|
|
Line 16: |
Line 16: |
| |- | | |- |
| ! Current Version: | | ! Current Version: |
− | | v0.18, 2014-03-24 | + | | v0.19, 2014-04-03 |
| + | |- |
| + | ! Homepage: |
| + | | [http://mkw-ana.wiimm.de/ mkw-ana.wiimm.de] |
| |} | | |} |
| | | |
Line 40: |
Line 43: |
| | | |
| <pre> | | <pre> |
− | mkw-ana v0.18 r1836 - 2014-03-24 | + | mkw-ana v0.19 r1889 - 2014-04-03 |
| | | |
− | - New command: FRIENDCODES: A friend code calculator. For each scanned | + | - Bug fix: Wrong IP printed for DNS replies. |
− | parameter a line with a decimal friend code, a hexadecimal friend code,
| |
− | a decimal player ID and a game ID is printed. As input, various formats
| |
− | are supported. The new option --gid defines a game ID for creating a FC
| |
− | from a player id.
| |
| | | |
− | - New command: ANALYZE: Analyze the dump files for special information and | + | - HTTP request and responses are printed in colorized multiple lines now. |
− | print it a machine readable list, one line per record. The first parameter
| + | For known parameters of the data section, the values are decoded. |
− | a comma separated list of keywords: PARAM-NAMES, NICKS, ALL. | |
− | See built-in help for details.
| |
| | | |
− | - New letter ID scheme for clients. All IDs are used circulary: | + | - Servers will now also be detected by the well known ports. |
− | 0-9: Known Nintendo servers (detected by a previous DNS query).
| |
− | A-Z: Home client (--ip or --wii or auto detect).
| |
− | a-z: Other clients (players).
| |
| | | |
− | - Internal statistics about UDP (old) and TCP (new) traffic (send+receive | + | - Responses of server 'ms19' will now be decoded, if the request was made by |
− | packtes+bytes). The client dumps print now a summary of TCP+UDP. | + | one of the 3013 known gamespy games and users with verified passwords. |
| | | |
− | - Command 'CLIENT' prints the clients in order of appearance. If option | + | - New command QUERY: Sends a database query to server 'ms19' and prints the |
− | --long is set, a multi line list with more details is printed. | + | results as table. Couning and grouping is also possible. |
| | | |
− | - The new command SERVERS prints a multi line list like 'CLIENTS --long', | + | - New options for command QUERY: --server --port --game --user --key --select |
− | but only Nintendo's servers are selected.
| + | --limit --group-by |
− | | |
− | - Command COUNT will now count also ARP, DNS and TCP records.
| |
− | | |
− | - All commands can be prefixed by a 'C' (e.g. 'CDUMP' instead of 'DUMP') to
| |
− | force colorized output (= force option --color).
| |
− | | |
− | - Options --ip and --wii accept now an optional port number.
| |
− | | |
− | - Bug fix for 'A' detection of DNS replies.
| |
− | | |
− | | |
− | mkw-ana v0.17 r1786 - 2014-03-03
| |
− | | |
− | - New modes for option --print:
| |
− | DELAY : Print the delay in ms (difference between racing and real time).
| |
− | LAST : Timeout since last packet in ms.
| |
− | XTIME := TIME,DELAY,LAST
| |
− | | |
− | - New record type: QUIT: It is send, if a player quits the game.
| |
− | If --logmode=TEST is set, a log message is printed if QUIT occurs.
| |
− | | |
− | - Some minor optical and layout changes.
| |
| </pre> | | </pre> |
| | | |
− | ;Old change log: | + | → [http://mkw-ana.wiimm.de/changelog.html old logs] |
− | <spoiler><pre>
| |
− | mkw-ana v0.16 r1765 - 2014-01-18
| |
− | | |
− | - The tool accepts now the following dump formats:
| |
− | - PCAP v2.4: Big or little endian, micro- or nanoseconds format.
| |
− | - PCAP v2.4 modified: Like PCAP, but with an extended packet header.
| |
− | - PCAP-NG v1.0: Big or little endian. Only the `Enhanced Packet Block´ is
| |
− | supported to retrieve packets.
| |
− | - Optional bzip2 compression of all dump formats.
| |
− | - Complete new handling of ARP, DNS and TCP packets. They will now be handled
| |
− | as records and are written to the output file, if option --write is set.
