Wireshark-users: Re: [Wireshark-users] what dissectors there are for usb traffic?

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Chris Maynard <Chris.Maynard@xxxxxxxxx>
Date: Fri, 4 Nov 2011 19:02:52 +0000 (UTC)
pelle sec <pellesec@...> writes:

> Could someone please tell me where could I get information what dissectors
there are for USB traffic in Wireshark? 

This might not be a complete list, but it's a start:
$ grep "dissector_add" epan/dissectors/packet-*.c | grep "usb\."
epan/dissectors/packet-eth.c:    dissector_add_uint("usb.bulk",
IF_CLASS_CDC_DATA, eth_withoutfcs_handle);
epan/dissectors/packet-mp2t.c:  heur_dissector_add("usb.bulk",
heur_dissect_mp2t, proto_mp2t);
epan/dissectors/packet-ppp.c:  heur_dissector_add("usb.bulk", dissect_ppp_usb,
proto_ppp);
epan/dissectors/packet-usb-at.c:    heur_dissector_add("usb.bulk",
dissect_usb_at, proto_at);
epan/dissectors/packet-usb-hid.c:       dissector_add_uint("usb.control",
IF_CLASS_HID, usb_hid_control_handle);
epan/dissectors/packet-usb-hub.c:       dissector_add_uint("usb.control",
IF_CLASS_HUB, usb_hub_control_handle);
epan/dissectors/packet-usb-hub.c:       dissector_add_uint("usb.control",
IF_CLASS_UNKNOWN, usb_hub_control_handle);
epan/dissectors/packet-usb-masstorage.c:    dissector_add_uint("usb.bulk",
IF_CLASS_MASSTORAGE, usb_ms_bulk_handle);
epan/dissectors/packet-usb-masstorage.c:    dissector_add_uint("usb.control",
IF_CLASS_MASSTORAGE, usb_ms_control_handle);
epan/dissectors/packet-usb.c:    dissector_add_uint("wtap_encap",
WTAP_ENCAP_USB_LINUX, linux_usb_handle);
epan/dissectors/packet-usb.c:    dissector_add_uint("wtap_encap",
WTAP_ENCAP_USB_LINUX_MMAPPED, linux_usb_mmapped_handle);

> If you have other insights of USB capturing support in Wireshark I would
gladly hear about them.

Does this help?
http://wiki.wireshark.org/CaptureSetup/USB

- Chris