On Jan 4, 2024, at 7:53 AM, Miklós Márton <martonmiklosqdev@xxxxxxxxx> wrote:
> The PEAK-CAN to Wireshark question came up again, and I started to work on it based on this wonderful piece of code:
> https://github.com/theXappy/ExtcapNet
>
> I also reached the point to figure out how to handle over the CAN messages via extcap question.
> Would it be possible to share the code with me? I would only need the extcap packet format for CAN 2.0B packets.
The packet formats for extcap are pcap format:
https://ietf-opsawg-wg.github.io/draft-ietf-opsawg-pcap/draft-ietf-opsawg-pcap.html
and pcapng format:
https://ietf-opsawg-wg.github.io/draft-ietf-opsawg-pcap/draft-ietf-opsawg-pcapng.html
and the link-layer types in those file formats are as described in
https://www.tcpdump.org/linktypes.html
That page lists both:
LINKTYPE_CAN20B, for which the format is *not* defined (I asked the people who requested it, and they don't have any documentation available);
LINKTYPE_CAN_SOCKETCAN, which is described at https://www.tcpdump.org/linktypes/LINKTYPE_CAN_SOCKETCAN.html.
That page will soon be updated to describe how CAN XL frames are handled.