I’ve implemented similar using either udp or serial, using extcap in both cases. You can take a look at udpdump but in my case I wrote it myself using a python extcap on the receiving end.
The idea is, that you put all information (including the timing of your original protocol) into a frame, send this to extcap, which recreates a frame to be displayed using pcap as a format. See the documentation of extcap in the developer documents Regards Roland > Am 26.01.2020 um 09:46 schrieb Erwin Rol <mailingli...@erwinrol.com>: > > Hey all, > > I was wondering if there is a remote capture "protocol" that works on > Mac, Windows, and Linux? > > The idea I have is to use a small (and cheap) microcontroller like a > STM32F407 that can capture a fieldbus (RS485 based, etc.) and relay > that in realtime (realtime as in not storing it locally) to a PC > running Wireshark. > > I could simply pack it in some UDP protocol and write a dissector for > that, but than I would loose my timing information, because it will be > the timing of wenn the UDP packet has been received and not the time of > when the fieldbus packet was received. > > Is there already anything out there that supports transporting capture > data (including timing) over Ethernet that works on all 3 major > platforms (rcap seems windows only, ssh seems linux only, and both are > to heavy to implement on a microcontroller). > > Any info and ideas are welcome. > > TIA, > > Erwin > > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
