Wireshark mailing list archives

Re: DeviceNet dissector

From: Hans-Jörgen Gunnarsson <Hag () hms se>
Date: Tue, 21 Aug 2012 09:26:31 +0000

I have now built a program that takes the frames and sends them into Wireshark through a pipe. Works really good, 
thanks for the tip.

In Wireshark the frames go into the SocketCAN dissector which I have modified and added DeviceNet to. Next step is to 
build the DeviceNet Dissector.

I want to tie the DeviceNet dissector to the existing CIP dissector, but in order to use the CIP Dissector I have to 
modify the packet and insert body type information and perhaps modify it so that it fits the CIP-protocol. Is it 
possible to do that? And if possible, is there some information somewhere about how to do it? My Google Ninja skill 
haven't been able to find any information. 

Regards 
Hans-Jörgen

-----Original Message-----
From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Kurt Knochner
Sent: den 10 augusti 2012 15:40
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] DeviceNet dissector


Hans-Jörgen Gunnarsson wrote:

We are trying to develop a dissector for DeviceNet. We want it to ...
and partly decodes them. The problem is that it might be better to 
pick the DeviceNet-messages directly from the dongle into Wireshark.
Perhaps through SocketCAN or something like that. ...
We haven't found a good way to do this though. Do you have any ideas 
or thoughts?


Please take a look at my answer in the following question at ask.wireshark.org.

http://ask.wireshark.org/questions/12102/logging-can-bus-data-to-ws-in-windows

I mentioned a project Wsbridge (link in the answer). They faced a similar problem and solved it by using pipes. The 
code for Wsbridge is available and it should give you some ideas.

Regards
Kurt

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com 
______________________________________________________________________
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

DeviceNet dissector Hans-Jörgen Gunnarsson (Aug 10)
- Re: DeviceNet dissector Yegor Yefremov (Aug 10)
  - Re: DeviceNet dissector Hans-Jörgen Gunnarsson (Aug 13)
- Re: DeviceNet dissector Kurt Knochner (Aug 10)
  - Re: DeviceNet dissector Hans-Jörgen Gunnarsson (Aug 21)
- <Possible follow-ups>
- Re: DeviceNet dissector mmann78 (Aug 21)
  - Re: DeviceNet dissector Hans-Jörgen Gunnarsson (Aug 24)
- Re: DeviceNet dissector mmann78 (Aug 24)