Feature #4436
closed
Provide API to run ndndump on nodes
Added by Ashlesh Gawande over 7 years ago. Updated about 1 month ago.
0%
Description
Also provide a script to process the log, example replacing IPs in ndndump with node names.
Updated by Ashlesh Gawande about 7 years ago
- Assignee set to Alexander Lane
Example usage of ndndump:
for host in net.hosts:
for intf in host.intfNames():
ndnDumpOutputFile = "dump.%s" % intf
host.cmd("sudo ndndump -f '.*sync.*|.*LSA.*' -i %s > %s &" % (intf, ndnDumpOutputFile))
Updated by Alexander Lane about 7 years ago
- Status changed from New to Code review
Updated by Junxiao Shi about 7 years ago
ndndump is very limited. It cannot recognize NDNLPv2 and a lot of other things. Why not tshark with NDN dissector for Wireshark?
Updated by Alexander Lane about 7 years ago
Junxiao Shi wrote:
ndndumpis very limited. It cannot recognize NDNLPv2 and a lot of other things. Why nottsharkwith NDN dissector for Wireshark?
While the NDN dissector cannot run on the Mininet nodes so long as their infrastructure makes it so that they run as root (unless this factor has changed and they haven't updated their readme), it would be possible to write capture logs for Wireshark if that's sufficiently distinguished from NDNDump.
Updated by Junxiao Shi about 7 years ago
the NDN dissector cannot run on the Mininet nodes so long as their infrastructure makes it so that they run as root
Mini-NDN installation procedure can modify /usr/share/wireshark/init.lua to disable superuser check:
38,52d37
< -- disable potentialy harmful lua functions when running superuser
< if running_superuser then
< local hint = "has been disabled due to running Wireshark as superuser. See https://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user."
< local disabled_lib = {}
< setmetatable(disabled_lib,{ __index = function() error("this package ".. hint) end } );
<
< dofile = function() error("dofile " .. hint) end
< loadfile = function() error("loadfile " .. hint) end
< loadlib = function() error("loadlib " .. hint) end
< require = function() error("require " .. hint) end
< os = disabled_lib
< io = disabled_lib
< file = disabled_lib
< end
<
sudo tshark -Xlua_script:ndn.lua works after applying the above patch.
Updated by Alexander Lane about 7 years ago
Junxiao Shi wrote:
the NDN dissector cannot run on the Mininet nodes so long as their infrastructure makes it so that they run as root
Mini-NDN installation procedure can modify
/usr/share/wireshark/init.luato disable superuser check:38,52d37 < -- disable potentialy harmful lua functions when running superuser < if running_superuser then < local hint = "has been disabled due to running Wireshark as superuser. See https://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user." < local disabled_lib = {} < setmetatable(disabled_lib,{ __index = function() error("this package ".. hint) end } ); < < dofile = function() error("dofile " .. hint) end < loadfile = function() error("loadfile " .. hint) end < loadlib = function() error("loadlib " .. hint) end < require = function() error("require " .. hint) end < os = disabled_lib < io = disabled_lib < file = disabled_lib < end <
sudo tshark -Xlua_script:ndn.luaworks after applying the above patch.
I'm adding it as a separate feature request (#4625) as it is separate from NDNDump in a material sense and should require more explicit consent from the user than is needed for NDNDump, which is a dependency and requires no special permissions or enabling of arbitrary script execution on a system.
Updated by Alexander Lane about 7 years ago
- Related to Feature #4625: Add support for the tshark NDN dissector added
Updated by Ashlesh Gawande about 7 years ago
In Mini-NDN it only works for me if I don't disable running_superuser check. Never mind didn't disable it correctly.
mini-ndn> a tshark -X lua_script:/usr/local/share/ndn-dissect-wireshark/ndn.lua -i a-eth0
Running as user "root" and group "root". This could be dangerous.
Capturing on 'a-eth0'
1 0.000000000 22:ed:cd:04:e9:86 → Broadcast ARP 42 Who has 1.0.0.2? Tell 1.0.0.1
2 0.010098492 MS-NLB-PhysServer-32_04:78:9a:d5:ad → 22:ed:cd:04:e9:86 ARP 42 1.0.0.2 is at 02:24:78:9a:d5:ad
3 0.020185288 1.0.0.1 → 1.0.0.2 UDP 90 6363 → 6363 Len=48
4 0.037076409 1.0.0.2 → 1.0.0.1 UDP 127 6363 → 6363 Len=85
5 5.110846137 MS-NLB-PhysServer-32_04:78:9a:d5:ad → 22:ed:cd:04:e9:86 ARP 42 Who has 1.0.0.1? Tell 1.0.0.2
6 5.120944420 22:ed:cd:04:e9:86 → MS-NLB-PhysServer-32_04:78:9a:d5:ad ARP 42 1.0.0.1 is at 22:ed:cd:04:e9:86
mini-ndn> a tshark -X lua_script:/usr/local/share/ndn-dissect-wireshark/ndn.lua -i a-eth0
Running as user "root" and group "root". This could be dangerous.
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:44: dofile has been disabled due to running Wireshark as superuser. See https://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user.
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:42: this package has been disabled due to running Wireshark as superuser. See https://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user.
Capturing on 'a-eth0'
1 0.000000000 1.0.0.1 → 1.0.0.2 UDP (NDN) 90 Interest /test/ping/12379631524154634954
2 0.010517694 1.0.0.2 → 1.0.0.1 UDP (NDN) 127 Data /test/ping/12379631524154634954
3 5.145647867 22:ed:cd:04:e9:86 → MS-NLB-PhysServer-32_04:78:9a:d5:ad ARP 42 Who has 1.0.0.2? Tell 1.0.0.1
4 5.145642394 MS-NLB-PhysServer-32_04:78:9a:d5:ad → 22:ed:cd:04:e9:86 ARP 42 Who has 1.0.0.1? Tell 1.0.0.2
5 5.155703797 22:ed:cd:04:e9:86 → MS-NLB-PhysServer-32_04:78:9a:d5:ad ARP 42 1.0.0.1 is at 22:ed:cd:04:e9:86
6 5.155726168 MS-NLB-PhysServer-32_04:78:9a:d5:ad → 22:ed:cd:04:e9:86 ARP 42 1.0.0.2 is at 02:24:78:9a:d5:ad
Updated by Saurab Dulal almost 5 years ago
- Target version changed from v0.5.0 to v0.6.0
Updated by Alexander Lane about 1 month ago
- Status changed from Code review to Abandoned