I'd like to add CAN bus support to Wireshark under Windows (unfortunately), and I'm hoping someone can give me an idea where to start.
WS currently has a dissector for CAN (Controller Area Network) data - but I'm assuming that the source of the data is from the socketcan library (is that correct?) which is a patch to the Linux sockets stack.
I've got a USB CAN interface with a Windows driver, so I can get the live data very easily, but I'm trying to work out the best way to get that data into WS.
Any pointers gratefully accepted.
Yes, there is a dissector that uses SocketCAN. It's defined in the file:
If you have to ability to write a driver, I would go that way on Windows, as there is no direct USB sniffer support right now (on windows).
One idea, would be to allow wireshark to read from a pipe. Your driver would access the CAN bus via USB and provide the data through a pipe. If you provide the data in a from the SocketCAN dissector understands (not sure if that's easy or even possible), you might be able to re-use that dissector.