Wireshark is a useful tool for capturing and analysing network traffic. Out of the box it supports numerous protocols including AX.25, and can be extended to decipher many more,
In order to handle encapsulated AX.25 it's necessary to use a small script to tell Wireshark which ports it should expect to find traffic on, and to decipher it.
Either or both of these scripts can be installed in the Wireshark Personal Plugin Folder.
The udp_table:add or tcp_table:add lines can be repeated to process traffic on additional ports.
-- -- LUA script to handle AX.25 over UDP -- Copyright 2015 R.W. Stearn <[email protected]> -- -- This program is free software; you can redistribute it and/or -- modify it under the terms of the GNU General Public License -- as published by the Free Software Foundation; either version 2 -- of the License, or (at your option) any later version. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program; if not, write to the Free Software -- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -- -- -- load the udp.port table udp_table = DissectorTable.get( "udp.port" ) -- get a handle to the AX.25 dissector proto_ax25 = Dissector.get( "ax25" ) -- register AX.25 to handle udp port udp_table:add( 10093, proto_ax25 )
-- LUA script to handle AX.25 over TCP -- Copyright 2015 R.W. Stearn <[email protected]> -- This program is free software; you can redistribute it and/or -- modify it under the terms of the GNU General Public License -- as published by the Free Software Foundation; either version 2 -- of the License, or (at your option) any later version. -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -- You should have received a copy of the GNU General Public License -- along with this program; if not, write to the Free Software -- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -- -- load the tcp.port table tcp_table = DissectorTable.get( "tcp.port" ) -- get a handle to the AX.25 dissector proto_ax25 = Dissector.get( "ax25" ) -- register AX.25 to handle tcp port tcp_table:add( 10093, proto_ax25 )