This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

v2.0.4 RTAC Serial

0

Hi all,

I found I cannot dissect RTAC serial message I captured in SEL RTAC device after I upgraded from v1.12.8 to v2.0.4. Is there any dissector already released that I can download and use?

Thanks!

asked 07 Jul '16, 11:22

jli63's gravatar image

jli63
11225
accept rate: 0%

Can you share a capture in a publicly accessible spot, e.g. CloudShark?

(08 Jul '16, 03:44) Jaap ♦

https://www.cloudshark.org/captures/eae67328dff2 Here is the sample capture I just uploaded in CloudShark for you to view.

I just don't know how to dissect and analyze the DNP message contained in the RTAC Serial layer. I used to be able to apply dissector in v1.12.8. But cannot really do that in v2.0.4.

Any help would be appreciated!

(08 Jul '16, 08:47) jli63

One Answer:

1

The data appears to be DNP3 carried over RTAC. To enable DNP3 dissection of the data, right click an RTAC packet in the packet list, and select "Decode As ...". This should give you the sub-dissector settings for RTAC serial data, and in the "Current" field, select "DNP 3.0".

Add a display filter of "dnp3" to just show the DNP3 traffic.

answered 08 Jul '16, 09:32

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%