This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

step by step explanation how to sniff data on serial channel on windows

0

Hello,

Can somebody publish a detailed step by step explanation how to sniff data on serial channel (rs 232 / rs 442 / rs 485) on windows?

The PC already has internal rs232 ports and rs 442/rs485 card installed.

If there is no need to have an external SW, it would be better.

In addition, I have custom dissector written in LUA that is attached to some UDP port. I'd like to use the same dissector over the captured RS data. How this could be done?

Thank you

asked 28 Sep '17, 21:59

BMWE's gravatar image

BMWE
467811
accept rate: 100%

edited 28 Sep '17, 22:12


2 Answers:

0

Looking at the network media supported the serial interface isn't one of them, so without some external means this may not be possible. USB can be captured, so serial data may be visible on that. Otherwise an extcap utility may be of help here.

So, without external support this won't be possible I'm afraid.

answered 29 Sep '17, 02:26

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

can you please elaborate on the full scenario and how to use extcap

(29 Sep '17, 06:58) BMWE

Extcap is an interface specification that allows external applications to act as capture interfaces for Wireshark.

See the document here for more info.

(29 Sep '17, 07:13) grahamb ♦

0

The way I've managed to capture serial data in the past has been to use an Ethernet to serial converter, e.g. A Lantronix UDS1100 that presents a virtual serial port to the PC application but sends the traffic over Ethernet to the converter which is then connected to the serial device. Wireshark is then used to capture the Ethernet traffic and the serial protocol is seen running atop the transport protocol used by the converter, usually TCP.

answered 29 Sep '17, 02:49

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%