http://klaus.ede.ase.au.dk/index.php?title=Remote_monitoring&feed=atom&action=historyRemote monitoring - Revision history2024-03-28T13:46:00ZRevision history for this page on the wikiMediaWiki 1.23.13http://klaus.ede.ase.au.dk/index.php?title=Remote_monitoring&diff=2105&oldid=prevKlaus at 15:28, 4 February 20182018-02-04T15:28:30Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 15:28, 4 February 2018</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 21:</td>
<td colspan="2" class="diff-lineno">Line 21:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>to determine the name of the interface to listen to on the development board.  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>to determine the name of the interface to listen to on the development board.  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>The final dash (-) before the pipe (|) is a redirection of the standard output to the pipe and, as you can see, wireshark reads from what comes through the pipe. The -k option tells Wireshark to start immediately.  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>The final dash (-) before the pipe (|) is a redirection of the standard output to the pipe and, as you can see, wireshark reads from what comes through the pipe. The -k option tells Wireshark to start immediately<ins class="diffchange diffchange-inline">. The standard output data, form tcpdump, is automagically sent over the ssh connection back to the host and piped into wireshark</ins>.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Note: The graphical version of Wireshark comes on some systems in either ''wireshark-gtk'' or ''wireshark-qt'' for GTK based desktops (like GNOME) or qt base desktops (like KDE) or on other systems just as wireshark. Find out which one is available for you.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Note: The graphical version of Wireshark comes on some systems in either ''wireshark-gtk'' or ''wireshark-qt'' for GTK based desktops (like GNOME) or qt base desktops (like KDE) or on other systems just as wireshark. Find out which one is available for you.</div></td></tr>
</table>Klaushttp://klaus.ede.ase.au.dk/index.php?title=Remote_monitoring&diff=2104&oldid=prevKlaus at 15:26, 4 February 20182018-02-04T15:26:38Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 15:26, 4 February 2018</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Sometimes it can be difficult to determine why a network application doesn't work as expected. Wireshark and Tcpdump are two utilities that can help you monitor the packets going back and forth between two computers.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Sometimes it can be difficult to determine why a network application doesn't work as expected. Wireshark and Tcpdump are two utilities that can help you monitor the packets going back and forth between two computers.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">Wireshark is a graphical overlay to </del>tcpdump<del class="diffchange diffchange-inline">, which is the workhorse tapping the </del>packets <del class="diffchange diffchange-inline">directly from </del>the <del class="diffchange diffchange-inline">ethernet </del>interface. See <del class="diffchange diffchange-inline">more over at [https://www.wireshark.org/]</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>tcpdump <ins class="diffchange diffchange-inline">can capture </ins>packets <ins class="diffchange diffchange-inline">on </ins>the <ins class="diffchange diffchange-inline">network </ins>interface <ins class="diffchange diffchange-inline">and output the caputred data to the console - or to a file</ins>. <ins class="diffchange diffchange-inline">(''</ins>See <ins class="diffchange diffchange-inline">man tcpdump'') </ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Wireshark <del class="diffchange diffchange-inline">can read dumps made by tcpdump, so on your development board you can set-up tcpdump (''see man tcpdump'') to dump </del>captured <del class="diffchange diffchange-inline">packets into </del>a <del class="diffchange diffchange-inline">file</del>.  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>Wireshark <ins class="diffchange diffchange-inline">is a graphical program showing the </ins>captured <ins class="diffchange diffchange-inline">data in </ins>a <ins class="diffchange diffchange-inline">easily readable way. A powerful tool. See more over at [https://www.wireshark</ins>.<ins class="diffchange diffchange-inline">org/]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>Wireshark can read the output file from tcpdump if you move to your development host <del class="diffchange diffchange-inline">and present the packets in a nice graphical way</del>.  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">Wireshark can read dumps made by tcpdump, so on your development board without graphical display you can set-up tcpdump to dump captured packets into a file. </ins>Wireshark can read the output file from tcpdump if you move to your development host.  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>If you have a network connection to your development board you can watch the traffic live by issuing a command like this:</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>If you have a network connection to your development board you can watch the traffic live by issuing a command like this:</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 21:</td>
<td colspan="2" class="diff-lineno">Line 21:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>to determine the name of the interface to listen to on the development board.  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>to determine the name of the interface to listen to on the development board.  </div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>The final dash (-) before the pipe (|) is a redirection of the standard output to the pipe and as you can see wireshark reads from what comes through the pipe. The -k option tells Wireshark to start immediately. The graphical version of Wireshark comes on some systems in either ''wireshark-gtk'' or ''wireshark-qt'' for GTK based desktops (like GNOME) or qt base desktops (like KDE).</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>The final dash (-) before the pipe (|) is a redirection of the standard output to the pipe and<ins class="diffchange diffchange-inline">, </ins>as you can see<ins class="diffchange diffchange-inline">, </ins>wireshark reads from what comes through the pipe. The -k option tells Wireshark to start immediately.  </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div> </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">Note: </ins>The graphical version of Wireshark comes on some systems in either ''wireshark-gtk'' or ''wireshark-qt'' for GTK based desktops (like GNOME) or qt base desktops (like KDE) <ins class="diffchange diffchange-inline">or on other systems just as wireshark. Find out which one is available for you</ins>.</div></td></tr>
</table>Klaushttp://klaus.ede.ase.au.dk/index.php?title=Remote_monitoring&diff=2103&oldid=prevKlaus at 15:13, 4 February 20182018-02-04T15:13:55Z<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 15:13, 4 February 2018</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 13:</td>
<td colspan="2" class="diff-lineno">Line 13:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></source></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div></source></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>What this command does is that it creates a '''SSH''' connection to the target on '''target_IP_address''' and normally it is port '''22''' ''ssh'' listens on, but you may have configured it to listen on another port. (''ssh root@target_IP_address -p 22'')</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>What this command does is that it creates a '''SSH''' connection to the target on '''target_IP_address''' and normally it is port '''22''' ''ssh'' listens on, but you may have configured it to listen on another port. (''ssh root@target_IP_address -p 22'')<ins class="diffchange diffchange-inline">. It may be convienien to have a passwordless, i.e. using your ssh keys, so you don't have to login every time.</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Over at the target we execute tcpdump with a number of commandline arguments of which two are of interest (''tcpdump -U -s0 'not port 22' -i enp6s0 -w -''): The port number that the ssh connection is made on (typical port 22) - we don't want to have that traffic to clutter up our dump. Second point of interest is the ethernet adapter, here it is '''enp6s0''', but it could also be like '''eth0''' or similar.  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Over at the target we execute tcpdump with a number of commandline arguments of which two are of interest (''tcpdump -U -s0 'not port 22' -i enp6s0 -w -''): The port number that the ssh connection is made on (typical port 22) - we don't want to have that traffic to clutter up our dump. Second point of interest is the ethernet adapter, here it is '''enp6s0''', but it could also be like '''eth0''' or similar.  </div></td></tr>
</table>Klaushttp://klaus.ede.ase.au.dk/index.php?title=Remote_monitoring&diff=2102&oldid=prevKlaus: Created page with "Sometimes it can be difficult to determine why a network application doesn't work as expected. Wireshark and Tcpdump are two utilities that can help you monitor the packets go..."2018-02-04T15:10:42Z<p>Created page with "Sometimes it can be difficult to determine why a network application doesn't work as expected. Wireshark and Tcpdump are two utilities that can help you monitor the packets go..."</p>
<p><b>New page</b></p><div>Sometimes it can be difficult to determine why a network application doesn't work as expected. Wireshark and Tcpdump are two utilities that can help you monitor the packets going back and forth between two computers.<br />
<br />
Wireshark is a graphical overlay to tcpdump, which is the workhorse tapping the packets directly from the ethernet interface. See more over at [https://www.wireshark.org/]<br />
<br />
Wireshark can read dumps made by tcpdump, so on your development board you can set-up tcpdump (''see man tcpdump'') to dump captured packets into a file. <br />
<br />
Wireshark can read the output file from tcpdump if you move to your development host and present the packets in a nice graphical way. <br />
<br />
If you have a network connection to your development board you can watch the traffic live by issuing a command like this:<br />
<br />
<source lang=bash><br />
$] ssh root@target_IP_address -p 22 tcpdump -U -s0 'not port 22' -i enp6s0 -w - | wireshark-qt -k -i -<br />
</source><br />
<br />
What this command does is that it creates a '''SSH''' connection to the target on '''target_IP_address''' and normally it is port '''22''' ''ssh'' listens on, but you may have configured it to listen on another port. (''ssh root@target_IP_address -p 22'')<br />
<br />
Over at the target we execute tcpdump with a number of commandline arguments of which two are of interest (''tcpdump -U -s0 'not port 22' -i enp6s0 -w -''): The port number that the ssh connection is made on (typical port 22) - we don't want to have that traffic to clutter up our dump. Second point of interest is the ethernet adapter, here it is '''enp6s0''', but it could also be like '''eth0''' or similar. <br />
<br />
Use <br />
<source lang=bash>ip a </source> <br />
to determine the name of the interface to listen to on the development board. <br />
<br />
The final dash (-) before the pipe (|) is a redirection of the standard output to the pipe and as you can see wireshark reads from what comes through the pipe. The -k option tells Wireshark to start immediately. The graphical version of Wireshark comes on some systems in either ''wireshark-gtk'' or ''wireshark-qt'' for GTK based desktops (like GNOME) or qt base desktops (like KDE).</div>Klaus