This analysis can be directly in Wireshark by writing a dissector for your USB serial device; the Linux kernel sources tell us details of many USB serial devices. I'll do my best to help when someone can get this started:
wireshark-2.0.3/epan/dissectors/packet-usb-com.c
as an example of a dissector. Also possible is to write this in LUA language but when I started this way I discovered some unexpected behavior / bugs in wireshark 1.9.x LUA support; maybe these are fixed now, but for inclusion into wireshark upstream we should target the upstream C source code tree.
Even without a dissector you should be able to apply a filter:
"usb.capdata and usb.bus_id==8 and usb.device_address==2"
where 8 and 2 are values from the Linux host in 'dmesg' or 'lsusb' output. This gives all transactions where there is more data than the existing USB dissectors can handle, and should be mostly the RS232 data payload we're interested in.
Eric
On Tue, Apr 26, 2016 at 11:44 AM, Pavel Milanes (CO7WT) via chirp_devel chirp_devel@intrepid.danplanet.com wrote:
Hi to all,
Interesting topic, and interesting tip about Wireshark doing USB capture, I will give that a try and see how they pack the usb protocol in the pcap format or whatever format they doit, maybe we can unpack that format in to a kind of log...
David, I used one time in the past a serial capture tool for Windows 8 @64 bits from the Internet (I don't remember the name now) but it was a "limited time you has to buy after 30 days" kind of tool, that may work for a short time frame but isn't a solution on the long term.
73
El 26/04/16 a las 14:08, David Ranch via chirp_devel escribió:
Using wireshark would be excellent from my perspective but I don't know if people who might have written tools against the output of Portmon would work with a PCAP capture.
Marco / Pavel: Any thoughts here?
--David KI6ZHD
chirp_devel mailing list chirp_devel@intrepid.danplanet.com http://intrepid.danplanet.com/mailman/listinfo/chirp_devel Developer docs: http://chirp.danplanet.com/projects/chirp/wiki/Developers
chirp_devel mailing list chirp_devel@intrepid.danplanet.com http://intrepid.danplanet.com/mailman/listinfo/chirp_devel Developer docs: http://chirp.danplanet.com/projects/chirp/wiki/Developers