Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Monitoring (Sniffing) /dev/ttyUSB0 created by FTDI USB Serial Converter

I want to monitor (sniff) the traffic of my /dev/ttyUSB0 which is created by FTDI USB Serial Converter. I've written my own application in Windows and now I try to port it to linux and use /dev/tty/USB0. I want to debug the communication that actually happens.

The software strace is not an option for me because it only shows the syscalls to ioctl.

Using Windows the software "Free Serial Port Monitor" did it by sniffing COM1.

Output of dmesg:

[16975.000221] usb 7-1: new full-speed USB device number 5 using  uhci_hcd
[16975.193543] usb 7-1: New USB device found, idVendor=0403, idProduct=6001
[16975.193548] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[16975.193552] usb 7-1: Product: FT232R USB UART
[16975.193555] usb 7-1: Manufacturer: FTDI
[16975.193558] usb 7-1: SerialNumber: A400BJII
[16975.200550] ftdi_sio 7-1:1.0: FTDI USB Serial Device converter detected
[16975.200599] usb 7-1: Detected FT232RL
[16975.202604] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0

However I tried moserial to do this and the command "echo foobar > /dev/ttyUSB0" to verify, if it works. Also my software doesn't create an output to moserial.

UPDATE:

Found out how to monitor usb directly, now I need to convert USB packets to RS-232 (what FTDI basically does).

  1. Setup usbmon

    modprobe usbmon

    1.1 With Linux kernels prior to 2.6.23, you will also need to run this command

    modprobe -t debugfs none /sys/kernel/debug

  2. usbmon0 will monitor any traffic from all usbmon0 to usbmonX 2.1. Find the correct usb device

    cat /sys/kernel/debug/usb/devices|grep FTDI -A 7 -B 4

    T:  Bus=07 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#= 12 Spd=12   MxCh= 0
    D:  Ver= 2.00 Cls=00(>ifc ) Sub=00 Prot=00 MxPS= 8 #Cfgs=  1
    P:  Vendor=0403 ProdID=6001 Rev= 6.00
    S:  Manufacturer=FTDI
    S:  Product=FT232R USB UART
    S:  SerialNumber=A400BJII
    C:* #Ifs= 1 Cfg#= 1 Atr=a0 MxPwr= 90mA
    I:* If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=ftdi_sio
    E:  Ad=81(I) Atr=02(Bulk) MxPS=  64 Ivl=0ms
    E:  Ad=02(O) Atr=02(Bulk) MxPS=  64 Ivl=0ms
    

    2.2. Note Bus number of the port (Bus=07), so usbmon to monitor will be usbmon7

    2.3. Use wireshark to capture the usbmon7 interface or use following command to get output to the console (stdout) ... replace the number with bus-id

    cat /sys/kernel/debug/usb/usbmon/7u

    What means 'u'? https://www.kernel.org/doc/Documentation/usb/usbmon.txt

    Two formats are supported currently: the original, or '1t' format, and the '1u' format. The '1t' format is deprecated in kernel 2.6.21. The '1u' format adds a few fields, such as ISO frame descriptors, interval, etc. It produces slightly longer lines, but otherwise is a perfect superset of '1t' format.

  3. How do I convert the USB capture to RS-232 capture? I don't know it ... TODO

like image 739
nodna Avatar asked Feb 19 '16 12:02

nodna


People also ask

How do I know if FTDI is working?

Instructions for Windows 10In Device Manager, expand Ports (COM & LPT) and select your serial port. The port number may not match what is shown here. Double-click the serial port and the USB Serial Port Properties dialog will appear. Go to the General tab and verify that the manufacturer is FTDI.

What is Dev ttyUSB0?

It is the order that the devices are detected. ttyUSB means "USB serial port adapter" and the "0" (or "1" or whatever) is the device number. ttyUSB0 is the first one found, ttyUSB1 is the second etc.

What is ttyS1?

Linux offers various tools and commands to access serial ports. Linux uses ttySx for a serial port device name. For example, COM1 (DOS/Windows name) is ttyS0, COM2 is ttyS1, and so on. USB based serial ports might use a name such as ttySUSB0.

What is FTDI adapter?

The FTDI cable is a USB to Serial (TTL level) converter which allows for a simple way to connect TTL interface devices to USB. The I/O pins of this FTDI cable are configured to operate at 5V. The FTDI cable is designed around an FT232RQ, which is housed in a USB A connector.


1 Answers

With your hint I managed to solve my problem, so there it is my hint for the last point:

  1. Using Wireshark, open usbmon0 and use this filter

    usb.capdata or at
    

Issuing two times the command echo asd > /dev/ttyUSB0 produces the result below in Wireshark

Wireshark result

You can extract the whole Leftover Capture Data from a capture file using tshark:

tshark -r capture.pcapng -T fields -e usb.capdata

like image 173
garlix Avatar answered Oct 11 '22 12:10

garlix



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!