Re: [Wireshark-dev] Capturing CAN packets

Mon, 23 Apr 2012 08:45:27 -0700 

Hi,

My understanding is that the socketcan part only works on Linux. The attempt 
here was to create a Windows application captures the CAN frames and hands them 
over to Wireshark. The packets could be passed directly on to 
packet-socketcan.c (and then later to packet-canopen.c) if there were a way to 
tag the packets as socketcan packets.

Who should the packets be "tagged" in order to be picked up the following from 
the packet-socketcan.c=

                dissector_add_uint("wtap_encap", WTAP_ENCAP_SOCKETCAN, 
can_handle);
                dissector_add_uint("sll.ltype", LINUX_SLL_P_CAN, can_handle);

Thanks,
Joakim

From: [email protected] 
[mailto:[email protected]] On Behalf Of Anders Broman
Sent: den 23 april 2012 17:21
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Capturing CAN packets

Hi,
How does this relate to the existing dissectors packet-socketcan.c and 
packet-canopen.c ?
Regards
Anders

________________________________
From: [email protected] 
[mailto:[email protected]] On Behalf Of Joakim Wiberg
Sent: den 23 april 2012 17:13
To: [email protected]
Subject: [Wireshark-dev] Capturing CAN packets
Hi,

We have some interns that have written a dissector for CAN and is also have the 
possibility do dissect protocols running on CAN. To capture the CAN packets 
special hardware is required, for now they have a simple app that reads the CAN 
packets and encapsulates them into an Ethernet frame and passes it on to a NIC.

Today the CAN data is encapsulated as a in the 802.3 frames using the SNAP 
header on an unregistered oui. This is a similar to how BACnet MS/TP frames are 
captured on RS-485 and passes them on to Wireshark.

Is this CAN dissector that you could consider adding to Wireshark? If yes what 
would be the preferable way to encapsulate the CAN frames to have them passed 
on to Wireshark?

Thanks,
Joakim


______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]?subject=unsubscribe

Reply via email to