Wireshark mailing list archives

Re: Capturing CAN packets

From: Joakim Wiberg <jow () hms se>
Date: Thu, 26 Apr 2012 14:03:22 +0000

Any suggestions on how we shall encapsulate the CAN frames in Ethernet frames to make them show up in Wireshark in a 
logical way. 

The current implementation that's using a OUI in the SNAP header works, but is this the preferable way? Is it better to 
use an unused Ethernet type, or something else?

Thanks,
Joakim

-----Original Message-----
From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Joakim Wiberg
Sent: den 24 april 2012 09:37
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Capturing CAN packets

The socketcan dissector seems to decode the same things that we intended to provide as well. Your suggesting adding a 
packet-can.c where higher layer protocols can hook up makes sense.

Any suggestions on how the Windows app shall interface with Wireshark? Is the usage of an OUI in the SNAP header a 
feasible or shall we look at some other way?

Thanks,
Joakim

-----Original Message-----
From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Felix 
Obenhuber
Sent: den 23 april 2012 19:06
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Capturing CAN packets

Hi,

On Mon, Apr 23, 2012 at 5:43 PM, Joakim Wiberg <jow () hms se> wrote:

My understanding is that the socketcan part only works on Linux. The 
attempt here was to create a Windows application captures the CAN 
frames and hands them over to Wireshark. The packets could be passed 
directly on to packet-socketcan.c (and then later to packet-canopen.c) 
if there were a way to tag the packets as socketcan packets.


Yes, SocketCAN runs on Linux only.

Maybe a dedicated CAN dissector ( e.g packet-can.c) with it's own format (or why not take the very well designed 
SocktCAN format?) might be a good idea for a clear design. This CAN dissector is served by the SocketCAN dissector and 
your Windows CAN implementation.
The CanOpen (and other high level protocols like J1939) dissectors hook up on the CAN dissector.

Please note that the the data format that is used within the SocketCAN dissector is declared in the SocketCAN 
implementation (e.g struct can_frame and the bits coded into the id field). Furthermore SocketCAN defines a full set 
error codes that are indicated by the error flag in the id and transmitted in the data bytes.

Here you can find the corresponding headers with some details about SocketCAN:

https://gitorious.org/linux-can/linux-can/blobs/master/include/linux/can.h
https://gitorious.org/linux-can/linux-can/trees/master/include/linux/can/

cheers,

Felix
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com 
______________________________________________________________________
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com 
______________________________________________________________________
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Capturing CAN packets Joakim Wiberg (Apr 23)
- Re: Capturing CAN packets Anders Broman (Apr 23)
  - Re: Capturing CAN packets Joakim Wiberg (Apr 23)
    - Re: Capturing CAN packets Felix Obenhuber (Apr 23)
    - Re: Capturing CAN packets Joakim Wiberg (Apr 24)
    - Re: Capturing CAN packets Joakim Wiberg (Apr 26)
    - Re: Capturing CAN packets Felix Obenhuber (Apr 26)
    - Re: Capturing CAN packets Joakim Wiberg (Apr 27)