| |
− | - New record types: ARP, DNS, TCP, QUERY, TPARAM, UPARAM.
| |
− | - New global option: --wide[=width]: Usually hexdumps cover 16 bytes per
| |
− | line. If option --wide is set, 32 bytes per line are covered. Optional it
| |
− | is possible to enter a value.
| |
− | - New keywords for option --log-mode:
| |
− | 'QUERY' : Dump database quers (DB,table,select,where).
| |
− | 'REGION' : Dump region and world wide queries.
| |
− | 'TCP' : Shortcut for QUERY,REGION: Log all TCP related stuff.
| |
− | - New options: Option --color forces colorized text (where supported).
| |
− | It is enabled by default for output to terminals. Option --no-color
| |
− | disables colorized text at all.
| |
− | - New command: COLORS: Test colorized text by printing it in different modes
| |
− | (colors, bold, underline). Also test the options --color and --no-color.
| |
− | - New command LIST: List all stage or record names.
| |
− | - More options to filter packets for dumps: --and, --receive-mac (--rmac),
| |
− | --send-mac (--smac) and --transfer-mac (--tmac).
| |
− | - New options to control MAC printing in dumps: --show-mac and --hide-mac.
| |
− | - The new options --real-time-factor (--rtf) and --real-time-wait (--rtw)
| |
− | help to analyze old dumps in real time, time-laps or slow-motion.
| |
− | | |
− | mkw-ana v0.15 r1703 - 2014-01-04
| |
− | | |
− | - Cup index is now read from BMG.
| |
− | - Update of BMG files.
| |
− | - New option --log-mode=list (or short --lmd=list): Define, which elements
| |
− | are included into the log file or output. Allowed keywords are: STATUS,
| |
− | SELECT, DRIVER, RACE, EVENT, TOTAL, CHEATS, NONE and ALL (default).
| |
− | | |
− | mkw-ana v0.14 r1688 - 2013-10-19
| |
− | | |
− | - New option: --ct-code[=mode]: Enables or disables CT-CODE support (more
| |
− | than 32 tracks). Allowed keywords are DISABLED, AUTO (default), ENABLED.
| |
− | Without parameter, CT-CODE support is enabled.
| |
− | | |
− | mkw-ana v0.13 r1683 - 2013-09-07
| |
− | | |
− | - Improved built-in help system. Type "mkw-ana help help" for details.
| |
− | - New option --ana=file: Opens a output file to store analysis data.
| |
− | - New option: --ana-mode=list (short: --amd=list):
| |
− | Print only the specified events to the analysis file.
| |
− | - New options --hms and --hms-info to print relative timestamps in HH:MM:SS.
| |
− | </pre></spoiler>
| |
− | | |
− | === Built-in Help ===
| |
− | | |
− | Let's start with the built-in help as an overview about the tool:
| |
− | | |
− | <spoiler><pre>
| |
− | | |
− | mkw-ana v0.18/x86_64 r1836 -- Dirk Clemens -- 2014-03-24 | |
− | --------------------------------------------------------
| |
− | | |
− | mkw-ana : Analyze network dumps (created by tcpdump) and print summaries.
| |
− | | |
− | Syntax: mkw-ana [option]... command [option|parameter|file]...
| |
− | | |
− | | |
− | Commands:
| |
− | | |
− | VERSION : Print program name and version and exit.
| |
− | HELP | H : Print help for commands and options.
| |
− | ARGTEST : This debug command accepts all kinds of parameters and
| |
− | prints one line for each parameter or option.
| |
− | TEST : Test options: All options are allowed, some are printed.
| |
− | COLORS : Ignore all parameters and print clored text as test.
| |
− | ERROR | ERR : Translate exit codes to message names. If no exit code is
| |
− | entered, print a table with all error messages.
| |
− | LIST : List the keywords of a class. Allowed classes are:
| |
− | STAGES, RECORDS and ALL.
| |
− | FRIENDCODES | FC : Calculate friend codes and player ids. For each scanned
| |
− | parameter a line with a decimal friend code, a
| |
− | hexadecimal friend code, a decimal player ID and a game
| |
− | ID is printed. Various formats are accepted for input.
