Sniffer RIOT

Hi everyone, I have to do a project for my thesis. Currently i have 2 OpenMote and a raspberry pi 3. I have to sniff network with OpenMote and report a log or a simple message to the raspberry pi. I found a RIOT sniffer project on GitHub but doesn’t work. I don’t know why. Do you have any idea on how I could do this project? Thank very much.

Alberto

Hi Alberto,

welcome to RIOT!

I have to sniff network with OpenMote and report a log or a simple message to the raspberry pi. I found a RIOT sniffer project on GitHub but doesn't work. I don't know why. Do you have any idea on how I could do this project?

Can you be a little bit more verbose on the "doesn't work" part, please? Do you have problems building the application? (If yes, can you paste the error messages?) Or do you have problems with the sniffer output? Have you verified to use the correct channel? Have you tried to communicate between the two OpenMotes or between an OpenMote and the Pi?

Cheers, Oleg

Hi Oleg, thank for reply, I was kind of busy yesterday and couldn’t answer. I have some questions. I flashed the application on OpenMote but output file .pcap of wireshark is empty. The channel refers to the wifi channel to which I am connected?

Initially, i had a OpenMote only but some people told me that I must have two OpenMote; one for the border router and the other for the sniffer. Is it correct?

Alberto.

Hi Alberto!

thank for reply, I was kind of busy yesterday and couldn't answer. I have some questions. I flashed the application on OpenMote but output file .pcap of wireshark is empty. The channel refers to the wifi channel to which I am connected?

The OpenMote has a 802.15.4 transceiver, not wifi. Hence, you should configure the sniffer to use the same channel as the other OpenMote and the Pi. In order to configure the channel on the OpenMote on RIOT, you have to use the ifconfig command in the shell.

Initially, i had a OpenMote only but some people told me that I must have two OpenMote; one for the border router and the other for the sniffer. Is it correct?

Can you briefly describe what exactly you want to achieve? What is your use case and what is your setup? If you have a Pi involved, why don't you simply use it as the sniffer, too?

Cheers, Oleg

Hi Oleg,

Because it is not the task of my thesis. I have to use OpenMote to sniff packets on a network and communicate with raspberry py on which there is installed an IDS, namely Bro. But I have problems to solve this. On OpenMote I must also integrate a library, Bro Communication Library, to communicate precisely with Bro. Have you roughly understood my project?

Hi Alberto!

Because it is not the task of my thesis. I have to use OpenMote to sniff packets on a network and communicate with raspberry py on which there is installed an IDS, namely Bro. But I have problems to solve this. On OpenMote I must also integrate a library, Bro Communication Library, to communicate precisely with Bro. Have you roughly understood my project?

Roughly. I still don't get get where exactly a border router is required, but anyhow. The first thing you should check, is that communication is actually working. Either between the two OpenMotes (using, for example, the gnrc_networking example) or between one OpenMote and the Pi. Once you can confirm that this works, you can try to setup the sniffer, making sure to use the correct channel. If you still don't get any output, you could try to debug it using gdb.

Cheers, Oleg

Hi Oleg, Scuse me but i was busy. Finally after a lot of attempts, it seems that sniffer works fine. I have another question. I have to use this library: https://www.bro.org/sphinx/components/broccoli/broccoli-manual.html#id4 , https://www.bro.org/sphinx/broccoli-api/annotated.html. How do i use it in RIOT?

Thank u. Alberto

Hi Alberto!

Scuse me but i was busy. Finally after a lot of attempts, it seems that sniffer works fine.

Glad to hear that.

I have another question. I have to use this library: https://www.bro.org/sphinx/components/broccoli/broccoli-manual.html#id4 , https://www.bro.org/sphinx/broccoli-api/annotated.html. How do i use it in RIOT?

At a first glance, this looks like a good candidate for a package in RIOT. See https://riot-os.org/api/group__pkg.html for more information. If you have concrete questions, please let us know.

Cheers, Oleg

Hi Oleg, i moved the broccoli library in to pkg folder of RIOT. I added the USEPKG macro in my application’s Makefile but when i use “include <broccoli.h>” in main.c of my program i have this error: /home/ciolo/RIOT/examples/hello-world/main.c:23:22: fatal error: broccoli.h: No such file or directory #include <broccoli.h>. Why?

Thanks.