This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
howto:dumlcapture [2021/11/02 03:18] czokie |
howto:dumlcapture [2021/11/02 03:32] czokie [1. Disable SIP] |
||
---|---|---|---|
Line 6: | Line 6: | ||
==== 1. Disable SIP === | ==== 1. Disable SIP === | ||
+ | |||
+ | To capture DUML via the USB port, you need to capture data from an interface that is not normally accessible. Apple protects this interface to prevent key grabbers for example from capturing keyboard USB traffic. Once you are finished doing DUML capture work, you should re-enable SIP unless you are comfortable and understand the risks involved. The process to re-enable is the same as below, but change the word disable to enable. | ||
* Restart your Mac | * Restart your Mac | ||
* Hold down Command-R to reboot into Recovery Mode | * Hold down Command-R to reboot into Recovery Mode | ||
- | * Click Utility-> | + | * Click Utility |
* Restart your Mac | * Restart your Mac | ||
Line 15: | Line 17: | ||
sudo ifconfig XHC20 up | sudo ifconfig XHC20 up | ||
+ | |||
+ | NOTE: When not required for capturing, you should disable this interface using the following command. | ||
+ | |||
+ | sudo ifconfig XHC20 down | ||
==== 3. Capture ==== | ==== 3. Capture ==== | ||
Line 48: | Line 54: | ||
cd /tmp | cd /tmp | ||
rm -rf mefisto | rm -rf mefisto | ||
+ | |||
+ | ==== 3. Restart Wireshark and capture ==== | ||
+ | Start a packet capture in Wireshark, from the XHC20 interface. | ||
+ | ==== 4. Set a display filter ==== | ||
+ | |||
+ | (frame.protocols == " | ||
+ | |||
+ | This filter is designed to capture all valid dji_dumlv1 packets, but also to capture any poorly decoded packets to allow you to look at the cause of any problems with the dissectors. | ||
+ | |||
+ | ==== 5. Set display columns ==== | ||
+ | |||
+ | This is an optional step, but it will make it easier to read and interpret a DUML flow at a glance. | ||
+ | |||
+ | * Click Wireshark >> Preferences >> Appearance >> Columns | ||
+ | * Configure to your requirements. A sample layout is shown below. | ||
+ | {{: | ||