Sniffing HDLC Frames w/Wireshark

asked 2025-02-10 21:23:03 +0000

hy4woj gravatar image

Hello,

Wanted to know if anyone has experience with sniffing HDLC data frames? I'm getting raw data but not seeing beginning or ending flags which have a value of 7E (Hex) or 126 (DEC). Any help would be greatly appreciated.

edit retag flag offensive close merge delete

Comments

The beauty of standards - so many to choose from. Do you know what type of HDLC?

C:\>tshark -G protocols | findstr /I hdlc
Cisco HDLC      CHDLC   chdlc
Ericsson HDLC   Ericsson HDLC as used in A-bis over IP  ehdlc
HDLC-like framing for PPP       HDLC PW with PPP payload (no CW)        pw_hdlc_nocw_hdlc_ppp
HDLC PW, FR port mode (no CW)   HDLC PW, FR port mode (no CW)   pw_hdlc_nocw_fr
PPP In HDLC-Like Framing        PPP-HDLC        ppp_hdlc
Wellfleet HDLC  WHDLC   whdlc
Chuckc gravatar imageChuckc ( 2025-02-10 23:28:48 +0000 )edit

Hi there,

Didn't realize there were different types, the specifications i have only point to iso/iec 3309

hy4woj gravatar imagehy4woj ( 2025-02-10 23:33:49 +0000 )edit

Can you share a sample of the capture data?

Chuckc gravatar imageChuckc ( 2025-02-10 23:52:40 +0000 )edit

I will try, this is for new traffic signal controller under the new ATC standard. The traffic signal controller "talks" to key devices in the cabinet using HDLC on serial bus #1 @ 614kbps

hy4woj gravatar imagehy4woj ( 2025-02-11 00:00:42 +0000 )edit
0000   1c 00 00 00 00 00 00 00 00 00 00 00 00 00 0b 00   ................
0010   00 01 00 02 00 80 02 08 00 00 00 00 80 06 00 02   ................
0020   00 00 32 05                                       ..2.
hy4woj gravatar imagehy4woj ( 2025-02-11 00:10:08 +0000 )edit
see more comments