Wireshark-dev: Re: [Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
Hello all!
I would like to create a Wireshark plugin for the PEAK CAN devices.
Wireshark works fine with these devices on Linux over SocketCAN, however
on Windows I did not found any way to utilize them.
Is there any open source CAN input plugins out in the wild what I could use as a starting point?
I only found this one from CCS:
https://canlogger.csselectronics.com/files/wiresharkplugin/WS_v2.4-Plugin_v7.1.zip
Unfortunately it is operating at the OBD level, however I would like pass raw CAN frames to Wireshark. (And at the another hand it looks a bit outdated.)
Best regards,Miklos Marton
Hi Miklos,
About 2 years ago I created a plugin to capture CAN packets in
windows from a device called AnaGate CAN. This AnaGate CAN unit
uses a tcp/ip connection to communicate with another computer and
of course its own protocol. You can probably find some emails from
me about this topic here in the mailing list.
It also took a fairly long time to find out how the extcap plugins work (no descent/commented examples present) and rudimentary error handling is missing in the wireshark extcap interface towards the wireshark framework. I still need to address that in the mailing list. It was a fairly long time ago so it could have changed in the meanwhile.
This extcap plugin I made was written with a lot of comments and uses (as far as I know) the best practices how to use the interface, the purpose was to give it back to the community as a well documented example for other starters so they don't spoil there precious time. This plugin also has a user interface where you can configure parameters, so this can be a good starting point for you.
A had to reverse engineer the right calls to use, because none of the existing plugins do things a similar way (different ordering, missing things in some existing extcap plugins etc.) and it was totally unclear to me which calls are best to be used. Also how to integrate the sources into the build system were not (completely) documented.
The plugin does work, but error handling is missing because of
lacking support in the wireshark framework and if something goes
wrong you need to kill the sub process or wait for a timeout. I
cannot fix that in the plugin itself. Another thing I need to
check/implement if it can be made more efficient by using
poll()/select() in the loop code.
Also I need to test in under Linux, the code is aware of it but
never tested.
I need to dig-up the code and port it to the latest version, the previous version I used was wireshark 2.9.1.
The PCAN-USB does it the a serial device class on USB or some
proprietary protocol?
regards,
Henri
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
- Follow-Ups:
- Re: [Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
- From: Miklos Marton
- Re: [Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
- References:
- [Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
- From: Miklós Márton
- [Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
- Prev by Date: Re: [Wireshark-dev] tvb_get_nstringz0
- Next by Date: Re: [Wireshark-dev] Automated builds failing for macOS since MR 2136 was applied
- Previous by thread: [Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
- Next by thread: Re: [Wireshark-dev] Input plugin for PEAK Systems CAN interfaces
- Index(es):
- Get Wireshark
- Download
- Code of Conduct