Which monitor or sniffer software would work with CBT

Here is how wireshark expects to see the packets formatted to decode and filter them as "CAN". The current dump from CBT would need to be reconfigured and then tested with USBPcap on windows to see if it works. Anyone??

<b>CAN - Controller Area Network (can) [5 fields]:</b>
can.id Identifier (Unsigned integer, 4 bytes)
can.flags.xtd Extended Flag (Boolean)
can.flags.rtr Remote Transmission Request Flag (Boolean)
can.flags.err Error Flag (Boolean)
can.len Frame-Length (Unsigned integer, 1 byte)

To advanced for me I'm afraid. I'm a car guy, not a programmer.

Hope someone will be able to help or make the CBT compatible with other packages on the market. The one in the video appeals to me because of its possibilities.

I'm not a programer either, but think it should be pretty easy to modify the existing serial code to fit this format.

administrators

Once I get the hybrid app done I'm going to focus on making firmware that is compatible with something like wireshark and I'd love to make a socketcan driver over USB!

administrators

I've been digging into this more. I'm going to finish the app that is cross platform so everyone has something to use. Then I'll focus on new firmware for socketcan as it only really works on linux. But then we can connect to analyzers like wireshark easily.

Sounds good. I've had some decent experience with Wireshark on windows by creating filters like ((((usb.data_len == 15) ))) && (usb.capdata contains 03:02:06:08) to sort live USBcap data. Problem is that Wireshark only dissects down to USB level with
<i>Leftover Capture Data: 030206087f4a0d25d2015f0008010d</i> .. If that message was in a standard CAN serial format without the CBT headers, I think Wirshark would recognize and dissect it under one the include CAN protocols.

Also the USB protocol coming from USBcap doesn't do a great job of reassembling the messages by length either. Some come in short, others super long. So sorting by length is cleaner, but also easy to miss packets your after. So it works OK with HEX, but with JSON string I've had zero luck in Wirshark.

Derek, don't be such a tease. Haha

How did you get that set up?

administrators

Just pushed the code up to github. It definitely needs some cleanup but it works well so far. If you guys could test on Windows that would be awesome!

https://github.com/CANBus-Triple/CANBus-Triple-Wireshark

Readme has setup instructions. This module will be included in the desktop app so people will be able to run it without installing Nodejs. But for now you'll need to do it the hard way by installing a system copy of Nodejs. If you're unfamiliar with Nodejs you should be able to just use an installer from here:
https://nodejs.org/download/

Finally, a productive weekend! I've got a ton done on the app and kicked this out in a couple hours after some research on the Pcap format. Hopefully I'll have the beta of the desktop app posted shortly as well! :D

administrators

Also I should mention RTR Eflg and Extended flag are not correct right now, as the current firmware does not report them.

I'm going to make a socketcan firmware when time permits so that would make this even easier.

Edit: I just published it to NPM as well, so you can rock a 'npm install cbt-wireshark' to pull it down if you're node-savvy.
https://www.npmjs.com/package/cbt-wireshark

What directory does Nodejs want to see your .js files installed? Haven't been able to make it happy yet.

administrators

Any folder. Checkout the code, CD to the folder and run npm install; node index.js /compath

administrators

Sorry I should have mentioned you need to do it from a command line/terminal. What platform are you on? Any luck getting it going?

When I get the app out this will be built in a dead simple to use. But it's good to get some testing in now before I merge them.

Finding the correct compath that CBT is connected to under XP is where I'm having issues. With USBPcapCMD.exe it lists this for you, but been unable to accomplish the same under node.js
From USBPcap is shows the CBT at \.\USBPcap4

5 \.\USBPcap4
??\USB#ROOT_HUB#4&352a0634&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}
[Port 1] USB Composite Device
Arduino Leonardo (COM16)
USB Human Interface Device
HID-compliant mouse
HID Keyboard Device

So I have use a simple batch file to start it on XP as below.

<i>CD C:\Program Files\USBPcap
USBPcapCMD.exe -d \.\USBPcap4 -o - | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -</i>

Determining the actual path Node.js needs is where I'm currently at.

administrators

Ok I need to jump on a windows box and figure this out. You should be able to just run the js file with node and it will setup the pipe for you. The nodejs installed should add Nide to your path in windows but I can't be sure of that right now. I'll report back

Derek, I tried Wireshark on Mac, I need to solve one last thing to get it working I thing, any ideas? My findings are described here:
http://forum.canb.us/discussion/42/where-are-the-apps#latest

administrators

I just had a chance to test the pipe script for windows and found one little bug. It works well on windows now as well as mac! :)

On windows once you install Nodejs just start the nodejs command prompt, cd /path/to/code from github and run 'node index COM3' or whatever your com port is. Then setup wireshark as shown in the readme.

OK I finally got it running. :D/

I had to do it slightly different on my Windows XP box from what's listed above. So for all us windows users who don't write java code, or use git very often, here is the EASY way I got it running...

<b>1.</b> Go download the latest CBT to Wireshark code in zip format at https://github.com/CANBus-Triple/CANBus-Triple-Wireshark
<b>2.</b> Unzip the files anywhere you like. Will create the folder <i>CANBus-Triple-Wireshark-master</i> which contains the .js files.
<b>3.</b> Create a easy to find directory/folder, I used C:\WSCBT
<b>4.</b> Copy or move all the files from <i>CANBus-Triple-Wireshark-master</i> to <i>WSCBT</i> folder.
<b>5.</b> Open the <u>Node.js Command Prompt </u> window.
<b>6.</b> Type <b>CD C:\WSCBT</b> and now you should be at <i>C:\WSCBT></i>
<b>7.</b> Now type <b>npm install</b> which should give you.

<i>C:\WSCBT>npm install
npm WARN package.json index@0.4.0 No repository field.
npm WARN package.json node.js@0.0.0 No repository field.
q@1.2.0 node_modules\q</i>

<b>8.</b> Now type <b>node index COM2</b> replacing COM2 with what ever COM port your CBT is currently connected. This should return

<i>C:\WSCBT>node index COM2
Socket bound: \?\pipe\cbtbus1
Logging enabled on all three busses</i>

<b>9.</b> Now open WireShark and setup as listed
Click Capture
Click Interfaces
Click Options
Click Manage Interfaces
Select the Pipes Tab
Click New
Enter<b> \?\pipe\cbtbus1</b> where it says Pipe
Click Save, then Close
Uncheck all the interface buttons at top, except for the one with \?\pipe\cbtbus1
Click START

If everything is working correct, Wireshark should now be GREEN and start logging all data. If not, it will give you an error message. Also back in the Node.js Command Prompt window, the last line should be <i>client connected</i>

You may not need to do the <b>npm install</b> command, but in my case, just typing <b>node index COM2</b> wasn't working, and this way finally did... After doing it that way once, I've been able skip that npm install part and it opens fine.. Who knows...

Hope that helps speed it up for everyone else.

-KT

Just found the updates in this thread!

Looks like you're striking gold, Derek.

And many thanks KidTurbo!! Glad its working for you, ill try tonight on a windows box rather than Linux

Thanks gents! I'm going to give it a try this weekend.

Guus

  • 37
    Posts
  • 26347
    Views

Looks like your connection to CANBus Triple was lost, please wait while we try to reconnect.