2011-08-05 10:30:10 +02:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
|
|
|
# capture.sh, Copyright © 2011 Matteo Cypriani <mcy@lm7.fr>
|
|
|
|
#
|
|
|
|
########################################################################
|
|
|
|
# This program is licensed under the terms of the Expat license.
|
|
|
|
#
|
|
|
|
# Permission is hereby granted, free of charge, to any person obtaining
|
|
|
|
# a copy of this software and associated documentation files (the
|
|
|
|
# "Software"), to deal in the Software without restriction, including
|
|
|
|
# without limitation the rights to use, copy, modify, merge, publish,
|
|
|
|
# distribute, sublicense, and/or sell copies of the Software, and to
|
|
|
|
# permit persons to whom the Software is furnished to do so, subject to
|
|
|
|
# the following conditions:
|
2011-08-06 12:26:59 +02:00
|
|
|
#
|
2011-08-05 10:30:10 +02:00
|
|
|
# The above copyright notice and this permission notice shall be
|
|
|
|
# included in all copies or substantial portions of the Software.
|
2011-08-06 12:26:59 +02:00
|
|
|
#
|
2011-08-05 10:30:10 +02:00
|
|
|
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
|
|
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
|
|
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
|
|
# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
|
|
|
# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
|
|
|
# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
|
|
|
# SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
|
|
########################################################################
|
|
|
|
#
|
|
|
|
# Captures a few packets on a Wi-Fi interface, using Tcpdump, and
|
2011-08-05 14:41:14 +02:00
|
|
|
# writes them to a Pcap file along with some information about the
|
|
|
|
# system. A tarball containing all these files is finally created.
|
2011-08-05 10:30:10 +02:00
|
|
|
|
|
|
|
#set -x
|
|
|
|
set -e
|
|
|
|
|
2011-08-07 20:41:54 +02:00
|
|
|
|
|
|
|
## Parameters (tune them if you want) ##
|
|
|
|
|
|
|
|
# Number of packet to capture:
|
|
|
|
NB_PKT=10
|
|
|
|
# Maximal time of a capture on a given channel:
|
|
|
|
TIMEOUT=15
|
|
|
|
# Temporary directory:
|
|
|
|
TMP=/tmp
|
|
|
|
# Name of the capture file:
|
|
|
|
FILE=capture.pcap
|
|
|
|
# First channel to scan:
|
|
|
|
CHANNEL=1
|
|
|
|
|
|
|
|
|
|
|
|
## Functions ##
|
|
|
|
|
2011-08-07 20:07:11 +02:00
|
|
|
# Displays the message in argument and exits
|
2011-08-05 10:30:10 +02:00
|
|
|
error()
|
|
|
|
{
|
|
|
|
echo "$1"
|
2011-08-07 20:55:57 +02:00
|
|
|
clean
|
2011-08-05 10:30:10 +02:00
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
2011-08-07 20:55:57 +02:00
|
|
|
# Deletes the temporary files
|
|
|
|
clean()
|
|
|
|
{
|
|
|
|
rm -fr "$DESTDIR"
|
|
|
|
}
|
|
|
|
|
2011-08-07 20:41:54 +02:00
|
|
|
# Verifies the presence of the needed programs
|
|
|
|
check_dependencies()
|
|
|
|
{
|
|
|
|
which tcpdump >/dev/null \
|
|
|
|
|| error "tcpdump is required to run this program!"
|
|
|
|
|
|
|
|
if [ "$OS" = Linux ] ; then
|
|
|
|
[ -x /sbin/iwconfig ] \
|
|
|
|
|| error "iwconfig is required to run this program on Linux!"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
# Switches the capture interface to monitor mode, on the channel in
|
|
|
|
# argument
|
|
|
|
iface_set_channel()
|
2011-08-07 20:41:54 +02:00
|
|
|
{
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
iface_down
|
2011-08-07 20:41:54 +02:00
|
|
|
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
echo -n "Setting interface $IFACE on channel $1... "
|
2011-08-07 20:41:54 +02:00
|
|
|
case $OS in
|
|
|
|
Linux)
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
iwconfig $IFACE mode managed channel $1
|
2011-08-07 20:41:54 +02:00
|
|
|
;;
|
|
|
|
NetBSD)
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
ifconfig $IFACE media autoselect chan $1
|
2011-08-07 20:41:54 +02:00
|
|
|
;;
|
|
|
|
*)
|
|
|
|
error "Your OS is not supported."
|
|
|
|
;;
|
|
|
|
esac \
|
|
|
|
&& echo "OK." \
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
|| error "Cannot set the channel!"
