Inspecting the traffic with Wireshark¶
Wireshark is an open source network packet analyzer. It can be used to sniff the network traffic between emulated nodes and/or the host network interface.
Renode uses the libpcap format to provide data to Wireshark.
Logging the whole traffic¶
To log the network traffic to Wireshark, you must decide if you want to focus on the wireless or ethernet network.
This limitation is inherent to the libpcap format, but in reality it is rarely a concern.
To log all traffic transferred over the wired network, run:
(monitor) emulation LogEthernetTraffic
This creates a new object available in the emulation:
The Wireshark window will open automatically when the first
Switch object becomes available.
You can start it manually (e.g. after you close the Wireshark window) with:
(monitor) host.wireshark-allEthernetTraffic Run
Similarly, to log the traffic of a BLE or IEEE802_15_4 network, run:
(monitor) emulation LogIEEE802_15_4Traffic
(monitor) emulation LogBLETraffic
This command creates a new
Observing a specific interface¶
Renode allows you to inspect the traffic of a specific switch or wireless medium. You can also limit the observation to a specific interface connected to that switch or medium.
To enable logging on a
switch object, run:
(monitor) emulation LogToWireshark switch
To observe only the
sysbus.ethernet interface connected to
(machine-0) emulation LogToWireshark switch sysbus.ethernet
The names of Wireshark objects created depend on the machine name, the switch name and the interface name.
In the above case Renode creates an object named