| |
− | | |
− | DUMP0 | D0 : Print a raw dump of all packets. This dump can be used
| |
− | for all network dumps, not only for MKWii.
| |
− | DUMP1 | D1 : Packet based hex dumper.
| |
− | DUMP2 | D2 : First record based hex dumper.
| |
− | DUMP3 | D3 : New and improved variant of DUMP2 (record based).
| |
− | DUMP | D : Use the best/latest dumping mode (depends on options). At
| |
− | the moment DUMP is an alias for DUMP3.
| |
− | | |
− | FLOWRATES | F : Print flowrates of the data traffic. This command can be
| |
− | used for all network dumps, not only for MKWii.
| |
− | DNS : Print DNS and optional ARP packets in human readable
| |
− | format. This command can be used for all network dumps,
| |
− | not only for MKWii.
| |
− | | |
− | SILENT | SIL : Iterate and analyse the source files, but print nothing.
| |
− | ANALYZE | ANA : Analyze the dump files for special information and print
| |
− | it a machine readable list, one line per record.
| |
− | Parameter MODELIST is a comma separated list of keywords.
| |
− | Each keyword enables one kind of analysis:
| |
− | * PARAM-NAMES: Print names of STRING-PARAM records, one
| |
− | line for each LIST.
| |
− | * NICKS: Collect data about user and their nicks and
| |
− | friend lists.
| |
− | * ALL: All of above.
| |
− | SERVERS | SER : Print statistics about all servers.
| |
− | CLIENTS | CLI : Print statistics about all clients.
| |
− | USERS | U : Print statistics about all users.
| |
− | RECORDS | R : Print all record names.
| |
− | COUNT | CNT : Count the record types.
| |
− | STAGES | S : Print all stages.
| |
− | LOG | L : Print all stages including tables.
| |
− | TRACKS : Print all track selections.
| |
− | TOTALS | T : Print all totals as text dump.
| |
− | | |
− | RACE : Live race table of all players. The screen is updated
| |
− | every 0.5 seconds.
| |
− | | |
− | Type 'mkw-ana HELP command' to get command specific help.
| |
− | | |
− | Global options:
| |
− | | |
− | -V --version Stop parsing the command line, print a version info and
| |
− | exit.
| |
− | -h --help Print help and exit. If the first non option is a valid
| |
− | command name, then a help for the given command is
| |
− | printed.
| |
− | --xhelp Stop parsing the command line and print a help message
| |
− | with all commands included. Exit after printing.
| |
− | --width width Define the width (number of columns) for help and some
| |
− | other messages and disable the automatic detection of the
| |
− | terminal width.
| |
− | -q --quiet Be quiet and print only error messages. All previous
| |
− | --verbose are canceled. Multiple usage is possible. The
| |
− | impact is command dependent.
| |
− | -v --verbose Be verbose and print more progress information. All
| |
− | previous --quiet are canceled. Multiple usage is possible.
| |
− | The impact is command dependent.
| |
− | -A --allow-all Usually commands accept only options with impact to the
| |
− | command. All other options fire a syntax error. But if
| |
− | --allow-all is set, all commands accept all options.
| |
− | This makes changing the command of a long command line
| |
− | without removing useless options easier. It also helps to
| |
− | override wrong option permissions.
| |
− | --de Use german names.
| |
− | --ct-code [=mode]
| |
− | Define the CT-CODE support modus. Allowed keywords are
| |
− | DISABLED, AUTO (default) and ENABLED. Without parameter,
| |
− | CT-CODE support is enabled.
| |
− | --color Force colorized text. This is the default, if an output
| |
− | file is a terminal.
| |
− | --no-color Deactive colorized text. This is the default, if an output
| |
− | file is not a terminal.
| |
− | --old Use old implementation if available. All previous --new
| |
− | are canceled.
| |
− | --new Use new implementation if available. All previous --old
| |
− | are canceled.
| |
− | | |
− | --bmg file Read a BMG text file to scan online chat messages and
| |
− | track, driver and vehicle names. Disable auto load of BMG
| |
− | files. Multiple usage is possible.
| |
− | --team file Read a text file for team assignments and disable auto
| |
− | load of team files. Multiple usage is possible.
| |
− | --origin x,y,z Define an alternative origin for positions.
| |
− | --rel Print timestamps as seconds relative to the beginning.