|
|
|
|
|
|
|
|
iface_up
|
|
|
|
iface_monitor
|
2011-08-07 20:41:54 +02:00
|
|
|
}
|
|
|
|
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
# Switches the capture interface to monitor mode
|
|
|
|
iface_monitor()
|
2011-08-07 20:07:11 +02:00
|
|
|
{
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
iface_down
|
|
|
|
|
|
|
|
echo -n "Switching interface $IFACE to monitor mode... "
|
2011-08-07 20:07:11 +02:00
|
|
|
case $OS in
|
|
|
|
Linux)
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
iwconfig $IFACE mode monitor
|
2011-08-07 20:07:11 +02:00
|
|
|
;;
|
|
|
|
NetBSD)
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
ifconfig $IFACE media autoselect mediaopt monitor
|
2011-08-07 20:07:11 +02:00
|
|
|
;;
|
|
|
|
*)
|
|
|
|
error "Your OS is not supported."
|
|
|
|
;;
|
|
|
|
esac \
|
|
|
|
&& echo "OK." \
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
|| error "Cannot switch the interface to monitor mode!"
|
|
|
|
|
|
|
|
iface_up
|
|
|
|
}
|
|
|
|
|
|
|
|
# Shuts down the capture interface
|
|
|
|
iface_down()
|
|
|
|
{
|
|
|
|
echo -n "Shuting down interface $IFACE... "
|
|
|
|
ifconfig $IFACE down && echo "OK." \
|
|
|
|
|| error "Cannot shut down the interface!"
|
|
|
|
}
|
|
|
|
|
|
|
|
# Turns on the capture interface
|
|
|
|
iface_up()
|
|
|
|
{
|
|
|
|
echo -n "Turning up interface $IFACE... "
|
|
|
|
ifconfig $IFACE up && echo "OK." \
|
|
|
|
|| error "Cannot turn the interface up!"
|
2011-08-07 20:07:11 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
# Invokes tcpdump and returns the number of packets captured
|
|
|
|
invoke_tcpdump()
|
|
|
|
{
|
|
|
|
return $(tcpdump -i $IFACE -c $NB_PKT -w "$FILE" 2>&1 \
|
|
|
|
| sed -n 's/ packets captured$//p')
|
|
|
|
}
|
|
|
|
|
|
|
|
# Waits for a number of seconds, then kills any tcpdump process
|
|
|
|
wait_tcpdump()
|
|
|
|
{
|
|
|
|
sleep $1
|
|
|
|
pkill tcpdump
|
|
|
|
}
|
|
|
|
|
2011-08-07 20:41:54 +02:00
|
|
|
# Gets some information about the running system
|
|
|
|
gather_system_information()
|
|
|
|
{
|
|
|
|
echo -n "Gathering system information... "
|
|
|
|
# Kernel & other information:
|
2011-08-07 20:55:57 +02:00
|
|
|
uname -a >"$DESTDIR"/uname-a
|
2011-08-07 20:41:54 +02:00
|
|
|
# Wi-Fi interface information:
|
2011-08-07 20:55:57 +02:00
|
|
|
ifconfig $IFACE >"$DESTDIR"/ifconfig_$IFACE
|
2011-08-07 20:41:54 +02:00
|
|
|
# PCI devices:
|
|
|
|
which lspci >/dev/null \
|
2011-08-07 20:55:57 +02:00
|
|
|
&& lspci >"$DESTDIR"/lspci \
|
2011-08-07 20:41:54 +02:00
|
|
|
|| echo "lspci not available! Please install pciutils. "
|
|
|
|
# Loaded kernel modules & USB devices:
|
|
|
|
case $OS in
|
|
|
|
Linux)
|
2011-08-07 20:55:57 +02:00
|
|
|
lsmod >"$DESTDIR"/lsmod
|
2011-08-07 20:41:54 +02:00
|
|
|
which lsusb >/dev/null \
|
2011-08-07 20:55:57 +02:00
|
|
|
&& lsusb >"$DESTDIR"/lsusb \
|
2011-08-07 20:41:54 +02:00
|
|
|
|| echo "lsusb not available! Please install usbutils. "
|
|
|
|
;;
|
|
|
|
NetBSD)
|
2011-08-07 20:55:57 +02:00
|
|
|
modstat >"$DESTDIR"/modstat
|
2011-08-07 20:41:54 +02:00
|
|
|
which usbstats >/dev/null \
|
2011-08-07 20:55:57 +02:00
|
|
|
&& usbstats >"$DESTDIR"/usbstats \
|
2011-08-07 20:41:54 +02:00
|
|
|
|| echo "usbstats not available! Please install usbutil. "
|
|
|
|
;;
|
|
|
|
DragonFly)
|
2011-08-07 20:55:57 +02:00
|
|
|
kldstat >"$DESTDIR"/kldstat
|
2011-08-07 20:41:54 +02:00
|
|
|
which usbstats >/dev/null \
|
2011-08-07 20:55:57 +02:00
|
|
|
&& usbstats >"$DESTDIR"/usbstats \
|
2011-08-07 20:41:54 +02:00
|
|
|
|| echo "usbstats not available! Please install usbutil. "
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
echo "OK."
