Saturday, 18 September 2010

BusPirate oscilloscope python script

Some time ago I wrote a simple oscilloscope script for Bus Pirate.
Pygame and pyBusPirateLite libraries are needed to run it. Unfortunately the BusPirate firmware sends data collected by ADC very slowly so it's working rather as a live-plot than a real oscilloscope but even though it may be useful.

v 1.0

v 1.2

edit this line in so it points to BusPirate
BUS_PIRATE_DEV = "/dev/ttyUSB0"
Connect ADC and GND lines.
Run and have fun :)

Download here:

New version:
Working only with modified firmware (ADC modification 20.09.2010):
New features:
- trigger on rising/falling slope
- time scaling

Wednesday, 15 September 2010

D-link DIR-100 UART

Few days ago I've bought quite old D-Link DIR-100 cable router especially for experimenting purposes.
First thing that I've wanted to do was to add a serial port connector to see what's running inside it. After opening the case it was easy to find the UART pins on the PCB, as they looked similar as in other D-Link devices.
Here you have them described on a photo:

D-Link DIR-100 UART pins
The UART settings are: 38400 8n1
You must use a voltage shifter (like max232) to connect it with a PC (I use BusPirate ). Connecting UART pins directly to a PC serial port may damage your stuff.

As you can see the PCB is described as "1DI604+EU.B1G" so probably DI-604 and DIR-100 may have exactly the same hardware (perhaps only in specific revisions, as I didn't found any matching DI-604 PCB photo)

BOOT UP dump:

00.01.16(uClinux) (Aug 29 2006 12:52:10)
System Clock Rate: 180MHz, Memory Clock Rate: 130MHz
Detected flash size: total 2MB.
SDRAM size: 16MB
Press 'w' for alpha's web upgrade.
Press 'r' to update run image, or 'a' to change config,
or 'l' to update loader, or 'g' to load run image without updating Flash,
or '2' to enter L2 switch mode(50A), or '3' to enter L2 switch mode(50B) ...
ForceRunLoader=0 ...

Loading runtime image ...
Imag Start Address =0xbe030000
Find a 7zip self-decompressed kernel image, Just GO!
Powered by Realtek RTL8650B SoC, rev 1
CPU revision is: 0000ff00
Init MMU (16 entries)
Primary instruction cache 0kB, linesize 0 bytes.
Primary data cache 0kB, linesize 0 bytes.
Linux version 2.4.26-uc0 (root@redhat9) (gcc version 3.3.3) #2 Thu Aug 24 20:15:20 CST 2006
Determined physical RAM map:
memory: 01000000 @ 00000000 (usable)
NOFS reserved @ 0x8030f730
On node 0 totalpages: 4096
zone(0): 4096 pages.
zone(1): 0 pages.
zone(2): 0 pages.
Kernel command line: root=/dev/mtdblock3 rootfstype=squashfs
Calibrating delay loop... 178.99 BogoMIPS
Memory: 13064k/16384k available (2121k kernel code, 3320k reserved, 100k data, 96k init, 0k highmem)
Dentry cache hash table entries: 2048 (order: 2, 16384 bytes)
Inode cache hash table entries: 1024 (order: 1, 8192 bytes)
Mount cache hash table entries: 512 (order: 0, 4096 bytes)
Buffer cache hash table entries: 1024 (order: 0, 4096 bytes)
Page-cache hash table entries: 4096 (order: 2, 16384 bytes)
Checking for 'wait' instruction... unavailable.
POSIX conformance testing by UNIFIX
NEW PCI Driver...isLinuxCompliantEndianMode=False(Big Endian)
No PCI device exist!!
Linux NET4.0 for Linux 2.4
Based upon Swansea University Computer Society NET3.039
Initializing RT netlink socket
Starting kswapd
pty: 256 Unix98 ptys configured
Serial driver version 5.05c (2001-07-08) with MANY_PORTS SERIAL_PCI enabled
Probing RTL8651 home gateway controller...
Initialize RTL865x ASIC and driver
chip name: 8650B, chip revid: 1
Initialize mbuf...
creating default 2 interfaces...eth0 IRR(6)=c0040000
eth1 ...OK

