Document toolboxDocument toolbox

Creation of Wireshark Traces

Owned by Dirk Conzelmann, created
Last updated: 06.Nov 2023
2 min read

What is Wireshark, and why is it useful?

Wireshark is a free program that makes it possible to record Ethernet frames. This can be helpful during troubleshooting.

Capture packets on a Revolution Pi or Linux based device

Install “tcpdump”

sudo apt install tcpdump

Create a capture - you have to stop it via [CTRL] + C

sudo tcpdump -i eth0 -w /tmp/mycapture.pcap

Copy the file to another host for examination via Wireshark

https://kunbus-gmbh.atlassian.net/wiki/spaces/KS/pages/350683137

Capture packets elsewhere

  1. You download and install the program https://www.wireshark.org/

  2. You start a recording via an Ethernet interface connected to the field bus from the start of the installation until the error occurs.

    1. Select the interface you want to capture.

    2. You can see how Wireshark is capturing the Ethernet traffic live.

  3. Then stop recording and save this recording as a file.

    1. Stop recording

    2. Select where you would like to save the file.

    3. The resulting compressed capture file here is about 136 KB big.

 

Verwandte Artikel