These kind of tools help to filter out data you're not interested in and only keep the id's you are interested in. What the information means is a completely different question. Since it's manufacturer specific and usually confidential you have to find that out yourself or with people owning the same make or model.
I tried Wireshark but the regular version doesn't do Can-bus on Windows, the Linux version seems to be able to. For this car stuff I use an old XP laptop. The funny thing is that a lot of companies supply software but they all use special drivers for some kind of hardware.
Wireshark (no CANBUS on Windows)
CANUSB (needs dedicated driver/hardware)
Canhacker (I don't think this will work over an Arduino or CBT)
Busmaster (the professional tool but only supports specific hardware)
Unless Derek comes up with something quickly (no I'm not pushy ;-) I probably going for a Logic Analyzer as well. On Jaguars you have the SCP bus (J1850 PWM) which is used for the convenience stuff and I need to analyse that too.
My car has 4 systems in total:
ISO9141 for OBDII
SCP (J1850 PWM) for most of the body/chassis stuff
CANBUS for the engine/transmission/abs and several other modules
D2D glasfiber bus for audio (connected from the SCP bus)
I have plans enough for all of them but getting the tools just to start analyzing is a project itself!
Does anybody have experiences with Logical Analyzer? I found these but not sure what is the best for both J1850 PWM and CANBUS.
Would also be interested in info on using a CANBUS database for lookup.
I've been testing with Wireshark and <a href="http://desowin.org/usbpcap/tour.html">USBPcap</a> on recoded data. While it works, it only analyses the USB packets down to layer - Leftover Capture Data: 0301022500ff00000000004008010d
While it fairly usable / sortable at this level with hex, it ofter skews the data where Packet Data Lengths overlaps like - Leftover Capture Data: ff:00:00:00:80:08:01:0d:03:01:02:25:00:ff:00:00:00:00:00:40:08:01
I have setup some filters to show only correctly formatted packets lengths, starting with 0301. But Wireshark still does not recognize them as CANbus. Thinking need to strip the start 0301, and 0d off the end by modifying the codes in the CBT. Then it might reconize them as CANbus protocol. But wanted to ask Derek about this first.
I also was reading about <a href="https://github.com/dschanoeh/socketcand">socketcan</a> and wondering if it could be coded into the CBT. If so, might be the fix.
Here is how wireshark expects to see the packets formatted to decode and filter them as "CAN". The current dump from CBT would need to be reconfigured and then tested with USBPcap on windows to see if it works. Anyone??
<b>CAN - Controller Area Network (can) [5 fields]:</b>
can.id Identifier (Unsigned integer, 4 bytes)
can.flags.xtd Extended Flag (Boolean)
can.flags.rtr Remote Transmission Request Flag (Boolean)
can.flags.err Error Flag (Boolean)
can.len Frame-Length (Unsigned integer, 1 byte)
I've been digging into this more. I'm going to finish the app that is cross platform so everyone has something to use. Then I'll focus on new firmware for socketcan as it only really works on linux. But then we can connect to analyzers like wireshark easily.
Sounds good. I've had some decent experience with Wireshark on windows by creating filters like ((((usb.data_len == 15) ))) && (usb.capdata contains 03:02:06:08) to sort live USBcap data. Problem is that Wireshark only dissects down to USB level with
<i>Leftover Capture Data: 030206087f4a0d25d2015f0008010d</i> .. If that message was in a standard CAN serial format without the CBT headers, I think Wirshark would recognize and dissect it under one the include CAN protocols.
Also the USB protocol coming from USBcap doesn't do a great job of reassembling the messages by length either. Some come in short, others super long. So sorting by length is cleaner, but also easy to miss packets your after. So it works OK with HEX, but with JSON string I've had zero luck in Wirshark.
Just pushed the code up to github. It definitely needs some cleanup but it works well so far. If you guys could test on Windows that would be awesome!
Readme has setup instructions. This module will be included in the desktop app so people will be able to run it without installing Nodejs. But for now you'll need to do it the hard way by installing a system copy of Nodejs. If you're unfamiliar with Nodejs you should be able to just use an installer from here:
Finally, a productive weekend! I've got a ton done on the app and kicked this out in a couple hours after some research on the Pcap format. Hopefully I'll have the beta of the desktop app posted shortly as well! :D
Also I should mention RTR Eflg and Extended flag are not correct right now, as the current firmware does not report them.
I'm going to make a socketcan firmware when time permits so that would make this even easier.
Edit: I just published it to NPM as well, so you can rock a 'npm install cbt-wireshark' to pull it down if you're node-savvy.
Sorry I should have mentioned you need to do it from a command line/terminal. What platform are you on? Any luck getting it going?
When I get the app out this will be built in a dead simple to use. But it's good to get some testing in now before I merge them.
Finding the correct compath that CBT is connected to under XP is where I'm having issues. With USBPcapCMD.exe it lists this for you, but been unable to accomplish the same under node.js
From USBPcap is shows the CBT at \.\USBPcap4
[Port 1] USB Composite Device
Arduino Leonardo (COM16)
USB Human Interface Device
HID Keyboard Device
So I have use a simple batch file to start it on XP as below.
<i>CD C:\Program Files\USBPcap
USBPcapCMD.exe -d \.\USBPcap4 -o - | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -</i>
Determining the actual path Node.js needs is where I'm currently at.
Ok I need to jump on a windows box and figure this out. You should be able to just run the js file with node and it will setup the pipe for you. The nodejs installed should add Nide to your path in windows but I can't be sure of that right now. I'll report back