R – Any Generic Utilities or Libraries for Converting Hex Dumps into Human-readable Form

binaryfileshexhexdumpprotocols

I work a lot with serial communications with a variety of devices, and so I often have to analyze hex dumps in log files. Currently, I do this manually by looking at the dumps, looking at the protocol spec, and writing down the results. However, this is tedious and error-prone, especially whem messages contain hundreds of bytes and contain mixtures of big-endian and little-endian data, ASCII, Unicode, compression, CRCs, . . . .

I have written a few Python scripts to assist with the more common cases. But there are lots of protocols to deal with, and it doesn't make sense to spend the time writing a custom script unless I know I'll have a lot of dumps to analyze.

What I'd like is some sort of utility that can automate this activity. So, for example, if I have a textual hex dump like this:

7e ff 00 7b  00 13 86 04
00 41 42 43  44 56 ef 7e

and some sort of description of the message format, like this:

# Field         Size        Byte Order  Output Format
Flag            1                       hex
Address         1                       hex
Control         1                       hex
DataType        1                       decimal
LineIndex       1                       decimal
PollAddress     2           msb         hex
DataSize        2           lsb         decimal
Data            (DataSize)              ascii
CRC             2           lsb         hex
Flag            1                       hex

I'd get output like this:

Flag            0x7e
Address         0xff
Control         0x00
DataType        123
LineIndex       0
PollAddress     0x1386
DataSize        4
Data            "ABCD"
CRC             0xef56
Flag            0x7e

Hardware-based protocol analyzers often have fancy features for doing this kind of thing, but I need to work with textual log files.

Does any such utility or library exist?


Some good answers have come up since I set up the bounty. I guess bounties work!

Wireshark and HexEdit both look promising; I'll take a look at those, and will proabably award the bounty to whichever one suits my needs. But I'm still open to other ideas.

Best Solution

Wireshark is quite good at opening network protocols.

Related Question