Added some readme info about Wireshark, extcap, and DLTs.
This commit is contained in:
skarg
@@ -195,4 +195,17 @@ Locate the extcap search path.
|
||||
Copy the mstpcap.exe to that folder, which may not exist.
|
||||
Restart Wireshark, and look for "BACnet MS/TP on COMx" interfaces.
|
||||
Configure the interface to change baud rate.
|
||||
Capture directly from the interface.
|
||||
Capture directly from the interface.
|
||||
|
||||
==== Developer Info about Wireshark ExtCap ====
|
||||
|
||||
BACnet MS/TP uses a DLT (data link type) requested from and
|
||||
approved by libPCAP development team, which is 165. Wireshark
|
||||
includes a dissector that decodes the MS/TP packets when they
|
||||
use the DLT for MS/TP. Other DLTs exist for other types, and
|
||||
there are also DLTs set aside as USER DLTs.
|
||||
|
||||
See the following URLs for information about ExtCap:
|
||||
https://github.com/wireshark/wireshark/blob/master/doc/README.extcap
|
||||
https://github.com/wireshark/wireshark/blob/master/doc/extcap_example.py
|
||||
https://wiki.wireshark.org/Development/Extcap
|
||||
|
||||
Reference in New Issue
Block a user