Wireshark Capture
Overview
Wireshark is a program that captures and logs network packet information, which can be used to analyze and debug network communication.
Wireshark: Wireshark ยท Go Deep
Setup
Download and install Wireshark: Wireshark ยท Go Deep
Install MAVLink:
Install Git and Python 3.8 if you havenโt already
Clone the MAVLink repository, if you havenโt aleady:
git clone https://github.com/mavlink/mavlink.git --recursive
Otherwise, checkout and pull the master branch:
git checkout master git pull
Create and activate the virtual environment: Autonomy Workflow Software
Install the required Python packages:
pip install -r pymavlink/requirements.txt
Generate the MAVLink Lua plugin for Wireshark: Generating MAVLink Libraries | MAVLink Guide
XML: Select all.xml in [path to repository]/message_definitions/v1.0/
Out: Select the repository root and add
/mavlink2_plugin
at the endLanguage: WLua (not Lua)
Protocol: 2.0
Leave everything else as default
Click Generate
A file called mavlink2_plugin.lua is now in the repository root
Open the file and add the following to the end:
local tcp_dissector_table = DissectorTable.get("tcp.port") tcp_dissector_table:add(14550, mavlink_proto) tcp_dissector_table:add(14580, mavlink_proto) tcp_dissector_table:add(18570, mavlink_proto)
Move or copy the files to Wiresharkโs plugins directory under the Wireshark installation directory
Wireshark is now ready to decode MAVLink messages!
Instructions based on this: Parsing MAVLink in Wireshark | MAVLink Guide
Usage
Open Wireshark.
Double click on Adapter for loopback traffic , unless you are specifically using another network interface.
Filter the packets by entering text and then pressing enter. Example:
mavlink_proto
mavlink_proto.msgid == 30
tcp
tcp.port == 14550
udp.port == 14550 && mavlink_proto.msgid == 20
The MAVLink messages are displayed (may take some time if Wireshark has been open for a while).
If there is nothing displayed, either the configuration is incorrect or the application that uses MAVLink has not been started.
Windows:
netstat -ab
can be used to see which ports on your computer are currently being usedCtrl-c when all of 0.0.0.0 has been displayed, or whenever you are satisfied
When closing Wireshark, you can either save or discard the captured packets. Usually discarding is fine, unless you specifically want to search through the session later. The save file will be very large (tens to hundreds of MB).
ย