700/1400 were quite nice and powerful boxes. Were, because after a tremendous development effort, the new 1500 series were intorduced in 2019, leveraging a more powerful hardware architecture and, more important, bringing the SMB line to R80 world and unifying the management options - thus, the 700/1400 series will reach end of sale in May 2020 and, aligned with Support Life Cycle Policy, maintenance releases and/or bug fixes will be supplied until October 2022. That means a full 5 1/2 years lifecycle of the 700/1400 line, far beyond the common hardware obsolescence.

So, maintenance releases and/or bug fixes, no new software development. What if I need a tool (executable, user-space) which was not included in the software package (R77.20.87 JHF Build 990173004 General Availability release is the latest at the time of writing) and is not mandatory for the proper functioning of the platform, to be included in maintenance releases ? Remember - using even the executables supplied with the software package in expert mode is not supported, meaning that TAC will not assist you in troubleshooting the proper or improper usage of them.

Well, I could help myself and compile the tool for the platform. Disclaimer: the activities described in this post are neither  endorsed, approved nor supported by the organization - they are the result of individual explorations and described only for educational purposes; the results were not assessed by the rigorous QA routines applied to GA releases. Please read carefully the EULA regarding implications before any attempt to reproduce the procedures described in this post.

That being said, I would like to have the powerful OS tool, strace, running on my 730. Warning: tracing a process can heavily affect performance up to two orders of magnitude slow-down in syscalls, please think twice before using in a production environment.

A decent development environment is required. Mine is an oldish i5 gen3 / 8 GB DRAM running Ubuntu 16.04 x86_64 LTS. If running a newer version, the operations described might need to be adjusted to the environment.

A cross compiling set of tools is also required (you are not logged in as root, are you?):

sudo apt-get install -y wget curl git python \
gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf binutils-arm-linux-gnueabihf \
make gcc binutils patch build-essential bc\
flex bison gawk libncurses5-dev gettext autoconf automake autotools-dev xz-utils

run dpkg -L on gcc-arm-linux-gnueabihf, g++-arm-linux-gnueabihf and binutils-arm-linux-gnueabihf and record the install location, you might need it later.

Note: the GNU toolchain is not the original one used to compile the software release, you can run strings on binaries on the box to find out the original one, which is still freely available).

The source - I used strace-4.14 and not the latest version available on https://github.com/strace/strace because starting with version 4.15 strace is able to modify return/error code of the syscalls, and to inject signals upon their execution. Pretty dangerous!

Get the source, extract it and step in the source folder (adjust to your own $PWD

wget https://sourceforge.net/projects/strace/files/strace/4.14/strace-4.14.tar.xz
tar -xvf strace-4.14.tar.xz
cd strace-4.14

To keep it simple, configure the build for a statically linked executable on the target ARM architecture:

env \
CC=arm-linux-gnueabihf-gcc \
LDFLAGS="-static" \
AR=/usr/bin/arm-linux-gnueabihf-ar \
./configure --build x86_64-pc-linux-gnu --host arm-linux-gnueabihf

Review the Makefile and run

make

Note that statically linked binaries require at runtime the shared libraries from the glibc version used for linking.

Let's inspect it the output:

ps-101-ro@PS-101-RO:~/strace-4.14$ ll strace
-rwxr-xr-x 1 ps-101-ro root 1808548 mar 28 15:37 strace*
ps-101-ro@PS-101-RO:~/strace-4.14$ file strace
strace: ELF 32-bit LSB executable, ARM, EABI5 version 1 (GNU/Linux), statically linked, for GNU/Linux 3.2.0, BuildID[sha1]=6ea347bca3a91079c96b72fbfd59de6ffff70cb4, not stripped

Shrink the binary:

ps-101-ro@PS-101-RO:~/strace-4.14$ /usr/bin/arm-linux-gnueabihf-strip strace
ps-101-ro@PS-101-RO:~/strace-4.14$ ll strace
-rwxr-xr-x 1 ps-101-ro root 750976 mar 28 15:44 strace*

Use your favourite method (scp or sneakernet on FAT32 formatted USB) to load the executable in /storage folder on the 730. Mine runs:

[Expert@730]# uname -a
Linux 730 3.10.20-al-5.0-pr2 #1 SMP Wed Jun 19 10:20:09 IDT 2019 armv7l arm GNU/Linux
[Expert@730]# clish -c "show diag" | head -11
Current system info
-----------------------------------
Current image name: R77_990173004_20_87
Current image version: 004
Previous image name: R77_990172929_20_87
Previous image version: 929
Default image name: R77_990170952_20_31
Default image version: 952
Bootloader version: 68

Switch to /storage and give strace a try:

[Expert@730]# ./strace -V
strace -- version 4.14

Let's attach strace to a running process, say arping (if you're wondering what arping might do, think of gateway monitoring):

[Expert@730]# PIDOFARP=`ps -ef | grep -v grep | grep arping | OFS=" \t" awk '{print $2}'`
[Expert@730]# strace -v -e trace=sendto -o /storage/strace.out -p $PIDOFARP -f
strace: Process 4451 attached
^Cstrace: Process 4451 detached

and check the output:

[Expert@730]# tail /storage/strace.out
4451 --- SIGALRM {si_signo=SIGALRM, si_code=SI_KERNEL} ---
4451 sendto(22,"\0\1\10\0\6\4\0\1\0\34\177s\rw\254\21k\32\270\312:\312\204\277\254\21k\274", 28, 0, {sa_family=AF_PACKET, sll_protocol=htons(ETH_P_ARP), sll_ifindex=if_nametoindex("WAN"), sll_hatype=ARPHRD_ETHER, sll_pkttype=PACKET_HOST, sll_halen=6, sll_addr=[0xb8, 0xca, 0x3a, 0xca, 0x84, 0xbf]}, 20) = 28

QED

If your're interested, I posted the exercise of having hping3running on 730 (why would someone want to run hping from the firewall and not through the firewall?).

Stay healthy, stay secured!