| |
− | Dependent of option --long the formats are: 'SSSSS',
| |
− | 'SSSSS.s' or 'SSSSS.sss'
| |
− | --rel-info Like --rel, but reset the origin whenever a reference time
| |
− | is defined in the info file.
| |
− | --hms Enable relative time stamps Like --rel, but print them in
| |
− | HH:MM:SS instead in seconds only.
| |
− | --hms-info Short cut for '--rel-info --hms'.
| |
− | -w --wide [=width] Usually hexdumps covers 16 bytes per line. If --wide is
| |
− | set, 32 bytes per line are covered. Optional it is
| |
− | possible to enter a value. This option is ignored if using
| |
− | --one-line or --sep-lines.
| |
− | -a --ascii Append an ASCII character dump behind the hexdump. This
| |
− | option is ignored if using --one-line or --sep-lines.
| |
− | --ana file Open a log file and dump text lines for further analysis.
| |
− | The first word of each line classified the output type. If
| |
− | first character of 'file' is a '+', append data to an
| |
− | already existent file. If the filename is only '-', then
| |
− | dump to stdout.
| |
− | --ana-mode list Print only the specified events to the analysis file.
| |
− | --amd is a short cut. A comma separated list of keywords
| |
− | is expected: CHEATS=IT-CHEATS, XCHEATS=CHEATS,IT-XCHEATS,
| |
− | ITEM, EV-DLEN, EV-ALL-DLEN, EV-NAME. Also available:
| |
− | CLEAR, DEFAULT and ALL. If flag SINGLE is set, repeat
| |
− | count support is disabled. If flag FLUSH is set, the
| |
− | output is flushed for each line.
| |
− | | |
− | Command specific options with common description:
| |
− | | |
− | | |
− | --adjust float Adjust time stamps of the network dump by adding 'float'
| |
− | seconds. This may help to synchronize different dumps.
| |
− | --skip float Skip first 'float' seconds of each read network dump.
| |
− | Negative values are relative to the end (or ignored for
| |
− | pipes).
| |
− | --term float Terminate each dump at 'float' seconds. Negative values
| |
− | are relative to the end (or ignored for pipes).
| |
− | --combine Logical combine network dumps to one single dump before
| |
− | executing options --skip and --term.
| |
− | --checksum Normally, UDP packets with wrong checksums are dropped. If
| |
− | --checksum is set, the checksums are calculated, but no
| |
− | packet is dropped. Some dumps will print a status info. If
| |
− | set twice, checksums are never calculated and assumed to
| |
− | be correct. --csum is a short cut.
| |
− | -f --follow Don't close the last input dump on reaching end of file.
| |
− | Instead wait for appended data. This works like the unix
| |
− | tool 'tail -f'.
| |
− | --ip addr[:port]
| |
− | Define an address (IP or DNS name) and optional a port for
| |
− | filtering. Only packets from or to this host are accepted,
| |
− | all others are ignored.
| |
− | --home addr Define an address (IP or DNS name) as home client.
| |
− | Without this options, the tool tries to determine the
| |
− | home client by analysing sender and receiver of the first
| |
− | non filtered packet. A local network (10/8, 172.16/12,
| |
− | 192.168/16, 169.254/16) has priority over a non local
| |
− | network. If sender and receiver have the same priority,
| |
− | the IP of the sender is used.
| |
− | --wii addr[:port]
| |
− | Define an address (IP or DNS name) and optional a port as
| |
− | home client and for filtering. This options is a shortcut
| |
− | for '--home addr --ip addr:port'.
| |
− | --write file Write filtered network packets as PCAP v2.4 to 'file' with
| |
− | local endian and microseconds format.
| |
− | --real-time-factor factor
| |
− | If set (>0.0), the time differences of the packet time is
| |
− | compared with the real time difference. If a packet will
| |
− | be served to early, the tool sleeps a while.
| |
− | Value 1.0 force a real time dump. Values >1.0 force a
| |
− | time-laps effect and values <1.0 a slow-motion effect.
| |
− | --rtf is a short cut.
| |
− | The intention of this option is to simulate a regular
| |
− | input stream on already dumped and stored data in real
| |
− | time. Use this option never for live incoming data,
| |
− | because packets may be lost.
| |
− | --real-time-wait seconds
| |
− | If set (>0.0) and the real time option --real-time-factor
| |
− | is enabled, it defines the maximum real time between 2
| |
− | packets. The default is 5 seconds. --rtw is a short cut.
| |
− | | |
− | -p --no-proxy Don't dump proxy packets (packets, which contains a PROXY
| |
− | record).
| |
− | --and If one or more filters are enabled by --receive, --send,
| |
− | --receive-mac, --send-mac, --receive-ip or --send-ip, then
| |
− | a packet or record is only dumped, if it match to at least
| |
− | one of the enabled filters.
| |
− | But if --and is set, a packet must match *all* enabled
| |
− | filters.
| |
− | -r --receive Dump only network packets received by the home client
| |
− | (option --home). For combinations with other packet
| |
− | filters see option --and.
| |
− | -s --send Dump only network packets send by the home client (option
| |
− | --home). For combinations with other packet filters see
| |
− | option --and.
| |
− | --receive-mac addr
| |
− | Dump only network packets received by the entered MAC
| |
− | address. --rmac is a short cut for --receive-mac. For
| |
− | combinations with other packet filters see option --and.
| |
− | --send-mac addr Dump only network packets send by the entered MAC address.
| |
− | --smac is a short cut for --send-mac. For combinations
| |
− | with other packet filters see option --and.
| |
− | --transfer-mac addr
| |
− | Dump only network packets receiced or send by the entered
| |
− | MAC address. --tmac is a short cut for --transfer-mac and
| |
− | both are short cuts for '--rmac addr --smac addr'.
| |
− | --receive-ip addr
| |
− | Dump only network packets received by the entered address
| |
− | (IP or DNS name). --rip is a short cut for --receive-ip.
| |
− | For combinations with other packet filters see option
| |
− | --and.
| |
− | --send-ip addr Dump only network packets send by the entered address (IP
| |
− | or DNS name). --sip is a short cut for --send-ip. For
| |
− | combinations with other packet filters see option --and.
| |
− | --transfer-ip addr
| |
− | Dump only network packets receiced or send by the entered
| |
− | address. --tip is a short cut for --transfer-ip and both
| |
− | are short cuts for '--rip addr --sip addr'.
| |
− | -L --length ranges Dump only UDP packets with specified UDP data length. The
| |
− | 8 bytes long UDP header does not count.
| |
− | The parameter is a comma separated list of INDEX,
| |
− | INDEX1:, INDEX1:INDEX2 and INDEX#LENGTH elements.
| |
− | -S --stage list Dump UDP packets only, if one of the entered stages is
| |
− | active.
| |
− | The parameter is a comma separated list of stage names,
| |
− | optional preceeded by '+' (enable) or '.' (disable). Type
| |
− | 'mkw-ana test' for a list of stages or use the dumps to
| |
− | identify stage names.
| |
− | --xevent Support the XEVENT record type. It is an overlay over the
| |
− | ITEM and EVENT records. --xeve is a shortcut. The option
| |
− | is automatically set, if --type or --TYPE call the XEVENT
| |
− | record.
| |
− | -t --type list Dump UDP packets only, if at least one record of the
| |
− | packet match the entered record list.
| |
− | The parameter is a comma separated list of record names,
| |
− | optional preceeded by '+' (enable) or '.' (disable). Type
| |
− | 'mkw-ana test' for a list of records or use the dumps to
| |
− | identify record names.
| |
− | -T --TYPE list Same as --type except for command DUMP3.
| |
− | | |
− | -b --brief If set once, the header (timestamp and client info) of
| |
− | single line dumps becomes smaller. If set twice, timestamp
| |
− | and client info are not printed. All previous --long are
| |
− | canceled.
| |
− | -l --long This option is relevant for single line dumps. Usually the
| |
− | time format is printed as 'MM:SS.s' to keep the lines
| |
− | small. If set once, 'HH:MM:SS.s' is used. If set twice,
| |
− | 'HH:MM:SS.sss' is used. All previous --brief are canceled.
| |
− | --list Print a list of events instead of a summary.
| |
− | -1 --one-line Print the hexdumps as one line for each record. This makes
| |
− | the dumps horizontal very large, but it is good for
| |
− | comparing objects of the same type. Very helpful is to
| |
− | pipe the output to 'less -S', which supports horizontal
| |
− | scrolling.
