Posted by: yegorich | May 7, 2012

Capturing and Analyzing CAN Frames with Wireshark

Wireshark is a well-known network packet sniffer. Since 2009 it is also capable of capturing CAN frames via SocketCAN interface in Linux. Just configure and activate your CAN interface and it will show up as one of the available sniffing interfaces. The image below shows CAN frames captured via USB-CAN adapter (slcan driver).

Following information will be extracted from CAN frame:

  • Identifier
  • Extended Flag
  • Remote Transmission Request Flag
  • Error Flag

As of Wireshark version 1.7.1 CANopen dissector was introduced. See image below.

As CAN has no ports or other remarkable protocol options you’ll have to manually choose, how CAN frames should be interpreted.

And the last note. Though CAN frames can be captured only in Linux, they still can be analyzed on every system Wireshark is running on.

About these ads

Responses

  1. It’s remarkable to pay a visit this site and reading the views of all friends regarding this paragraph, while I am also eager of getting know-how.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: