Sensniff & foren6

[arurke]

Hi, not an issue, but you can label as question?

Have you tried combining CC2531 USB, sensniff and the foren6 tool? I am not sure about the correct configuration in foren6 for this, so I tried different source combinations: pcap file, FIFO file, directly from ttyACM1 etc. without any luck.

Regards, Andreas U.

[g-oikonomou]

I know of Foren6, but never tried to combine the two. Can Foren6 read PCAP from a FIFO? This is what sensniff does.

Might be worth pinging Laurent and Sébastien but I'm on mobile device and I cannot remember their GH aliases!

[arurke]

There is actually a separate source-type called "sensnif" but I cannot find any doc. around it. Also type snif for contiki-based sniffers, and then pcap for pcap-files. I think I went through all combinations of these and the pcap/non-pcap output from sensniff.

As you said, maybe @laurentderu or @sdawans can shed some light.

[laurentderu]

Foren6 is able to use any pcap source which behave like a FIFO, so it works with the sensniff application. However this mode is not optimal and sometimes the FIFO gets stuck and stops working.

In the develop branch of Foren6 we have added support for the raw sensniff protocol, meaning that you can directly interface Foren6 with a sniffer without the sensniff application. We should update the documentation and release it as it seems mature.

[arurke]

I believe I tested using the sensniff source-type (although I believe I was on the master branch) directly on the /dev/ttyACMx without any luck. I will re-visit this when I have time and test again, thanks for your feedback.

[laurentderu]

I will crosscheck too, maybe the top repository is referencing an older version of capture submodule.

[arurke]

I revisited this using latest sensniff and master branch of Foren6 - works like a charm on my CC1310em on SRF-board. I tried both using the sensniff device as source and also the pcap from sensniff.py (which also lets you watch real-time both in foren6 and wireshark (might come in handy)).