On Fri, 15 Nov 2013, vichy wrote: > hi Alan > > 2013/11/14 Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>: > > On Thu, 14 Nov 2013, vichy wrote: > > > >> hi all: > >> I have some questions: > >> 1. if I need to capture all the data host capture from bus, usb mon > >> binary can reach this goal? > > > > Yes. > > > >> 2. if #1 is Yes. from usb mon text I need > >> a. compile kernel with usbmon support > >> b. access /dev/usbmonx > >> c. feed the binary file to wireshark. > >> in b), shall we write a user mode program? > > > > No, just use the usbmon program. However, it creates a text file, not > > a binary file. You can't feed the output to wireshark. > > If you want binary output that wireshark can use, you have to run a > > different program like tcpdump or dumpcap. Read the four lines above... > > > >> if so, is there any sample flow I can reference? > > > > See the README file and the man page that are part of the usbmon > > package: > > > > http://people.redhat.com/zaitcev/linux/usbmon-6.tar.gz > > > I download and compile the file you mention. > when I run the binary as below with option -a1, I still cannot see binary file. Did you read those four lines above? > # ./usbmon -i usb1 -a1 > f2acb600 0.568167 S Ci:1:001:0 s a3 00 0000 0001 0004 4 < > f2acb600 0.568181 C Ci:1:001:0 0 4 = > 00010000 > f2acb600 0.568186 S Ci:1:001:0 s a3 00 0000 0002 0004 4 < > f2acb600 0.568193 C Ci:1:001:0 0 4 = > 01050100 > f2acb600 0.568199 S Co:1:001:0 s 23 01 0010 0002 0000 0 > f2acb600 0.568205 C Co:1:001:0 0 0 > f2acb600 0.568209 S Ci:1:001:0 s a3 00 0000 0003 0004 4 < > f2acb600 0.568213 C Ci:1:001:0 0 4 = > # > # ls > # ls > COPYING Makefile README usbmon usbmon.8 usbmon.c usbmon.o > # > > > Did I use the wrong option or the only way to get binary is using tcpdump? Read those four lines. Alan Stern -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
