How do I extract the right information of a pcap file with pcap2matlab?
Hey, I want to use data that is in a pcap file in matlab, and for this I found the pcap2matlab function (https://www.mathworks.com/matlabcentr...). However I don't have a good enough understanding of wireshark to make this work so I was hopping somebody might be able to help me out.
My pcap file is of data gathered by a sonar in multiple frames, and it looks like this (https://imgur.com/EqfoodN). From this I need the data that is in Range Data (https://imgur.com/sQnbiMH) and Angles (https://imgur.com/p0ZYZ0d).
Can anybody help me with what kind of commands I need to use to extract the desired data? Thanks!
Edit: As grahamb mentioned the pcap2matlab function uses the same commands as tshark, so if anybody has any experience with that and would like to help me here is the data: https://gofile.io/d/3UnV8S.
Once again thanks for the help!
Edit2: Sorry forgot to add the dissector, here it is: https://gofile.io/d/bCXBDG
Edit3: This was the reply email that I got when asking for the source code:
He would need to learn how to parse PCAP files in Matlab.
Bar that, he could use our WirePlay program to send the PCAP file as Ethernet UDP data. Matlab can ingest UDP and TCP/IP Ethernet data. WirePlay can be downloaded at: http://vvv.r2sonic.com/oldSite/tools/...
If he is trying to deal with Water Column data, Matlab will struggle due to the data rate. Writing a Matlab C executable would be helpful. Or, do the project in Python which has most of the functionality of Matlab.
If dealing with Water Column data, it would be better to use Water Column data files that the sonar GUI can save. This saves the hassle of trying to deal with Ethernet data or PCAP files. Matlab, et al, can chug away at a WC data file at its own pace.
Edit4:
Solution found here: https://ask.wireshark.org/question/18...
Anybody know how I could be able to do this? I have no idea if this is the right place to ask this as I am really unfamiliar with this type of data
Looks like there is a "Wireshark decoder" mentioned here.
Have you tried asking R2SONIC about the decoder?
As @Chuckc implied, the data in the capture doesn't appear to be supported by the built-in dissectors so if the data is from a custom protocol, and as you have shown images of it there does seem to be some form of dissection, we would need to get a copy of that dissector to help out.
There should be no issue sharing the dissector as due to the licence that Wireshark uses (GPL 2.0 or later) the source of any dissectors distributed outside of the originators company MUST be made available.
You guys are right, I added the dissector link: https://gofile.io/d/bCXBDG The dissector only works with an old version unfortunately, so I used wireshark 1.12
1.12? Uggh, it was EOL 4 years ago.
Does tshark of that vintage print out anything useful when given the
-G fields
option, e.g.Make sure you redirect to a file as the output is large. You're looking for anything with "R2Sonic" in it.
Since you're distributing a binary of a GPL'ed program, can we have the source code please?
I dont have the source code, only the files i have shared is what i have
The original vendor, apparently R2Sonic, MUST make the source code available to you which you are then free to give to anyone else. Please contact the vendor and request they make the source code available.
@Bram Note the lack of source code isn't your fault, but the originator (R2Sonic?) of the dissector.
This gives us 2 problems when trying to help you:
I understand, I send them an email asking for the source code. However I don't have the highest of hopes for this. Seeing that the code itself only works on such an old version of wireshark I don't really know if they are still active in that field. I hope they respond soon!
Anyway many thanks for the time all you guys have put in this already!
What you could do would be to try your version of tshark (it should pick up the plugin) and dump the output to text and see if you possibly import that in somewhat to matlab, e.g.
If i do that it dumps out all the values and titles in the program like this: https://gofile.io/d/hqHB28
Is there any way to just get all the range values from the different frames? In this format Matlab is not able to do anything with it
Try swapping the
-V
with a-O r2
(the uppercase letter O) to limit the display to the R2 protocol.That already looks better, however since the name and the value of the data is still in the same cell i still cannot use this in matlab.