Ask Your Question
0

Pipe with comments

asked 2018-09-28 16:21:35 +0000

I am currently piping CAN traffic to wireshark via python on windows as documented in "way 3" in this article https://wiki.wireshark.org/CaptureSetup/Pipes

I would like to add comments (like one might have in a pcapng file) to certain packets programatically. Is this possible, and if so is there some direction as to how? Googling it has left me a bit confused.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-09-28 18:27:38 +0000

Guy Harris gravatar image

The Wireshark Wiki page you point to says:

This only works with the de facto standard libpcap format version 2.4, as described in Development/LibpcapFileFormat, and with the standard pcapng format.

So all you need to do, when writing the capture file to the pipe, is write a pcapng file, with the comments in question.

There is, as far as I know, no programmatic way to do that other than to write your own code to write pcapng files, unless there's a Python library that writes pcapng files.

edit flag offensive delete link more

Comments

Thanks! I had seen some other articles possibly conflicting with that. I guess that's part of what I'm struggling with - how (given the example in the article) I would add a comment to one of these packets? Is there example I can find on how to actually compose it?

guitarultimate gravatar imageguitarultimate ( 2018-09-28 19:12:20 +0000 )edit

I guess that's part of what I'm struggling with - how (given the example in the article) I would add a comment to one of these packets?

See the pcapng specification for the format of pcapng files; what you'd do is write a file in that format.

No, I don't have any code to point you to as an example.

Guy Harris gravatar imageGuy Harris ( 2018-09-29 08:11:39 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-09-28 16:21:35 +0000

Seen: 20 times

Last updated: Sep 28