I'm using a pipe to send CAN data to Wireshark and would like to use the socketCAN dissector to interpret the data. The question is how I should send the data for socketCAN to interpret it correctly?
I am using the C# example from https://wiki.wireshark.org/CaptureSetup/Pipes to pipe the data. I have set the data link type in the global header to 125 which should be the socketCAN number ( https://github.com/wireshark/wireshark/blob/master/wiretap/wtap.h ). When I send some dummy data to Wireshark the protocol is listed as UNKNOWN and not CAN. I guess this is because the structure or length of the data is not correct. Do You know if that's true?
I have looked at the socketCAN dissector file ( https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-socketcan.c ) but still have not been able to format the data correctly.
Hope that someone is able to provide some guidance.