1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
|
<!--startcut ======================================================= -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<META NAME="generator" CONTENT="lgazmail v1.3A.e">
<TITLE>The Answer Guy 48: Snooping on a Serial Port</TITLE>
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"
LINK="#3366FF" VLINK="#A000A0">
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<H4>"The Linux Gazette...<I>making Linux just a little more fun!</I>"</H4>
<P> <hr> <P>
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<center>
<H1><A NAME="answer">
<img src="../../gx/dennis/qbubble.gif" alt="(?)"
border="0" align="middle">
<font color="#B03060">The Answer Guy</font>
<img src="../../gx/dennis/bbubble.gif" alt="(!)"
border="0" align="middle">
</A></H1>
<BR>
<H4>By James T. Dennis,
<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a><BR>
LinuxCare,
<A HREF="http://www.linuxcare.com/">http://www.linuxcare.com/</A>
</H4>
</center>
<p><hr><p>
<!-- endcut ======================================================= -->
<!-- begin 52 -->
<H3 align="left"><img src="../../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Snooping on a Serial Port</H3>
<p><strong>From Rudy Moore on Mon, 11 Oct 1999
</strong></p>
<!-- ::
Snooping on a Serial Port
~~~~~~~~~~~~~~~~~~~~~~~~~
:: -->
<P><STRONG>
How can I snoop what an application is sending and receiving from a
serial port?
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
Look for ttysnoop. Here are a few URLs:
</BLOCKQUOTE>
<BLOCKQUOTE><DL><DT>
ttysnoop-0.12c-4.i386 RPM
<DD><A HREF="http://rufus.w3.org/linux/RPM/contrib/libc5/i386/ttysnoop-0.12c-4.i386.html"
>http://rufus.w3.org/linux/RPM/contrib/libc5/i386/ttysnoop-0.12c-4.i386.html</A>
</DL></BLOCKQUOTE>
<BLOCKQUOTE><DL><DT>
[freshmeat] ttysnoop
<DD><A HREF="http://freshmeat.net/appindex/1999/09/05/936520647.html"
>http://freshmeat.net/appindex/1999/09/05/936520647.html</A>
</DL></BLOCKQUOTE>
<BLOCKQUOTE><DL><DT>
<A HREF="http://www.debian.org/">Debian</A> GNU/Linux -- ttysnoop
<DD><A HREF="http://www.debian.org/Packages/unstable/admin/ttysnoop.html"
>http://www.debian.org/Packages/unstable/admin/ttysnoop.html</A>
</DL></BLOCKQUOTE>
<BLOCKQUOTE>
You might also look at:
</BLOCKQUOTE>
<BLOCKQUOTE><DL><DT>
Debian GNU/Linux -- ttylog
<DD><A HREF="http://www.debian.org/Packages/unstable/utils/ttylog.html"
>http://www.debian.org/Packages/unstable/utils/ttylog.html</A>
</DL></BLOCKQUOTE>
<BLOCKQUOTE>
... which is a similar program. You could probably use the
'alien' package (<A HREF="http://kitenet.net/programs/alien"
>http://kitenet.net/programs/alien</A>) to
convert the Debian package into some other format (like
RPM).
</BLOCKQUOTE>
<BLOCKQUOTE>
I trust you will be using these for ethical purposes.
</BLOCKQUOTE>
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
(Not sure if you prefer long or short questions, but I can elaborate if
you'd like more information.)
</STRONG></P>
<P><STRONG>
Rudy
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
I prefer questions that provide just enough information
that I can answer them. I like them to be just general
enough that they will be useful to some significant number
of the Linux Gazette readers and to the many people who
find my back issues using Yahoo!, Google, Alta Vista, Deja
and just specific enough that I can answer them in less
than five pages.
</BLOCKQUOTE>
<BLOCKQUOTE>
Oddly enough yours is the first question I can remember that
actually asked what sort of questions I prefer.
</BLOCKQUOTE>
<!-- sig -->
<!-- end 52 -->
<p><hr width="40%"><p>
<!-- begin 52 -->
<H3 align="left"><img src="../../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>More on: Snooping on a Serial Port</H3>
<p><strong>From rudy on Wed, 13 Oct 1999
</strong></p>
<!-- ::
More on: Snooping on a Serial Port
~~~~~~~~~~~~~~~~~~~~~~~~~
:: -->
<P><STRONG>
The problem with ttysnoop is that it's heavily oriented toward spying on a
network connection - which is different from protocol analysis. The first
begs the "ethical?" question, the second implies reverse engineering - or
debugging. And I would venture to say that debugging in this manner is
really just a form of reverse engineering, so...
</STRONG></P>
<P><STRONG>
I wrote a PERL frontend to strace and have made a pretty darn useful
protocol analyser. At some point in the future, I'll post my code so others
can benefit from it.
