some useful RIOT applications
GNU Lesser General Public License v2.1
41 stars 36 forks source link

sniffer: remove gnrc_netif header; read LQI #33

Closed miri64 closed 6 years ago

miri64 commented 6 years ago

Since the device is in raw mode, we don't have any network layer modules included and we subscribe to GNRC_NETTYPE_UNDEF it is safe to assume that pkt->next in dump_pkt() is the gnrc_netif header. This only contains GNRC-internal information and should thus be removed from the dump (though Wireshark seems to be okay with the extra bytes, a reader of the raw data might be confused).

Since this header however contains the LQI, which the sniffer claims to output but always returns 0, the LQI value in the gnrc_netif header is read and set before the deletion of that header.

miri64 commented 6 years ago

@cgundogan are you still planning to test?

cgundogan commented 6 years ago

@cgundogan are you still planning to test?

@miri64 nope:

% ./sniffer.py serial /dev/ttyACM1 500000 17 | wireshark-gtk -k -i -
Traceback (most recent call last):
  File "./sniffer.py", line 171, in <module>
    main(sys.argv)
  File "./sniffer.py", line 149, in main
    configure_interface(conn, int(argv[4]))
  File "./sniffer.py", line 63, in configure_interface
    match = re.search(r'^Iface +(\d+)', line.decode())
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf8 in position 2: invalid start byte

It probably is just a config error somewhere on my side, @pyropeter do you want to test? It seems to work for you.

pyropeter commented 6 years ago

I will test this.

By the way: I got the same error as @cgundogan until I lowered the baud rate to 115200.

jnohlgard commented 6 years ago

Looks like the sniffer script needs better input sanitation for when there are garbage characters in the stream.

miri64 commented 6 years ago

Yeah... the LQI isn't even parsed by the script, so this PR shouldn't make the problem (and it doesn't make sense to test this PR with that script either then ;-)).

miri64 commented 6 years ago

(as a "try to get it to fail" test, yes, but not as functionality test. There it is enough if with make term is shown as a hex value now ;-))

miri64 commented 6 years ago

@cgundogan @pyropeter @gebart but regarding input sanitation: have a look at #35

pyropeter commented 6 years ago

This seems to work. The output shows some values as LQI, and wireshark still shows the traffic.

cgundogan commented 6 years ago

@pyropeter thanks a bunch!

pyropeter commented 6 years ago

To add LQI information to the packet dump, we should wait for https://github.com/pcapng/pcapng/issues/48

miri64 commented 6 years ago

Question is, if developments to PCAPNG are backported to PCAP ;-)