[commits] [Wiki] changed: ActiveSync

Sun Jul 24 16:07:04 UTC 2011

mrubinsk  Sun, 24 Jul 2011 16:07:04 +0000

Modified page: http://wiki.horde.org/ActiveSync
New Revision:  1.97
Change log:  add command for command line traffic capture with tshark

@@ -80,8 +80,16 @@
  * Check the web server error logs and see if there are any PHP  
errors being logged.
  * Configure Horde to send !ActiveSync log messages to a separate  
logfile. This is configured on the !ActiveSync tab of Horde's  
configuration screen.
  * If you are able to, it would also be useful to run a wireshark  
session to capture the network communication.
  * In some cases, it might be useful for us to see the affected  
device's state records in the database.
+
++++Using tshark (command line wireshark) to obtain a network capture
+
+If you want to sniff the traffic on your server, and wireshark is not  
available becuase there is no windowing system, you can use the tshark  
application instead. The following command will capture http traffic  
on port 80, and will ignore most requests we are not interested in.  
It's worth mentioning that for the capture to be useful, you MUST not  
setup SSL on the device. Depending on your user's rights, you may need  
to run this as sudo:
+
+<code>
+tshark 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) -  
((tcp[12]&0xf0)>>2)) != 0)' -w /path/to/capture/file
+</code>

  ++ Todo

  * Implement more recent protocol version support - version 12 or  
maybe 12.1 (Exchange 2007??) should be fairly non-disruptive. Version  
12 would get us more atomic policy settings, local wipe rules, as well  
as the ability to send the policy settings to the client as the more  
compact wbxml. 14 (Exchange 2010?) would probably be lots more work as  
it does away with PING, using SYNC for waiting for changes instead.