| |
− | If set twice, some record types are not split into sub
| |
− | records.
| |
− | -2 --sep-lines Dump one line per record (like option --one-line) and an
| |
− | empty line between packets.
| |
− | --show-mac Show the MAC addresses of packets in some dumps. This is
| |
− | enabled by default, if at least one MAC packet filter
| |
− | (--receive-mac or {--send-mac) is enabled.
| |
− | --hide-mac Hide the MAC addresses of packets in all dumps. This is
| |
− | the default, if no MAC packet filter is enabled.
| |
− | -n --native If set, some known values are printed in native format
| |
− | instead as simple hex number. If set twice, some other
| |
− | values, that will destroy the column layout of the
| |
− | hexdump, will printed in native format too.
| |
− | -x --hex Some records are printed as hex and string combination by
| |
− | default. If --hex is set, then print the3se records as hex
| |
− | dumps.
| |
− | -d --delta If set, record data is compared with the data of the
| |
− | previous record of same type and client. If a nibble (4
| |
− | bits) is unchanged, a '-' is printed intead of a hex
| |
− | digit.
| |
− | -I --index ranges Dump only bytes with an index selected by the range list.
| |
− | This make the hex dump smaller especially for one-line
| |
− | dumps.
| |
− | The parameter is a comma separated list of INDEX,
| |
− | INDEX1:, INDEX1:INDEX2 and INDEX#LENGTH elements.
| |
− | -P --print list Print only the specified columns of the output table. A
| |
− | comma separated list of keywords is expected: RANK,
| |
− | XTIME=TIME+DELAY+LAST, POS=X-POS+Y-POS+Z-POS, DIR,
| |
− | SPEED=3D-SPEED,H-SPEED, STATUS, DRIFT=D-COUNT+D-CHEAT,
| |
− | XDRIFT=DRIFT+D-MINTIME, ITEM=I-CHEAT+I-COUNT+I-SUMMARY,
| |
− | CHEAT=D-CHEAT,I-CHEAT, FC, WHO=MINI-FC+NAME. Also
| |
− | available: NONE, MIN, DEFAULT, MAX, ALL.
| |
− | | |
− | --min-race num This is a statistic option: If a Grand Prix (single or
| |
− | team) is aborted, the results of the Grand Prix are only
| |
− | used in the statistics, if NUM races has been completed.
| |
− | The default is 2 and possible values are 0..4.
| |
− | --drift Print drift statistics during logging.
| |
− | | |
− | --log file Log into the file using the same output as command LOG. If
| |
− | first character of 'file' is a '+', append data to an
| |
− | already existent file. If the filename is only '-', then
| |
− | log to stdout.
| |
− | --log-mode list Define, which elements are included into the log file (see
| |
− | --log). --lmd is a short cut. A comma separated list of
| |
− | keywords is expected: STATUS, SELECT, DRIVER, RACE, EVENT,
| |
− | TOTAL, CHEATS, TCP, QUERY, REGION, DEFAULT, XTCP, NONE and
| |
− | ALL.
| |
− | --md file Create a MakeDoc script with results after each race.
| |
− | --mdx file Create a MakeDoc script with results after each race. Same
| |
− | as --md, but replace %E, %R, %N and %T in the filename by
| |
− | 'event id', 'race id', 'total race' and 'event type' to
| |
− | create different files.
| |
− | --php file Create a php script with results after each race.
| |
− | --phpx file Create a php script with results after each race. Same as
| |
− | --php, but replace %E, %R, %N and %T in the filename by
| |
− | 'event id', 'race id', 'total race' and 'event type' to
| |
− | create different files.
| |
− | --sleep float Sleep 'float' seconds after a race has finished. This
| |
− | option slows down a simulation run direct after logging
| |
− | and printing the race statistics. Start with values of the
| |
− | range from 3 to 15 seconds.
| |
− | | |
− | --mii dir Extract Miis to the already existing directory 'dir'.
| |
− | Existing Mii files will be overwritten.
| |
− | --gid game_id Define the game ID for friend code calculations. Up to 4
| |
− | characters of the parameter replace the default value RMCJ
| |
− | (Mario Kart Wii).
| |
| | | |
− | </pre></spoiler>
| |
| | | |
| === General Description === | | === General Description === |