Ask Your Question
0

How to open CAN dbc file in wireshark

asked 2018-04-11 13:13:01 +0000

Lenin gravatar image

Hi

How to open a CAN dbc file using wireshark. we are using wireshark version 2.4.6..

Thanks lenin

edit retag flag offensive close merge delete

Comments

So are those files containing the data for messages sent over the CAN bus, or are they files that contain descriptions for fields in messages?

The first would be a file that you'd read in Wireshark and get a list of packets. The second would be a file that would be read when Wireshark started up, or when it first saw a CAN bus message, and that Wireshark would use to interpret the content of CAN bus messages in a file that contains a sequence of CAN bus messages.

From what I can find on the Internet, it may be the second of those.

Guy Harris gravatar imageGuy Harris ( 2018-04-12 22:00:45 +0000 )edit

From a look at the code, they appear to be files that describe the format of messages; the plugin includes a dissector that reads a dbc file and uses it to process CAN bus messages.

Guy Harris gravatar imageGuy Harris ( 2018-04-13 02:31:10 +0000 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2019-09-03 06:16:44 +0000

martinf gravatar image

Martin Falch from CSS Electronics here. We've done an article on how to use the Wireshark plugin that was developed for this purpose by Jakub Zawadzki, see below article: https://www.csselectronics.com/screen...

For users of our CAN loggers, we of course provide support for how to use the plugin. For various technical reasons, the plugin is designed for use with Wireshark 2.4 Legacy mode, so it may not function as expected outside of this.

Feel free to contact us for details.

edit flag offensive delete link more

Comments

Note that if one of the technical reasons is "it has a GTK+ GUI", it will not function AT ALL with Wireshark 3.0 and later, as we aren't building or distributing "legacy" GTK+ versions of Wireshark 3.0 and later (we've even removed the GTK+ GUI source code from the source tree in those branches and in the master branch).

Guy Harris gravatar imageGuy Harris ( 2019-09-03 20:57:41 +0000 )edit

Hi Guy, this is the main reason. The "live view" functionality which is another part of the plugin would require a rewrite from GTK+ to Qt, which is fairly extensive. We might work with Jakub later to get this updated for 3.0, but if others are willing to pick it up we'd of course support that.

martinf gravatar imagemartinf ( 2019-09-04 05:14:26 +0000 )edit
0

answered 2018-04-11 23:19:01 +0000

Guy Harris gravatar image

Try this plugin, which includes Windows binaries and source; you'd need to compile the source if you're not using Windows.

(We should probably pick this up and incorporate it into Wireshark, so that it's available by default in the Windows binary, available in the macOS binary, and available in the Linux/*BSD/etc. binaries distributed by third parties.)

edit flag offensive delete link more

Comments

Seems to be GTK only somehow. But I noticed Jakub Zawadzki can shed light on that.

Jaap gravatar imageJaap ( 2018-04-12 06:56:58 +0000 )edit

They implemented a tap for OBD-II messages but didn't use the tap mechanism - they just directly added calls to the tap from the dissector. The tap pops up a GTK+ window.

Guy Harris gravatar imageGuy Harris ( 2018-04-12 22:03:58 +0000 )edit

I have added the plugin. However I'm unable to load the CAN dbc file.

Thanks Lenin.

Lenin gravatar imageLenin ( 2018-04-16 07:13:31 +0000 )edit

Since this is not part of Wireshark itself you could try to get support from the supplier, via csselectronics.com

Jaap gravatar imageJaap ( 2018-04-16 09:47:38 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-04-11 13:13:01 +0000

Seen: 5,133 times

Last updated: Sep 03 '19