|
|
|
|
}
|
2011-08-05 10:30:10 +02:00
|
|
|
|
2011-08-07 20:41:54 +02:00
|
|
|
# Compresses the destination directory to a tarball
|
|
|
|
create_archive()
|
|
|
|
{
|
2011-08-07 20:55:57 +02:00
|
|
|
TARBALL="${DESTDIR}.tar.gz"
|
|
|
|
DIR=`basename "$DESTDIR"`
|
|
|
|
tar -C "$TMP" -czf "$TARBALL" "$DIR"
|
|
|
|
echo "Archive \"$TARBALL\" created."
|
2011-08-07 20:41:54 +02:00
|
|
|
}
|
2011-08-05 10:30:10 +02:00
|
|
|
|
2011-08-05 14:41:14 +02:00
|
|
|
|
2011-08-07 20:41:54 +02:00
|
|
|
## Main program ##
|
|
|
|
|
|
|
|
[ $# -eq 1 ] \
|
|
|
|
|| error "Usage: $0 <wifi_interface>"
|
|
|
|
|
2011-08-05 14:41:14 +02:00
|
|
|
# Interface to capture from:
|
|
|
|
IFACE=$1
|
|
|
|
# Machine information:
|
|
|
|
OS=`uname`
|
2011-08-06 12:30:39 +02:00
|
|
|
OS_RELEASE=`uname -r`
|
2011-08-05 14:41:14 +02:00
|
|
|
HOSTNAME=`uname -n`
|
2011-08-06 15:49:43 +02:00
|
|
|
# Current date:
|
|
|
|
DATE=`date +%FT%H%M%S`
|
2011-08-07 20:55:57 +02:00
|
|
|
# Temporary destination directory:
|
|
|
|
DESTDIR=$(mktemp -d \
|
2011-08-07 22:00:42 +02:00
|
|
|
"$TMP"/capture_${OS}-${OS_RELEASE}_${IFACE}_${HOSTNAME}_${DATE}_XXX)
|
2011-08-07 20:55:57 +02:00
|
|
|
# Update capture file with full path:
|
|
|
|
FILE="$DESTDIR/$FILE"
|
2011-08-05 10:30:10 +02:00
|
|
|
|
2011-08-07 20:41:54 +02:00
|
|
|
check_dependencies
|
2011-08-05 10:30:10 +02:00
|
|
|
|
2011-08-07 20:07:11 +02:00
|
|
|
echo "Trying to capture $NB_PKT packets..."
|
|
|
|
CAPTURED=0
|
|
|
|
while [ $CAPTURED -eq 0 -a $CHANNEL -le 14 ] ; do
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
echo
|
2011-08-07 20:41:54 +02:00
|
|
|
iface_set_channel $CHANNEL
|
2011-08-07 20:07:11 +02:00
|
|
|
wait_tcpdump $TIMEOUT &
|
|
|
|
invoke_tcpdump
|
|
|
|
CAPTURED=$?
|
|
|
|
[ $CAPTURED -eq 0 ] \
|
|
|
|
&& echo "No packet captured on channel $CHANNEL."
|
|
|
|
CHANNEL=`expr $CHANNEL + 1`
|
|
|
|
done
|
|
|
|
|
[wifi] capture: fix channel setting
At least on NetBSD with the ath driver, it is impossible to change the
channel when the interface is in monitor mode (actually it is possible,
but when the interface is turned up again the channel is set back to its
prior value).
Therefore, to set the interface in monitor mode on a given channel, we
must:
- shut down,
- switch to managed mode (media autoselect) with the wanted channel,
- turn up,
- shut down again,
- switch to monitor mode,
- turn up again.
I implemented the same behaviour for Linux, maybe it's useless but it
can't hurt.
2011-08-07 21:30:14 +02:00
|
|
|
echo
|
2011-08-07 20:07:11 +02:00
|
|
|
[ $CAPTURED -gt 0 ] \
|
|
|
|
&& echo "Capture file \"$FILE\" created with $CAPTURED packets." \
|
|
|
|
|| error "Failed to capture any packet!"
|
2011-08-05 14:41:14 +02:00
|
|
|
|
2011-08-07 20:41:54 +02:00
|
|
|
gather_system_information
|
|
|
|
create_archive
|
2011-08-07 20:55:57 +02:00
|
|
|
clean
|
2011-08-05 10:30:10 +02:00
|
|
|
|
|
|
|
echo
|
|
|
|
echo "You can now shut down the interface $IFACE if you want:"
|
|
|
|
echo " ifconfig $IFACE down"
|