2003-06-28 02:30:40

by Michael Still

[permalink] [raw]
Subject: [Announce] Linux command line Snoopy Pro logfile dumper


I had two maths exams last week. This of course means that I had to find
something to distract me. That thing was whipping up a SnoopyPro logfile
dumper for the command line. This was motivated by generalised frustration
with the SnoopyPro user interface.

For those wondering, SnoopyPro is a Source Force hosted USB traffic dumper
for Windows. It's useful when reverse engineering USB device drivers.

This version of the dumper only implements the URB types which I
immediately needed. Adding additional URBs isn't hard, but I didn't have
any samples. Feel free to mail me usblogs, and I'll add them to the
decoder.

The only really cool feature in this version is that it implements
"repeated URB sequence suppression", so if the Windows driver says to the
USB device "hey, you still there" every second for 60 seconds, and there
is no other traffic between the machine and that device, then the output
will only show one of those interactions, and let you know it hid 59 more.
This feature can be turned on and off with the -r command line option.

You can get the GPL'ed CVS version of the source code from:
http://www.stillhq.com/extracted/usblogdump.tgz

There is sample output et cetera at:
http://www.stillhq.com/cgi-bin/getpage?area=usblogdump

The next step is to modify the display of the URBs so that they're closer
to the Linux data structures.

Cheers,
Mikal

--

Michael Still ([email protected]) | Stage 1: Steal underpants
http://www.stillhq.com | Stage 2: ????
UTC + 10 | Stage 3: Profit