Re: wireshark capture/filtering question

[Graham Bloice <graham.bloice () trihedral com>]

On Fri, 20 Nov 2020 at 14:49, John Dill <John.Dill () greenfieldeng com> wrote:

> I've had some recent discussions about adding some network capture to our
> avionics data capture dashboard program.  Currently, the architecture uses
> a Java program as the GUI and a TCP socket interface for playback/record
> control and data with a C program capturing 1553 data.  The C program has
> the capability of reading from a file or the live card and streaming 1553
> packets to file and to the GUI for processing.
>
>
>
> What I would like to try to do is sniff out the packets for Control
> Display Unit (CDU) key presses and the Display screen data (which includes
> a 24x15 grid of characters and attribute data for each character).
> The initial goal of this is to provide a real time virtual CDU display, and
> if things go well, store the display and key presses packet data so that
> during playback of a recording, one can see a virtual display of what
> happened between what the pilots are doing vs the 1553 data.  All of this
> display data is on a single port, and we currently have a plugin that
> processes all the Network Data Objects for that port.
>
>
>
> The idea that was passed around would be to either integrate the packet
> capture portion in with the existing 1553 data capture program, or
> integrate the 1553 data capture in with a Wireshark command line tool.
> Another factor they are considering is looking at chapter 10 to multiplex
> the 1553 and ethernet data into a single file format, so that complicates
> matters further (although that should make the time sync of 1553 and
> display playback easier).
>
>
>
> I'm just wondering if anyone here has had experience using Wireshark
> utilities as a capture interface for streaming filtered network packets to
> another application, and maybe I can follow in their footsteps.
>
>
> The problem appears to be pretty complex, so hopefully I explained what I
> want to try to do.  As a first pass, I think my goal will be to see if I
> can wrangle a simple dashboard application that takes a live filtered
> stream of packets from dumpcap or tshark, and forward that data to a GUI
> for display (basically part of the backend for a virtual CDU display).
>
>
>
> Any ideas would be greatly appreciated.  If there's some source files to
> study, that would be helpful too.  I've only implemented a few packet
> dissector plugins for various avionics protocols, not gone this deep into
> the internals.
>
>
>
> Thanks,
>
> John D.
>
>
> Hi John,

To clarify, you want to feed the 1553 stream into the wireshark engine,
apply some engine filtering and then output some products of that to
another application?

-- 
Graham Bloice

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe