Reference Manual |
HOW TO capture Fritz!Box DSL traffic in real time
HOW TO capture Fritz!Box WLAN traffic in real time
HOW TO capture Fritz!Repeater traffic in real time
HOW TO capture interface traffic and display it in Wireshark
Be sure to enter your FritzBox password with command: set fbpwd mypassword
|
DSL Stats, DSL Graph, Calls, Call List (CSV)
DSL Stats, DSL Graph, Calls, Call List (CSV) Calls
Introduction
Both the Fritz!Box and the Fritz!Repeater have a packet trace feature that works by requesting a special URL that returns a traffic trace for a specified interface in the form of a libpcap formatted file. When the trace is terminated, the saved trace file can be viewed using software such as WireShark that displays the traffic in a readable form.
While this feature is quite useful, it has the major disadvantage that one cannot view the traffic in real time. The trace must be started, run for as long as is required, and then stopped. Only then can Wireshark be started in order to display the trace.
NAT32 can request a trace from the Fritz!Box or the Fritz!Repeater and then pipe the received data to a shell command (tdump) that decodes the data and prints it to the standard output device. The standard output can be redirected to a NAT32 Monitor window for subsequent display. The display can be started and stopped as needed and can also be saved to a file for subsequent examination.
Because the NAT32 shell (unlike the Windows cmd.exe shell) executes each command of a pipeline in a separate thread, the display of the trace data occurs in real time and the user can immediately notice (and respond to) any unwanted Internet traffic originating from connected computers. This feature can be very useful for detecting viruses and applications (e.g. Skype) that may consume large amounts of DSL bandwidth for no useful purpose (from the user's point of view).
Script Files
A script file to solicit the trace from the Fritz!Box, decode it and display it in the Monitor window is shown below:
A script file to terminate the trace is shown below:monitor on set fbtrace 1 sid fbgetr "http://fritz.box/cgi-bin/capture_notimeout?start=0" | tdump > monitor &
sid fbgetr "http://fritz.box/cgi-bin/capture_notimeout?stop=0" sid clear set fbtrace 0
The above scripts are contained in files fritz_on and fritz_off and can
be invoked from the main NAT32 web page or the NAT32 Console.
Similar files are available for the
Fritz!Repeater (fritzr_on and fritzr_off).
Notes
If your Fritz!Box requires a password for browser access, please use the NAT32 set command to store that password in the environment variable fbpwd as follows:
set fbpwd myPassword
NAT32 Version 2 uses the following TCL script to compute the required Fritz!Box Session ID:
#!tcl # # sid - set or clear the FritzBox SID in global var fbsid (Fritz!OS prior to 5.50) # For later Fritz!OS versions, please see file 'sid' in your NAT32 distribution. if {$argc > 1} { error "Usage: sid [clear]" } if {$argc == 1} { if {$fbsid == ""} { error "Error: unknown SID" } set cmd "httppost http://fritz.box/cgi-bin/webcm \"security:command/logout=1&sid=$fbsid\"" exec $cmd set fbsid "" exit } set xml [exec "httpget http://fritz.box/cgi-bin/webcm?getpage=../html/login_sid.xml"] if {[regexp "<iswriteaccess>(1)</iswriteaccess>" $xml tmp]} { regexp "<SID>(.*)</SID>" $xml sid regsub "<SID>" $sid "" tmp2 regsub "</SID>" $tmp2 "" result set fbsid $result exit } if {[regexp "<Challenge>(.*)</Challenge>" $xml challenge]} { regsub "<Challenge>" $challenge "" tmp1 regsub "</Challenge>" $tmp1 "" tmp2 if {$fbpwd == ""} { error "Error: unknown password" } set challenge "$tmp2-$fbpwd" set hash [exec "hash $challenge"] # See note below set h "$tmp2-$hash" set cmd "httppost http://fritz.box/cgi-bin/webcm \"login:command/response=$h&getpage=../html/login_sid.xml\"" set tmp1 [exec $cmd] regexp "<SID>(.*)</SID>" $tmp1 sid regsub "<SID>" $sid "" tmp2 regsub "</SID>" $tmp2 "" result set fbsid $result }
Note the use of the NAT32 command hash in the above script. Because it is implemented in C, it computes the MD5 hash of the specified string very rapidly.
NAT32 Version 2 contains additional script files (fritzr_on) and fritzr_xon) that display the trace data in the Monitor window or the Trace window. In the latter case, all packet data is displayed, including protocol headers and payload data.
See Also
Fritz!Box Tips and Tricks, External Routers, httpget