Grant Edwards <[EMAIL PROTECTED]> writes: > On 2006-05-31, Sergei Organov <[EMAIL PROTECTED]> wrote: > >> It seems that sniff on a real tty device could be implemented using the >> same technique strace uses to intercept and show syscalls, though I'm >> not aware of any sniffer application that does it. > > Using strace you can indeed trace read/write calls on user-specified > file descriptors.
I've actually meant to take strace in source code and modify it for particular purpose. The fact that it almost can do it in unmodified form is quite impressive though. > Figuring out which file descriptors to trace is the tricky part. Provided I have port name, say, /dev/ttyM0, and have running application: [EMAIL PROTECTED] ~$ fuser /dev/ttyM0 /dev/ttyM0: 5134 [EMAIL PROTECTED] ~$ ls -l /proc/5134/fd | grep /dev/ttyM0 lrwx------ 1 osv osv 64 2006-05-29 15:33 8 -> /dev/ttyM0 [EMAIL PROTECTED] ~$ so I need to track fd #8 of the process with pid 5134. Guess one can attach to a running process as gdb does it. Alternatively, if the process to be sniffed sporadically opens/closes the port at run-time, it is required to track open()/close() syscalls as well as read()/write() ones, I think. Overall, seems not that trivial but doable. -- Sergei. -- http://mail.python.org/mailman/listinfo/python-list
