INTRODUCING THE PACKET WHACKER

THE MAGAZINE FOR COMPUTER APPLICATIONS
Circuit Cellar Online offers articles illustrating creative solutions
and unique applications through complete projects, practical
tutorials, and useful design techniques.

INTRODUCING THE PACKET WHACKER

Applications Part 2: Setting a Course with Code
by Fred Eady

Start ı Packet Whacker Utilities ı Receiving Packets ı Who ARP You? ı Ping ı UDP ı TCP ı FIN ı Sources and PDF

PACKET WHACKER UTILITIES

Having Network Associatesıs Sniffer, a fast Internet connection, a dedicated test personal computer, a dedicated Ethernet LAN, and my very own IP address on a real Internet pipe are a real plus when doing this kind work. However, I realize that not everyone who wants to do serious Internet connectivity projects has all of those luxuries. So, to assist in the development of the PICDEM.net/Packet Whacker firmware, I assembled some simple utilities to help me along the way. I think youıll find them useful as well.

A typical Sniffer screen is shown in Photo 2. Even with this powerful tool, it didnıt take me long to realize that if the hex dump at the bottom of Photo 2 didnıt follow what I thought I had coded, I needed to see what was inside the RTL8019ASıs registers. To accomplish this, all I needed to do was to stop the RTL8019AS NIC and read the register banks one by one. After the register bank data was collected, all that was left to do was to format the data for display via the serial port of the PICDEM.net.

Photo 2ıIf youıre wondering how the Sniffer knows the Packet Whacker by name, itıs not because of NetBios. There is no NetBios in use here. I assigned the name "packet whacker" to the Packet Whackerıs IP address in the address area of the Sniffer. I put the Sniffer in Discovery mode and pinged the Packet Whacker. When the Packet Whackerıs IP was put on the LAN and discovered, I edited the Sniffer discovery record name field.

Listing 1, the show_regs function, is the code chunk that performs the peek into whatıs in the RTL8019AS registers. An example of the results of show_regs can be seen in Photo 3. It is not wise to run show_regs while the Packet Whacker is operational as the NIC is stopped before the register read process begins and is not restarted when the function terminates.

Listing 1ıThe readwrite() function is a helper code chunk that invokes the read of the RTL8019AS control register, converts the binary register value to ASCII, formats the output, and sends the results to the PICDEM.net serial port.

Photo 3ıI didnıt get fancy here as I used the RTL8019AS datasheet to cross-reference the register values. For example, you can see the ASCII representation of "0CCINK" in the Page 1 column.

Before the data collected by the show_regs function can be directed out of the PICDEM.netıs serial interface to the terminal emulator, the raw binary form of the data you wish to view has to be converted into ASCII characters. A small function called bin2hex provides the binary-to-ASCII conversion service. Listing 2 is the English behind the bin2hex code chunk.

Listing 2ıJust a quick and nasty way to make things readable.

The Sniffer is a great tool, but if the packet I generate severely breaks the rules of protocol, thereıs a chance that the Sniffer wonıt pick it up. If the packet is assembled incorrectly or a checksum has been calculated incorrectly and the Sniffer ignores it, I found that I had to have a way to examine the packet at the PIC register level before itıs sent to the NIC and transmitted. Fortunately (and by design), all of the packet data is contained in contiguous buffer memory inside the PICDEM.netıs PIC16F877. This is a good thing as the show_packet code chunk reads the packet buffer and, with the help of bin2hex, provides a view of the PICıs data memory that is housing the packet bits (see Listing 3 ).

Listing 3ıThe largest contiguous piece of RAM in the PIC16F877 is 96 bytes in length. Thatıs enough to house a typical Packet Whacker packet.

To illustrate this, Photo 4 is a Sniffer snapshot of an actual ARP exchange between the PICDEM.netıs Packet Whacker and the Sniffer host PC (tbird900). This frame shows that I captured the broadcast ARP packet originating from the tbird900 aimed at the PICDEM.net. Note that the show_packet results in Photo 5 match the hex dump at the bottom of the Sniffer shot. The unmatched garbage at the end of the dump is the rest of the 96 bytes in the buffer.

Photo 4ıItıs a good feeling when the Sniffer is able to decode a packet that looks exactly like the bytes in the PICDEM.netıs PIC memory.

Photo 5ıAgain, I didnıt waste much code on looks here. As long as the bytes match up with the Sniffer interpretation and the Internet protocol operation functions properly, things are good.

The RTL8019ASıs receive buffer ring precedes each incoming packet with a 4-byte header. This header contains useful information about the packet such as its length. There were times when I needed to see the raw packet header data. Our last and smallest utility dump_header allows that to happen.

Before I wrap up the discussion on utilities, I want to again make the point that these are not run time utilities. Even utilities that donıt stop the RTL8019AS NIC like show_packet may take up enough time to cause an incoming packet to be lost or corrupted. So, keep the use of these utilities dedicated to debugging and learning as you assemble your PICDEM.net or Packet Whacker firmware.

PREVIOUS • NEXT

Circuit Cellar provides up-to-date information for engineers. Visit www.circuitcellar.com for more information and additional articles.
For subscription information, call (860) 875-2199, subscribe@circuitcellar.com or subscribe online. ıCircuit Cellar, the Magazine for Computer Applications. Posted with permission.