</STRONG></P>
<P><STRONG>
Thanks for the reply!
Rudy
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
I agree that ttysnoop isn't well-suited for
protocol analysis. However, I was unable to find
any tools specifically for that.
</BLOCKQUOTE>
<BLOCKQUOTE>
One thing that would be cool would be a modified form
of the serial device driver --- one that could used
to capture and log data as it is passed from the
interface to the userspace process.
</BLOCKQUOTE>
<BLOCKQUOTE>
This has shades of "STREAMS" gathering like storm clouds
over it. The ability to attach filters into the streams
of data on UNIX device driver is a major feature of STREAMS.
There is an optional set of STREAMS patches (LiS) available
for Linux. However, they are not part of the standard
interfaces and drivers (and probably never will be).
</BLOCKQUOTE>
<BLOCKQUOTE>
One of the key arguments against STREAMS in the mainstream
Linux kernel is that we have the driver sources available.
If we need to add custom filtering, logging, etc, into
those at a low level --- we should modify the driver.
This prevents the rest of the drivers from suffering
from bloat and performance restrictions that would be
necessary to fully support the STREAMS infrastructure.
(Those are the arguments as I remember and understand
them. I'm not a kernel or device driver developer
and don't really have a qualified opinion on the whole
debate).
</BLOCKQUOTE>
<BLOCKQUOTE>
Of course, if the 'strace' solution is working for you, then
use it. It sounds interesting and useful. However, if
'strace' doesn't do it, or it costs too much load for
your purposes, maybe you could use a patched driver.
</BLOCKQUOTE>
<!-- sig -->
<!-- end 52 -->
<p><hr width="40%"><p>
<!-- begin 52 -->
<H3 align="left"><img src="../../gx/dennis/qbubble.gif"
height="50" width="60" alt="(?) " border="0"
>Another Call for Serial Snooping</H3>
<p><strong>From VETTER Joe on Tue, 12 Oct 1999
</strong></p>
<!-- ::
Another Call for Serial Snooping
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
:: -->
<P><STRONG>
Hi,
</STRONG></P>
<P><STRONG>
I have a program which communicates through the serial port to a data
logger. The program is not very functional and I would like to reproduce it.
The problem is I do not know the commands to send to request data from the
data logger. I am looking for a program which will monitor the data passing
in and out of the serial port, without actually stopping the other program
from using the serial port. Any ideas ?
</STRONG></P>
<P><STRONG>
Thanks in Advance
</STRONG></P>
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
HEIGHT="28" WIDTH="50" BORDER="0"
>
Look for ttysnoop. This is a package that is
specifically designed to "listen in on" Linux ttys
(serial or console).
</BLOCKQUOTE>
<BLOCKQUOTE>
Here's the Freshmeat pointer:
</BLOCKQUOTE>
<BLOCKQUOTE><BlockQuote>
<A HREF="http://freshmeat.net/appindex/1999/09/05/936520647.html"
>http://freshmeat.net/appindex/1999/09/05/936520647.html</A>
</BlockQuote></BLOCKQUOTE>
<!-- sig -->
<!-- end 52 -->
<!--startcut ======================================================= -->
<P> <hr> <P>
<H5 align="center"><a href="http://www.linuxgazette.com/copying.html"
>Copyright ©</a> 1999, James T. Dennis
<BR>Published in <I>The Linux Gazette</I> Issue 48 December 1999</H5>
<H6 ALIGN="center">HTML transformation by
<A HREF="mailto:star@starshine.org">Heather Stern</a> of
Starshine Technical Services,
<A HREF="http://www.starshine.org/">http://www.starshine.org/</A>
</H6>
<P> <hr> <P>
<!-- begin tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::-->
<TABLE WIDTH="95%"><TR VALIGN="center" ALIGN="center">
<TD colspan="2" rowspan="2"><A
HREF="../lg_answer48.html"
><IMG SRC="../../gx/dennis/answernew.gif"
ALT="[ Answer Guy Current Index ]"></A>
<TD colspan="2" rowspan="2"><A
HREF="../../tag/kb.html"
><IMG SRC="../../gx/dennis/answertoc.gif"
