I'm new to Automotive Network. I am trying to capture some AVTP (IEEE1722) protocol packets on an Android device. Is it possible to capture AVTP packets with tcpdump on Android? I heard someone said tcpdump can only capture network layer packets, but AVTP is a transfer layer protocol. Does this means it's impossible?
2
votes
1 Answers
0
votes
tcpdump can only capture network layer packets
This is not true. tcpdump and friends can capture ethernet and 802.11 frames, which are at layer 2 while the network layer is layer 3 in the OSI model.
tcpdump will copy bytes going over the network interface that it has access to, regardless of protocol, for layers >= 2. It looks like AVTP (IEEE1722) is a layer 2 protocol, like ethernet. You can check what interfaces tcpdump sees with tcpdump -D.
For sample packet captures (8) of this protocol, you can use https://tshark.dev/search/pcaptable/ and search for protocol ieee1722. Wireshark uses the display filter ieee1722 for this protocol (ieee1722 filter reference).
