Closed rewingchow1 closed 3 years ago
zhipengzhaocmu
commented
3 years ago To answer your second question.
Pigasus only processes UDP/TCP packets currently. You can find a simple pcap in hardware/rtl_sim/input_sim, which should contain 100 packets and generate 10 matches. ARP packets may confuse the system. If you want to check how many Ethernet packets have been received by Pigasus, I recommend using chkmac_stats in the system console, which gives you the Ethernet level info.
hsadok
commented
3 years ago Hi Randy,
Thanks for opening the issue. Can you confirm you have the kernel headers installed?
You should be able to install them with:
sudo apt install linux-headers-$(uname -r)In fact, I just remembered that you may need to recompile the kernel with CMA enabled. But that's not the problem you are having now.
rewingchow1
commented
3 years ago Yes I do have the kernel headers installed.
hsadok
commented
3 years ago Okay. I figured out the problem. We only tested Pigasus in Ubuntu 16.04 and 18.04. Your kernel is much newer, (I assume you are using Ubuntu 20.04?). Unfortunately, newer kernels seem to break some of the headers we rely on.
The easiest thing for you to do is to run it on Ubuntu 18.04 -- which we know that works. You can also try to replace some of the calls as suggested here: https://stackoverflow.com/questions/59828144/what-is-the-equivalent-of-current-kernel-time-in-linux-kernel-v5
rewingchow1
commented
3 years ago Hi Hugo, can you link me to the exact Ubuntu 16.04 and 18.04 versions you guys are using. We will do a full install on Monday.
hsadok
commented
3 years ago I don't think the exact version matters. But Ubuntu 18.04.5 should work.
rewingchow1
commented
3 years ago Are you guys using a desktop version or a server version?
Would these fit? https://releases.ubuntu.com/16.04.7/?_ga=2.32577470.1497073479.1628266277-1915050766.1628266277 https://releases.ubuntu.com/18.04.5/?_ga=2.32577470.1497073479.1628266277-1915050766.1628266277
zhipengzhaocmu
commented
3 years ago Desktop version. 64-bit.
hsadok
commented
3 years ago Hi Randy,
Apparently newly downloads 18.04 come with a newer kernel. But you can get kernel 4.15 by running:
sudo apt install linux-genericThen, make sure to select the older kernel in GRUB or change the default so it always boots using 4.15 (e.g., https://unix.stackexchange.com/questions/198003/set-default-kernel-in-grub)
rewingchow1
commented
3 years ago Part 1 of issue is fixed with Ubuntu 18.04 with kernel 4.15.0-153.
rewingchow1
commented
3 years ago Issues with command: sudo pigasus -c snort.lua --patterns ~/rule_list
zhipengzhaocmu
commented
3 years ago Sorry, we cannot share the ruleset publicly as the Snort Registered Rules we used requires purchase on Snort website. However, we will create a sample rule soon to make sure that the software can run successfully and the sample pcap can work as expected.
zhipengzhaocmu
commented
3 years ago If the CPU side is not your focus, you can discard all of the packets that go to the CPU. In this case, you only need to load the FPGA bitstream without installing/running software. We found it very helpful for isolating the hardware/software issues. To do that, you only need to type disable_pcie in the system console after typing source path.tcl.
zhipengzhaocmu
commented
3 years ago Please see the latest commit.
rewingchow1
commented
3 years ago Our focus is currently on hardware as we are not seeing any packets being received as we are directly connected with our Packet Generator FPGA with ARPs and UDP packets being sent.
1) Error when inserting the kernel module.
2) Reading back received and processed packets
This is how I program the chip through the programmer GUI,
I then send ARPs from our packet generator using osmode on our Napatech board which has both ports connected directly to the Pigasus board. In the JTAG system console I test all three JTAG options and do not see any packets other than 1 coming in and being processed by the Pigasus board.