What is "plain encapsulation of CAN"? SocketCAN has the format of 4 byte CAN ID. 4 byte length field followed by the CAN data. This is currently only used in "file formats", not anything on the wire. Doesn't mean you can't hook up to it, but your wire data will have to match.
My suggestion would be to write your own dissector, but it should borrow HEAVILY from SocketCAN, including its dissector table. I presume your "plain encapsulation of CAN" is slightly different from the 4 byte CAN ID + 4 byte length, so those are the discrepancies you need to address in your own dissector. Once you have the data length and CAN ID, you can pass that data through the SocketCAN dissector table so it can dissect the next layer (CANopen, DeviceNet, etc) If you make your own dissector (or even modify SocketCAN), because there is no standard ethertype for this, you'll need to use Decode As to dissector and just register your dissector (handle) with the ethertype dissector table. (dissector_add_for_decode_as). -----Original Message----- From: Kumquat KromKiller <[email protected]> To: Developer support list for Wireshark <[email protected]> Sent: Sat, Nov 7, 2015 9:12 am Subject: Re: [Wireshark-dev] CAN over Ethernet I choose how CAN messages will be transported, that is why I said I can add whatever layers I want between Ethernet and CAN. Right now, it's just plain encapsulation of CAN over Ethernet with a custom EtherType greater than 0x0600. Ideally, I would like to avoid making my own dissector. It would be great if captured traffic could be dissected with Wireshark out-of-the-box, even if I have to add several unnecessary layers between Ethernet and CAN. For example, SLL has a non-standard EtherType value for CAN messages but it cannot be encapsulated with Ethernet (there's no standard EtherType value for SLL) Maybe there's a combination of CANopen, SLL, EtherCAT, SocketCAN or whatever that can achieve this ? On Sat, Nov 7, 2015 at 1:57 PM, Roland Knall <[email protected]> wrote: Hi It depends how the CAN messages are being transported within Ethernet. Then you could write a dissector for the method, which in turn calls the CAN dissector. The same thing happens with a lot of other dissectors,the openSAFETY disssector for instance. regards, Roland On Sat, Nov 7, 2015 at 1:33 PM, Kumquat KromKiller <[email protected]> wrote: Hi everyone, I need to transport CAN messages over Ethernet and I would like to be able to dissect them in Wireshark for debugging purposes. Considering the fact that I can add whatever layers I want between Ethernet and CAN, what would be the most efficient way to achieve this ? Thanks. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
