Como descarregar tráfego USB?

9

Eu tenho um gamepad USB e gostaria de ver e inspecionar os sinais e comandos que este periférico está enviando para o meu PC / kernel: como posso fazer isso?

Eu estava assumindo que algo como

cat /dev/bus/usb/006/003

Foi o suficiente, mas aparentemente esse comando retorna imediatamente e imprime alguns caracteres codificados ilegíveis.

Existe uma maneira de "depurar" um dispositivo USB como esse?

    
por user2485710 23.06.2014 / 16:22

1 resposta

10

Você pode capturar o tráfego USB com o Wireshark.
De seu wiki :

To dump USB traffic on Linux, you need the usbmon module, which has existed since Linux 2.6.11. Information on that module is available in /usr/src/linux/Documentation/usb/usbmon.txt in the Linux source tree. Depending on the distribution you're using, and the version of that distribution, that module might be built into the kernel, or might be a loadable module; if it's a loadable module, depending on the distribution you're using, and the version of that distribtuion, it might or might not be loaded for you. If it's a loadable module, and not loaded, you will have to load it with the command

modprobe usbmon

which must be run as root.

libpcap releases prior to 1.0 do not include USB support, so you will need at least libpcap 1.0.0.

For versions of the kernel prior to 2.6.21, the only USB traffic capture mechanism available is a text-based mechanism that limits the total amount of data captured for each raw USB block to about 30 bytes. There is no way to change this without patching the kernel. If debugfs is not already mounted on /sys/kernel/debug, ensure that it is mounted there by issuing the following command as root:

mount -t debugfs / /sys/kernel/debug

For kernel version 2.6.21 and later, there is a binary protocol for tracing USB packets which doesn't have that size limitation. For that kernel version, you will need libpcap 1.1.0 or newer, because the libpcap 1.0.x USB support uses, but does not correctly handle, the memory-mapped mechanism for USB traffic, which libpcap will use if available - it cannot be made unavailable, so libpcap will always use it.

In libpcap 1.0.x, the devices for capturing on USB have the name usbn, where n is the number of the bus. In libpcap 1.1.0 and later, they have the name usbmonn.

You will also need a Wireshark 1.2.x or newer.

    
por 23.06.2014 / 17:37