Navigation

    IO Ninja IO Ninja Forum
    • Register
    • Login
        No matches found
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    1. Home
    2. LynneJohn
    L

    LynneJohn

    @LynneJohn

    0
    Reputation
    18
    Posts
    2
    Profile views
    0
    Followers
    0
    Following
    Joined Last Online

    • Profile
    • More
      • Following
      • Followers
      • Topics
      • Posts
      • Best
      • Groups
    LynneJohn Follow

    Best posts made by LynneJohn

    This user hasn't posted anything yet.

    Latest posts made by LynneJohn

    RE: RS485 BACnet sniffing

    @vladimir Looks really good. I'm going to send this log over to our BACnet stack supplier to see if he has any extra feedback. To me this looks much better than running a 485 to USB connection into WireShark.

    Thanks again for all the help. Any chance you could release this into your standard layer plugins?

    BACnet_38400_heavery_traffic_error_v5.7z

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    @vladimir
    Here is a log that is working very well until time stamp 9:55:07 +00:46.470 and then the decode stops.

    Thanks again for all the help.

    BACnet_38400_heavery_traffic_error_v4.7z

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    @vladimir Sorry for the delay. Upload symbol is there but I get an error that file is too big. The log is 1Mbyte in size. Is there a way to reduce the size once the log is loaded into IO Ninja?

    Thanks.

    [0_1709752179535_BACnet_38400_heavery_traffic_error_v4.njlog](Uploading 100%)

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    @vladimir That icon does not show on my Firefox. I'll try a different browser.
    Capture.JPG

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    Most likely, you just commented out the padding code, but forgot to add a semicolon ;

    Exactly correct as I had missed the '+' on the line above.

    Traces look very good now as I will try to move to your latest code. Tried using the upload images(right most icon) to send a 7z zip file but I don't have privileges for it.

    Capture.JPG

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    @vladimir Removing the padding gives this trying to load the Analyzer:
    Capture.JPG

    Inserting the changes to BacNetMsTpParser.jnc(without the modification to the padding) it runs very well with an occasional issues toward the end of a large packet:
    Capture.JPG

    While using this analyzer should we have been running Settings->Log Engine->Binary Data->Binary Data Merge with a 3msec threshold. Should we still be using this ?

    Just want to also add how nice it is to be able to see the packets.

    Thanks.

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    Re "stop" of the analyzer -- could you share the original .njlog with the large packet?

    How do I send you the log that is out of sync. I'll try your fixes and report back. Also here are a couple frame types if you want to add them to the analyzer:

    enum BacNetMsTcpFrameType: uint8_t {
    	Token                       = 0,
    	PollForMaster               = 1,
    	PollForMasterReply          = 2,
    	TestRequest                 = 3,
    	TestResponse                = 4,
    	BacNetDataExpectingReply    = 5,
    	BacNetDataNotExpectingReply = 6,
    	ReplyPostponed              = 7,
    	ExtendedDataExpectingReply	= 32,
    	ExtendedDataNotExpectingReply = 33,
    	CustomFrame					= 254,
    	NoFrame						= 255
    }
    
    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    Wow, this is great. Couple questions:

    • The Pre-release does not have an install script(msi file.) Can I just drop the folders into the current C:\Program Files\Tibbo\IO Ninja directory?

    Loaded your analyzer(on version 5.5.0) using Settings->Add-on Plugins->Layers->Add and selected BacNetMsTp.njplg(this was a guess).

    • It ran very well except that after a large packet came through it seemed to stop(see timestamp 16:21:35 +00:06:437. Looked through the scripts(everything you sent) to see if there was a max number of bytes for a packet but did not find one.

    Capture.JPG

    Thanks again.

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    @vladimir After adding "Force Latin-1 encoding" to the Log Regex Markup settings I'm getting color highlights but no new timestamps when it see's the pattern.
    Capture.JPG

    Is there any way to get the log to show a timestamp at the beginning of each 55 FF pattern?

    Thanks

    Capture.JPG

    posted in Support & Troubleshooting •
    RE: RS485 BACnet sniffing

    @Vladimir I think at this point it would be nice to do a basic packet decode of sender/receiver and and packet type as it is only one byte long so 255 possibilities.

    How do you get to the Transmit pane if it is greyed out(un-selectable) ?

    posted in Support & Troubleshooting •