1. Home
  2. Support & Troubleshooting
  3. Using the ethernet tap for a circular log

Using the ethernet tap for a circular log

0
D
Daniel Zetterman

Hello,

One of my user scenarios would be to install the IO Ninja ethernet tap together with a small linux device, perhaps raspberry pi 4 or similar. And I need most of below requirements fulfilled:

  1. Even if the IO ninja is not powered, pass-through will be enabled, so data will still pass
  2. Work with shielded cables
  3. Automatic mode, so when it starts up, it must be capturing data automatically (unattended)
  4. Possibility to create a circular log on the linux device, with specific size in Mb, ex 50 Gb or similar.
  5. Possibility to run everything completely headless on the linux device, preferably as a linux service
  6. Possibility to use filters in this headless mode

So the idea is to have a recording device that would as soon as it starts up, continue to record on the circular log, let's say in pcap format. At some point I will take out the device and analyse the logs using the IO Ninja software or Wireshark.

Circular log could of course mean that it is rotating 5 log files, so eventually the oldest log file will be overwritten.

Is above possible with IO Ninja?

0
Vladimir
Vladimir

Hello Daniel,

(1) Even if the IO ninja is not powered, pass-through will be enabled, so data will still pass

The Ethernet Tap is actively forwarding packets from one port to the other; without power, the connection will break. Not easy to fix; we plan to address that in the next iteration of the HW development cycle, but at the moment, it is what it is.

(2) Work with shielded cables

We don't specifically handle shielded cables; most likely, will work, but needs testing in your specific setup.

(3) Automatic mode, so when it starts up, it must be capturing data automatically (unattended)

This is all up to how you set up your Linux box.

(4) Possibility to create a circular log on the linux device, with specific size in Mb, ex 50 Gb or similar.

Not currently, but the rotation of size-limited logs can be added to ioninja-hwc (the command-line tool).

(5) Possibility to run everything completely headless on the linux device, preferably as a linux service

ioninja-hwc runs on any Windows/macOS/Linux i386/x86_64/ARM/AArch64

(6) Possibility to use filters in this headless mode

Support for pcap-filter can easily be added to ioninja-hwc.

If you can't or don't want to wait for when we add (4) or (6), no problem -- our USB protocol is open-source so that you can implement your own reader from Ethernet Tap in any programming language you choose.

So if (1) is not a deal-breaker, then it's possible.

2
2
154
Log in to reply