On Fri, 26 Dec 2008 21:14:56 +0100, Phil Dibowitz <phil@xxxxxxxx> wrote:
> So, re-reading usbmon.txt, it doesn't actually mention the wireshark
> support... but it sounds like I should be able to write something that just
> calls read() in /dev/usbmon0 and write() to some file, and give that
> straight to wireshark? Wireshark understand how to parse the binary API
> described in usbmon.txt?
Paolo added support to the original binary interface ("b0") into
libpcap, which is where tcpdump and wireshark get this capability.
To the best of my knowledge, "b1" is not supported, so wireshark
cannot use "bus zero" nor show interrupt itervals and ISO.
I don't know the details of the way UI is done, but you certainly
are not supposed to run cat on /dev/usbmon0. If you want to save
a trace, run tcpdump -w save.trace. The same format can be fed
to wireshark (although, it probably misses some things).
Keep in mind that the model of the world is different between
libpcap/tcpdump/wireshark and usbmon. The libpcap deals with
packets on the wire, whereas usbmon reports API events in kernel.
So, when libpcap captures usbmon events, it serializes them into
a stream of fake packets. Some meaning is ineviably lost then.
-- Pete
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
