Last active
August 22, 2022 11:56
-
-
Save ytti/2323b019152eca6e05718bccd855566e to your computer and use it in GitHub Desktop.
script to turn JunOS Trio exception capture into a PCAP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # script to generate PCAP from Trio exception trace. Potentially you may need to change POP_BYTES variable. | |
| # Trio exception trace allows you to capture things like broken packets (checksum error), to see who is sending them | |
| # clogin junos-trio-box | tee exception_trace | |
| # start shell pfe network fpc0 | |
| # show jnh 0 exceptions terse | |
| # debug jnh exceptions N discard ## get N from above command | |
| # debug jnh exceptions-trace | |
| # show jnh exceptions-trace | |
| # undebug jnh exceptions-trace | |
| # undebug jnh exceptions | |
| # exit | |
| # exit | |
| # [ytti@lintukoto ~/Downloads]% ./jnh_exception_packet_trace.rb exceptions-trace | |
| # packet written in 'exceptions-trace.packet' | |
| # run 'text2pcap exceptions-trace.packet exceptions-trace.pcap' to | |
| # generate pcap file | |
| # [ytti@lintukoto ~/Downloads]% text2pcap exceptions-trace.packet | |
| # exceptions-trace.pcap | |
| # Input from: exceptions-trace.packet | |
| # Output to: exceptions-trace.pcap | |
| # Output format: PCAP | |
| # Wrote packet of 103 bytes. | |
| # Wrote packet of 78 bytes. | |
| # Wrote packet of 60 bytes. | |
| # Wrote packet of 103 bytes. | |
| # Wrote packet of 78 bytes. | |
| # Wrote packet of 60 bytes. | |
| # Read 6 potential packets, wrote 6 packets (602 bytes). | |
| class TrioExeptionTrace | |
| POP_BYTES = 25+6 ## 25 byte before DMAC starts | |
| FILE_EXTENSION = 'packet' | |
| PACKET_DATA = / jnh_exception_packet_trace:\d*\s+0x([0-9a-f][0-9a-f]):\s+(.*)/ | |
| def self.to_ascii_file file | |
| file_base = File.basename(file) | |
| file_ext = File.extname(file) | |
| ext = FILE_EXTENSION | |
| ext += '2' if file_ext == FILE_EXTENSION | |
| file_output = [file_base, ext].join '.' | |
| trace = new File.read(file) | |
| File.write file_output, trace.to_packets | |
| puts "packet written in '#{file_output}'" | |
| puts "run 'text2pcap #{file_output} #{file_base}.pcap' to generate pcap file" | |
| end | |
| def initialize data | |
| @packets = parse_data data | |
| end | |
| def to_packets | |
| str = "" | |
| @packets.each do |packet| | |
| str << "000000 " + packet + "\n" | |
| end | |
| str | |
| end | |
| def parse_data data | |
| packets = [] | |
| packet = [] | |
| data.each_line do |line| | |
| next unless match = line.match(PACKET_DATA) | |
| offset, packet_data = match[1].to_i(16), match[2].chomp | |
| if offset == 0 | |
| packets << packet[POP_BYTES..-1].join(" ") unless packet.empty? ## first one is empty | |
| packet = packet_data.split | |
| else | |
| packet += packet_data.split | |
| end | |
| end | |
| packets << packet[POP_BYTES..-1].join(" ") | |
| packets | |
| end | |
| end | |
| begin | |
| TrioExeptionTrace.to_ascii_file(ARGV.first) if $0 == __FILE__ | |
| rescue => error | |
| warn error.message | |
| # raise | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment