Wireshark is a great tool that allows you to tap directly into a network medium and analyse the packets being transmitted at a low level. This can be good for doing tests like:
- Timing the outputs of a ethernet capable OxTS unit
- Testing the Network configuration of an OxTS navigation unit (e.g. The ability to configure whether the output of an RT is directed specifically to a certain IP address)
- Getting a snapshot of the network
You can download the tool here. Just install the program as usual and make sure to let Wireshark install the WinPcap component (it needs this to actually monitor the network at a low level.). The article covers:
Basic Use
Run the program and then select the medium that you want to analyse, for the most part you will be interested in Ethernet:
You may see way more information at a rate that isn't too useful, so you can pause the stream by clicking the stop button:
This way you can scroll through at your own pace and look through the stream.
Applying Filters
In order to make more sense of what the stream is doing you can right click on certain attributes and filter by them:
Wireshark will then apply the selected filter to the stream, in the expression bar on the program ribbon:
There is a syntax associated with this expression bar and you can explore here. If you are familiar with basic programming boolean/logical operations, the generally work (&&, ||, == etc.)
Decoding NCOM packets
You can add the NCOM format to Wireshark so that it is a little easier to make sense of the stream. The decoder is not the best, but you can get some basic information from the packet. To do this:
- Place this script in the plugin folder. Usually for the 64 bit version this is (WS version number may be different):
C:\Program Files\Wireshark\plugins\2.0.1 - Place this main script in the lua folder.
C:\Program Files\Wireshark\lua
If you want to improve the decoder, they are written in lua, check this resource for more details.
Comments
0 comments
Please sign in to leave a comment.