On 08/06/2014 08:46 AM, Christian Aurich wrote:
> reading blog about sniffing NRF24 data with wireshark [1] I wondered if
> would be possible to use sigrok in conjunction with Wireshark. Basically I
> would like to use wireshark to dissect my traffic say on an SPI line. In one
> case I have a device that transfers ethernet data over SPI. But while
> developing the linux driver for this SPI device I also would like to be able
> to see the SPI protocoll to work as expected... For this use I cannot
> imagine to work with sigrok alone - simply because I would not bother to
> implement an ethernet decoder for it ;)
We've long said that libsigrokdecode's protocol stack should end where
wireshark starts. Ethernet frames are a clear delimiter here, and indeed
this is where piping sigrok output into wireshark should start.
The question for integration on this level has come up a few times, but
nobody's ever started work on it. We'd be happy to see it!
> So maybe there is an easy solution available already. Otherwise this
> should be a discussion about how to implement such a feature... I already
> had a start reading and understanding the sigrok code and am willing to
> implement such a feature.
Interfacing with wireshark would basically be the job of a libsigrok +
libsigrokdecode client. Get data from hardware, feed to SRD with a
SPI/nRF24L01 stack, and feed the output of that into wireshark. Where that
client lives is an interesting design decision -- either a separate program
that drives both the sigrok libs and wireshark, or as a wireshark plugin of
sorts.
For a good idea on how to use SRD, take a look at the API:
http://sigrok.org/api/libsigrokdecode/unstable/index.html
And the source code of sigrok-cli, particularly decode.c and the parts of
main.c between #ifdef HAVE_SRD/#endif directives.
You'll want the SRD_OUTPUT_BINARY output type. This is the raw protocol
decoder output (as opposed to annotated text).
> Generally the full duplex nature of SPI could be a problem for wireshark...
> I have never seen any implementations of high level protocols that use SPI
> in full duplex, usually they switch between tx and rx in some point of the
> transmission. But just from watching the SPI you are not able to know where
> this point is. Therefore one might need to use a sigrok high level decoder
> to be useful with wireshark...
Indeed, SPI is not a good fit for wireshark. But the frames coming out of
our nRF24l01 PD are, I should think.
> [1] http://hackaday.com/2014/08/05/sniffing-nrf24l01-traffic-with-wireshark/
That guy really, really needs a little FX2 board and
http://sigrok.org/wiki/Protocol_decoder:Nrf24l01
--
Bert Vermeulen [email protected] email/xmpp
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
sigrok-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/sigrok-devel
