Wireshark Capture
Overview
Wireshark is a program that captures and logs network packet information, which can be used to analyze and debug network communication.
Wireshark: https://www.wireshark.org/
Setup
Download and install Wireshark: https://www.wireshark.org/
Install MAVLink:
Install Git and Python 3.8 if you haven’t already
Clone the MAVLink repository, if you haven’t aleady:
git clone https://github.com/mavlink/mavlink.git --recursive
Otherwise, checkout and pull the master branch:
git checkout master git pull
Create and activate the virtual environment: Autonomy Workflow Software
Install the required Python packages:
pip install -r pymavlink/requirements.txt
Generate the MAVLink Lua plugin for Wireshark: https://mavlink.io/en/getting_started/generate_libraries.html
XML: Select all.xml in [path to repository]/message_definitions/v1.0/
Out: Select the repository root and add
/mavlink2_plugin
at the endLanguage: WLua (not Lua)
Protocol: 2.0
Leave everything else as default
Click Generate
A file called mavlink2_plugin.lua is now in the repository root
Open the file and add the following to the end:
local tcp_dissector_table = DissectorTable.get("tcp.port") tcp_dissector_table:add(14550, mavlink_proto) tcp_dissector_table:add(14580, mavlink_proto) tcp_dissector_table:add(18570, mavlink_proto)
Move or copy the files to Wireshark’s plugins directory under the Wireshark installation directory
Wireshark is now ready to decode MAVLink messages!
Instructions based on this: https://mavlink.io/en/guide/wireshark.html
Usage
Open Wireshark.
Double click on Adapter for loopback traffic , unless you are specifically using another network interface.
Filter the packets by entering text and then pressing enter. Example:
mavlink_proto
mavlink_proto.msgid == 30
tcp
tcp.port == 14550
udp.port == 14550 && mavlink_proto.msgid == 20
The MAVLink messages are displayed (may take some time if Wireshark has been open for a while).
If there is nothing displayed, either the configuration is incorrect or the application that uses MAVLink has not been started.
Windows:
netstat -ab
can be used to see which ports on your computer are currently being usedCtrl-c when all of 0.0.0.0 has been displayed, or whenever you are satisfied
When closing Wireshark, you can either save or discard the captured packets. Usually discarding is fine, unless you specifically want to search through the session later. The save file will be very large (tens to hundreds of MB).