FFShark is a hardware network debugging tool developed by J.C. Vega and M.A. Merlini at the University of Toronto through P. Chow’s research group. It can be used in high speed data centers capable of 100G speeds, that is, running at 100 Gbit/s. Our project connects FFShark to the industry standard Wireshark network debugging/analyzer tool.
ffshark_c_lang_drivers
Set of C drivers to allow interfacing Wireshark with FFShark. These drivers are an alternative to the python drivers of ffshark_read_packets.py
and ffshark_send_packets.py
. These C drivers perform much faster than the python drivers, thus further optimizations and improvements should be carried on with the C drivers. Find out more in the README in the ffshark_c_lang_drivers directory.
ffshark_read_packets.py
Reads packets from FFShark. It then outputs packets into PCAP format so that packets can be displayed on Wireshark. It can also take in filtering instructions for Wireshark as user arguments. Use the --help
option to see more about it.
ffshark_send_packets.py
Sends test packets to ffshark. User must provide a directory of packet text files as argument. The script will then randomly select packets from this directory to send to ffshark. Use the --help
option to see more about it.
test_packets.py
is used to generate "random" packets. These packets can be stored in a directory, then sent to FFShark with ffshark_send_packets.py
for testing. Running it with the --help
option will provide details on all arguments that can be provided.
sendfilter.c
Configures filtering instruction into FFShark. Was used to generate sendfilter
. Run gcc -o sendfilter sendfilter.c -lpcap
to regenerate sendfilter
after any changes.
sendfilter
an exe that programs FFShark with a filter. Requires a .bpf file as input.
compilefilt.c
uses pcap library to compile filtering instructions into raw bpf filter. This was taken from https://github.com/UofT-HPRC/fpga-bpf/tree/main/utilities/compilefilt. This script currently outputs generated bpf instructions into the terminal. These outputs may need to be disabled to avoid interference of pcap packet transaction through sshdump. Run gcc -o compilefilt compilefilt.c -lpcap
to regenerate compilefilt
after any changes.
compilefilt
an exe that compiles a PCAP filter.
compile_and_send_filter.py
takes a filtering instruction, compiles it and sends the bpf compiled instructions to FFShark to be configured. Uses compilefilt
and sendfilt
to compile and send the filter respectively. This is called by ffshark_read_packets.py
to allow users to set the packet filter on Wireshark.
acceptall.bpf
used to reset FFshark filter to accept all packets.
This method gets about 81kbps (kilobits per second) with locking but no contention.
- Ensure no one else using mpsoc
- On MPSoC,
sudo su
set_clocks 100
program ffshark_fifo.bin
exit
- On MPSoC, send in packets
python3 ffshark_send_packets.py --packets-directory sample_packets/multiple_8 --num-packets 100
- On sshdump interface in Wireshark, set capture command to
python3 /home/savi/alex/FFShark_Wireshark_Integration/ffshark_read_packets.py
. Can also add a filter likepython3 /home/savi/alex/FFShark_Wireshark_Integration/ffshark_read_packets.py --capture-filter=udp
or set to "tcp". - Once done using MPSoC, send message in Slack to say done using.
This method gets about 35Mbps (megabits per second) without any locking.
- Ensure no one else using mpsoc
- On MPSoC,
sudo su
set_clocks 100
program ffshark_fifo.bin
exit
cd ffshark_c_lang_drivers
- Run
make
to compile. - On MPSoC, send in packets
./ffshark_send_packets --directory ../sample_packets/multiple_8 --num-packets 5
. - On sshdump interface in Wireshark, set capture command to
/home/savi/alex/FFShark_Wireshark_Integration/ffshark_c_lang_drivers/ffshark_read_packets
- Once done using MPSoC, send message in Slack to say done using.
- Run
ffshark_send_packets.py
with the--save-sent-packets
option. E.g.python3 ffshark_send_packets.py --packets-directory sample_packets/multiple_8 --num-packets 100 --save-sent-packets "saved_packets.log"
- On Wireshark, go to "File->Export Packet Dissections->As Plaintext". Then select "Bytes" as Packet Format and deselect the other two options.
- Save this file. E.g. "received_packets.txt".
- Copy over the sent file from MPSoC to the Wireshark machine.
scp [email protected]:/home/savi/alex/FFShark_Wireshark_Integration/saved_packets.log saved_packets.log
. If you need to find the location on savi, you can userealpath <file>
and just copy that. - Run
diff <(cat received_packets.txt | sed 's/ .*//g' | awk '{$1=""; print $0}' | sed 's/ //g') saved_packets.log
. If no differences, you're guchi. This command just changes the formatting from the Wireshark file so it's the same as the output from the Python script.
Note, if we have out of order packets, this technique won't work anymore. We could run a sort beforehand though and then do the diff so we'll know all that data was still sent and received.
For example, you could run diff <(cat received_packets.txt | sed 's/ .*//g' | awk '{$1=""; print $0}' | sed 's/ //g' | sort) <(sort saved_packets.log)
. However, our script seems to be too slow to go out of order.
If you need to debug, running, cat received_packets.txt | sed 's/ .*//g' | awk '{$1=""; print $0}' | sed 's/ //g'
will be useful to get the same output format as saved_packets.log.
If you're trying to verify multiple separate bursts of sending in data, you'd have to save each one to a different file. Then in Wireshark, you need to select the packets to export that correspond to what you sent in and export a separate file for each.
- Need to optimize packet filtering throughput. Currently using AXI FIFO interface. Should try AXI DMA