ALT="[ Index of Past Answers ]"></A></td>
<TD WIDTH="11%"><A HREF="../lg_answer48.html#greeting"><img
src="../../gx/dennis/smily.gif" alt="greetings" border="0"></A></TD>
<TD WIDTH="11%"><A HREF="1.html">1</A></TD>
<TD WIDTH="11%"><A HREF="2.html">2</A></TD>
<TD WIDTH="11%"><A HREF="3.html">3</A></TD>
<TD WIDTH="11%"><A HREF="4.html">5</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
<TD WIDTH="11%"><A HREF="5.html">5</A></TD>
<TD WIDTH="11%"><A HREF="6.html">6</A></TD>
<TD WIDTH="11%"><A HREF="7.html">7</A></TD>
<TD WIDTH="11%"><A HREF="8.html">8</A></TD>
<TD WIDTH="11%"><A HREF="9.html">9</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
<TD WIDTH="10%"><A HREF="10.html">10</A></TD>
<TD WIDTH="10%"><A HREF="11.html">11</A></TD>
<TD WIDTH="10%"><A HREF="12.html">12</A></TD>
<TD WIDTH="10%"><A HREF="13.html">13</A></TD>
<TD WIDTH="11%"><A HREF="14.html">14</A></TD>
<TD WIDTH="11%"><A HREF="15.html">15</A></TD>
<TD WIDTH="11%"><A HREF="16.html">16</A></TD>
<TD WIDTH="11%"><A HREF="17.html">17</A></TD>
<TD WIDTH="11%"><A HREF="18.html">18</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
<TD WIDTH="10%"><A HREF="19.html">19</A></TD>
<TD WIDTH="10%"><A HREF="20.html">20</A></TD>
<TD WIDTH="10%"><A HREF="21.html">21</A></TD>
<TD WIDTH="10%"><A HREF="22.html">22</A></TD>
<TD WIDTH="11%"><A HREF="23.html">23</A></TD>
<TD WIDTH="11%"><A HREF="24.html">24</A></TD>
<TD WIDTH="11%"><A HREF="25.html">25</A></TD>
<TD WIDTH="11%"><A HREF="26.html">26</A></TD>
<TD WIDTH="11%"><A HREF="27.html">27</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
<TD WIDTH="10%"><A HREF="28.html">28</A></TD>
<TD WIDTH="10%"><A HREF="29.html">29</A></TD>
<TD WIDTH="10%"><A HREF="30.html">30</A></TD>
<TD WIDTH="10%"><A HREF="31.html">31</A></TD>
<TD WIDTH="11%"><A HREF="32.html">32</A></TD>
<TD WIDTH="11%"><A HREF="33.html">33</A></TD>
<TD WIDTH="11%"><A HREF="34.html">34</A></TD>
<TD WIDTH="11%"><A HREF="35.html">35</A></TD>
<TD WIDTH="11%"><A HREF="36.html">36</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
<TD WIDTH="10%"><A HREF="37.html">37</A></TD>
<TD WIDTH="10%"><A HREF="38.html">38</A></TD>
<TD WIDTH="10%"><A HREF="39.html">39</A></TD>
<TD WIDTH="10%"><A HREF="40.html">40</A></TD>
<TD WIDTH="11%"><A HREF="41.html">41</A></TD>
<TD WIDTH="11%"><A HREF="42.html">42</A></TD>
<TD WIDTH="11%"><A HREF="43.html">43</A></TD>
<TD WIDTH="11%"><A HREF="44.html">44</A></TD>
<TD WIDTH="11%"><A HREF="45.html">45</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
<TD WIDTH="10%"><A HREF="46.html">46</A></TD>
<TD WIDTH="10%"><A HREF="47.html">47</A></TD>
<TD WIDTH="10%"><A HREF="48.html">48</A></TD>
<TD WIDTH="10%"><A HREF="49.html">49</A></TD>
<TD WIDTH="11%"><A HREF="50.html">50</A></TD>
<TD WIDTH="11%"><A HREF="51.html">51</A></TD>
<TD WIDTH="11%"><A HREF="52.html">52</A></TD>
<TD WIDTH="11%"><A HREF="53.html">53</A></TD>
<TD WIDTH="11%"><A HREF="54.html">54</A></TD>
</TR><TR VALIGN="center" ALIGN="center">
<TD colspan="3"><A HREF="55.html">55</A></TD>
<TD colspan="3"><A HREF="56.html">56</A></TD>
<TD colspan="3"><A HREF="57.html">57</A></TD>
</TR></TABLE>
</TR><TR VALIGN="center" ALIGN="center">
<!-- end tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::::-->
<P> <hr> <P>
<!-- begin lgnav ::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<A HREF="../index.html"
><IMG SRC="../../gx/indexnew.gif" ALT="[ Table Of Contents ]"></A>
<A HREF="../../index.html"
><IMG SRC="../../gx/homenew.gif" ALT="[ Front Page ]"></A>
<A HREF="../lg_bytes48.html"
><IMG SRC="../../gx/back2.gif" ALT="[ Previous Section ]"></A>
<A HREF="../../faq/index.html"
><IMG SRC="../../gx/dennis/faq.gif"
ALT="[ Linux Gazette FAQ ]"></A>
<A HREF="../lg_tips48.html"
><IMG SRC="../../gx/fwd.gif" ALT="[ Next Section ]"></A>
<!-- end lgnav ::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
</BODY></HTML>
<!--endcut ========================================================= -->
|
