I'd like to add CAN bus support to Wireshark under Windows (unfortunately), and I'm hoping someone can give me an idea where to start.
WS currently has a dissector for CAN (Controller Area Network) data - but I'm assuming that the source of the data is from the socketcan library (is that correct?) which is a patch to the Linux sockets stack.
I've got a USB CAN interface with a Windows driver, so I can get the live data very easily, but I'm trying to work out the best way to get that data into WS.
Any pointers gratefully accepted.
asked 21 Jun '12, 02:17
edited 21 Jun '12, 02:18
Yes, there is a dissector that uses SocketCAN. It's defined in the file:
If you have to ability to write a driver, I would go that way on Windows, as there is no direct USB sniffer support right now (on windows).
One idea, would be to allow wireshark to read from a pipe. Your driver would access the CAN bus via USB and provide the data through a pipe. If you provide the data in a from the SocketCAN dissector understands (not sure if that's easy or even possible), you might be able to re-use that dissector.
answered 21 Jun '12, 23:44
Kurt Knochner ♦
edited 22 Jun '12, 01:01