Document version: 0.14 2017-02-07 --ro 6LowPAN sniffer using wireshark protocol analyzer ================================================= Intro ------ Contiki has generic code how to turn different platforms and motes into packet sniffers. The code resides in Contiki distro in examples/sensniff. This document describes how to use avr-rss2 motes. Wireshark has excellent parsing of the 6LoWPAN protcols. Wiring ------ Mote conneted to USB-ttl cable connected to computer. How it works ------------ Mote with firmware captures raw 802.15.4 packets. Sends them to serial port typicall /dev/ttyUSB. sensniff.py reads and creates a named pipe (fifo) name is /tmp/sensniff This is feed into wireshark. Components needed ----------------- * avrdude for flashing firmware * avr-rss2 mote/USB-TTL cable * Firmware to be flashed. * senssniff * wireshark UART speed ---------- 500kbaud References ----------- Prebuilt firmware for AtMega256RFR2 running 16MHz xtal and UART speed 500kbuad. http://www.radio-sensors.com/download/firmware/S2/sniffer/sensniff-16M-500kbaud-2.avr-rss2 Sensniff from George Oikonomou https://github.com/g-oikonomou/sensniff Installation ------------ avrdude -p m256rfr2 -c stk500v2 -P /dev/ttyUSB0 -b 38400 -e -U flash:w:sensniff.avr-rss2 git clone https://github.com/g-oikonomou/sensniff#run-wireshark It's a good idea to set speed 'baud_rate': 500000, in senssniff.py Next get Wireshark for computer. typically apt-get. Run --- sudo /usr/local/src/sensniff/sensniff.py wireshark -i /tmp/sensniff -k Colors in wireshark listings ---------------------------- For colorful parsing the wireshark preferens needs to be modified. See instructions sensniff for this. See the "Run wireshark" chapter. Also it seems like current wireshark can not parse all framers. framer_802154 seems to work. Typically configuered in Contiki. #define NETSTACK_CONF_FRAMER framer_802154 wireshark display filters ------------------------- Display filters can help to filter and focus monitoring and debugging. Examples: src and dst ip6 address ipv6.addr== fd02::fec2:3d00:1:856b RPL control message filter icmpv6.type==155 Thanks Voravit...