Wireshark mailing list archives

Re: Remote fieldbus capture "protocol"

From: Roland Knall <rknall () gmail com>
Date: Sun, 26 Jan 2020 10:32:09 +0100

I’ve implemented similar using either udp or serial, using extcap in both cases. You can take a look at udpdump but in 
my case I wrote it myself using a python extcap on the receiving end. 

The idea is, that you put all information (including the timing of your original protocol) into a frame, send this to 
extcap, which recreates a frame to be displayed using pcap as a format. 

See the documentation of extcap in the developer documents 

Regards
Roland

Am 26.01.2020 um 09:46 schrieb Erwin Rol <mailinglists () erwinrol com>:

Hey all,

I was wondering if there is a remote capture "protocol" that works on
Mac, Windows, and Linux? 

The idea I have is to use a small (and cheap) microcontroller like a
STM32F407 that can capture a fieldbus (RS485 based, etc.) and relay
that in realtime (realtime as in not storing it locally) to a PC
running Wireshark.

I could simply pack it in some UDP protocol and write a dissector for
that, but than I would loose my timing information, because it will be
the timing of wenn the UDP packet has been received and not the time of
when the fieldbus packet was received. 

Is there already anything out there that supports transporting capture
data (including timing) over Ethernet that works on all 3 major
platforms (rcap seems windows only, ssh seems linux only, and both are
to heavy to implement on a microcontroller).

Any info and ideas are welcome.

TIA,

Erwin


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Remote fieldbus capture "protocol" Erwin Rol (Jan 26)
- Re: Remote fieldbus capture "protocol" Roland Knall (Jan 26)
- Re: Remote fieldbus capture "protocol" Patrick Klos (Jan 26)
  - Re: Remote fieldbus capture "protocol" Guy Harris (Jan 26)
  - Re: Remote fieldbus capture "protocol" Michael Klos (Jan 27)
- Re: Remote fieldbus capture "protocol" Guy Harris (Jan 26)