Wireshark is a well-known network packet sniffer. Since 2009 it is also capable of capturing CAN frames via SocketCAN interface in Linux. Just configure and activate your CAN interface and it will show up as one of the available sniffing interfaces. The image below shows CAN frames captured via USB-CAN adapter (slcan driver).
Following information will be extracted from CAN frame:
- Identifier
- Extended Flag
- Remote Transmission Request Flag
- Error Flag
As of Wireshark version 1.7.1 CANopen dissector was introduced. See image below.
As CAN has no ports or other remarkable protocol options you’ll have to manually choose, how CAN frames should be interpreted.
And the last note. Though CAN frames can be captured only in Linux, they still can be analyzed on every system Wireshark is running on.
Advertisements
It’s remarkable to pay a visit this site and reading the views of all friends regarding this paragraph, while I am also eager of getting know-how.
By: seo articles on May 3, 2013
at 00:03
do you know how is it possible to replay a capture of can frames ? with cansend for example?
By: david bonnin on February 9, 2017
at 09:31
I don’t know. Basically you can replay wireshark captured traffic via tcpreplay, but I don’t know if it can handle CAN frames. I would ask this question on the linux-can mailing list.
By: yegorich on February 9, 2017
at 09:38