Difference between revisions of "ECE497 Project WireShark"

From eLinux.org
Jump to: navigation, search
m (small update on user instructions and timeline added)
Line 46: Line 46:
 
Software requirements:
 
Software requirements:
 
Wireshark installed on your host computer  
 
Wireshark installed on your host computer  
 
+
{| style="color:green; background-color:CDCDCD;" cellpadding="10" cellspacing="0" border="1"
sudo apt-get install wireshark  
+
|-
 +
|sudo apt-get install wireshark
 +
|-
 +
|}
  
  
Line 54: Line 57:
 
do a git clone on our repository to get all the sources you need  
 
do a git clone on our repository to get all the sources you need  
  
type make to build the binaries out of the code
+
To build the binary of the wireparser you just have to type make. No additional configuration is required. 
 +
 
 +
{| style="color:green; background-color:CDCDCD;" cellpadding="10" cellspacing="0" border="1"
 +
|-
 +
|make
 +
|-
 +
|}
 +
 
 +
If you do a ls on your directory you should have following files in there.
 +
Now it is time to set up the beaglebone black for further ...
 +
 
 +
ssh to your beaglebone and check if tcpdump is installed
 +
 
 +
if not install it
 +
 
 +
do this ssh identities ...
 +
 
 +
Now everything is prepared for the actual operation.
 +
You can now type
 +
{| style="color:green; background-color:CDCDCD;" cellpadding="10" cellspacing="0" border="1"
 +
|-
 +
|sudo ./run.sh to set everything up
 +
|-
 +
|}
  
type sudo ./run.sh to set everything up
+
The run script sets up everything for correct operation ...  
please look at our source code if you do not trust our code.  
+
now continue with user instructions.
  
 
   
 
   
Line 68: Line 94:
  
 
== User Instructions ==
 
== User Instructions ==
 +
Now the graphical interface of wireshark should pop up and you sholuld see the traffic flowing through the network of the beagle. ....
 +
  
 
Once everything is installed, how do you use the program?  Give details here, so if you have a long user manual, link to it here.
 
Once everything is installed, how do you use the program?  Give details here, so if you have a long user manual, link to it here.

Revision as of 16:10, 4 November 2013

thumb‎ Embedded Linux Class by Mark A. Yoder


Team members: Ben Paras, Manuel Stephan

Grading Template

I'm using the following template to grade. Each slot is 10 points. 0 = Missing, 5=OK, 10=Wow!

00 Executive Summary
00 Installation Instructions 
00 User Instructions
00 Highlights
00 Theory of Operation
00 Work Breakdown
00 Future Work
00 Conclusions
00 Demo
00 Late
Comments: I'm looking forward to seeing this.

Score:  10/100

(Inline Comment)

Executive Summary

We want to try to port WireShark and see what we could get working on the BeagleBone.

As it was a problem to get wireshark compiled on the beaglebone after some skype sessions with Patrick Vogelaar, Graduate student in Advanced Communications at Napier in Edinburgh we thought of the problem in a different way. Instead of porting ressource consuming wireshark to the beaglebone we use tcpdump on the bone to just monitor the traffic. The traffic is tehn piped through ssh to the host computer and then analyzed by wireshark. So we get use the full capability of wireshark on a host computer and use lean tcpdump on the beaglebone.

Packaging

If you have hardware, consider Small Build, Big Execuition for ideas on the final packaging.

Installation Instructions

Hardware requirements: Beagle Bone Black Linux host computer USB cable Ethernet Cable

Software requirements: Wireshark installed on your host computer

sudo apt-get install wireshark


Getting the sources:

do a git clone on our repository to get all the sources you need

To build the binary of the wireparser you just have to type make. No additional configuration is required.

make

If you do a ls on your directory you should have following files in there. Now it is time to set up the beaglebone black for further ...

ssh to your beaglebone and check if tcpdump is installed

if not install it

do this ssh identities ...

Now everything is prepared for the actual operation. You can now type

sudo ./run.sh to set everything up

The run script sets up everything for correct operation ... now continue with user instructions.


  • Include your github path as a link like this to the read-only git site: https://github.com/MarkAYoder/gitLearn.
  • Be sure your README.md is includes an up-to-date and clear description of your project so that someone who comes across you git repository can quickly learn what you did and how they can reproduce it.
  • Include a Makefile for you code.
  • Include any additional packages installed via opkg.
  • Include kernel mods.
  • If there is extra hardware needed, include links to where it can be obtained.

User Instructions

Now the graphical interface of wireshark should pop up and you sholuld see the traffic flowing through the network of the beagle. ....


Once everything is installed, how do you use the program? Give details here, so if you have a long user manual, link to it here.

Highlights

Here is where you brag about what your project can do.

Include a YouTube demo.

Theory of Operation

Overview of the System.

This part is currently under construction ... so the information provided is not jet finalized ...

The beaglebone black is attached to ethernet. Tcpdump is running on the beaglebone in a special mode and listens to eth0. The beaglebone is connected with a host via ssh over the usb interface. All data captured by tcpdump is forwarded over ssh to the host computer. The host computer provides 2 named pipes so called fifos. All the ssh traffic is piped to the first fifo. The wireparser reads out of the fifo and filters non pcap stuff out. Then the filtered packages are piper to fifo2. Wireshark is started in a special mode to read out of fifo 2 and provides a graphical interface for analysis of the packets.

No matter that we are using very low ressource consuming tcpdump on the beaglebone we do have the capability for live captures and analysis of the networktraffic.

Work Breakdown

Job to do: Get wireshark running on the beagelbone black.


Requirements Specification

The user shall be able to monitor tcp/ip traffic on the beaglebone black. The user shall be able to use wiresharks large capabilities to filter and analyze datapackets.

The user should be able to use a graphical interface.


Major tasks: Evaluation of the portability of wireshark to the beaglebone black.

Cross compile approach.

Thinking of the problem in a different way. Evaluating if the traffic can be monitored in a other way.

Find out how to filter out ssh relikts.

Writing the parser.

Testing the parser.

Find out how named pipes work. Putting it all together Write a makefile to compile the sources.


List the major tasks in your project and who did what.

Also list here what doesn't work yet and when you think it will be finished and who is finishing it.


Timeline and major milestones of the project.

Future Work

Suggest addition things that could be done with this project.

Conclusions

Give some concluding thoughts about the project. Suggest some future additions that could make it even more interesting.




thumb‎ Embedded Linux Class by Mark A. Yoder