>>>now is rome 3.4 running ........
DQoS module initialization success!
PPP generic driver version 2.4.2
PPP BSD Compression module registered
Amd/Fujitsu Extended Query Table v1.3 at 0x0040
number of CFI chips: 1
cfi_cmdset_0002: Disabling fast programming due to code brokenness.
Looking for mtd device mtd1:
Found a mtd1 image (0x20000), with size (0x10000).
Looking for mtd device mtd2:
Found a mtd2 image (0x30000), with size (0x9370c).
Looking for mtd device mtd3:
Found a mtd3 image (0xc370c), with size (0xd2000).
Creating 4 MTD partitions on "Physically mapped flash":
0x00000000-0x00020000 : "ldr"
0x00020000-0x00030000 : "alphafs"
0x00030000-0x000c370c : "kernel"
0x000c370c-0x0019570c : "squashfs"
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP, IGMP
IP: routing cache hash table of 512 buckets, 4Kbytes
TCP: Hash tables configured (established 1024 bind 2048)
GRE over IPv4 tunneling driver
NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
VFS: Mounted root (squashfs filesystem) readonly.
Freeing unused kernel memory: 96k freed
initial console created on /dev/ttyS1
Shell invoked to run file: /etc/rc
Command: mount -t proc proc /proc
Command: mount -t ramfs ramfs /var
Command: mkdir /var/tmp
Command: mkdir /var/ppp/
Command: mkdir /var/log
Command: mkdir /var/run
Command: mkdir /var/lock
Command: mkdir /var/flash
Command: #iwcontrol is required for RTL8185 Wireless driver
Command: #iwcontrol auth &
Command: #busybox insmod /lib/modules/2.4.26-uc0/kernel/drivers/usb/quickcam.o
Command: /bin/webs -u root -d /www -i /var/run/ &
Command: #ifconfig wlan0 up promisc
Execution Finished, Exiting

Sash command shell (version 1.1.1)
/> System initializing...Check the crc=0x29eccedf,file_des->chksum=0x29eccedf!
Config info:
table total size[53784|0xd218] === max[196608|0x30000]!
rtl8651_user_pid set to 9

WAN/LAN, Rx shift=10002
session 0 do not have dns server ip...
cfg wan to dhcp client ...

Set IGMP Default Upstream interface (eth0) ... SUCCESS!!
info, client (v0.9.9-pre) started
url filter default set to accept
PPPoE Passthru disabled.
Drop Unknown PPPoE PADT disabled.
IPv6 Passthru disabled.
IPX Passthru disabled.
NETBIOS Passthru disabled.
WebReset drule=0
ReadPPPoESessionInfo: idx=0 id = 0
ReadPPPoESessionInfo: idx=1 id = 0
/www/Status/st_blocked.htm: No such file or directory
get lan ip c0a80001
enable my host is from user space=QoSEnable=0 upLinkBand=128000!
Find a pair, argumenit=QoSEnable, value=0!pBuf=upLinkBand=128000!
Find a pair, argumenit=upLinkBand, value=128000!pBuf=!
tmpUpBW=128000, tmpRsBW=0!
get parameter: DQoS_enable= 0!
get parameter: upLinkBandWidth=128000 kbits!
get parameter: VoIP reserved bandwidth=0 kbits!
interface: eth1
config : /var/neap.conf
get vendor = ALPHA
get model = DIR-100
get version = v0.5.0
get secret =
eth1: ip:, mask:, mac 00:17:9a:db:36:ea
eth1 (ip) =, (netmask) =, adapter index 3
adapter hardware address 00:17:9a:db:36:ea
Into Server listen!!
nothing to monitor
info, server (v0.9.9-pre) started
error, max_leases value (254) not sane, setting to 100 instead
error, Unable to open /var/udhcpd.leases for reading
auto ,en ,dir = /www
dhcpc client deconfig
rtl8651_delNaptMapping: ret -6
rtl8651_delRoute(default): ret -3
rtl8651_delIpIntf: ret -2710
SIOCDELRT: No such process

As the flash memory size is only 2Mb it may be hard to fit an open-wrt or dd-wrt distro, however it's not impossible as I've seen open-wrt running on Edimax BR-6104.
Alternatively I will try to compile and run original D-link source codes available here: