Ethereal-dev: [Ethereal-dev] old GTP dissector pb - new dissector submission
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: "David Ngo" <ngodavid@xxxxxxxxxxxxxxxxxx>
Date: Fri, 28 Aug 1998 13:23:55 +0200
Hi, I tried the GTP dissector included in the latest ethereal version and I noticed several critical problems: 1) that this dissector does not conform to the ETSI 9.60 specs as regards the mandatory fields. This dissector has no notion of "mandatory field" since it compares each type field with a predefined list of all the possible tags (Information elements). However, every messages defined in the specs has it's own mandatory field that must be respected. If not, it is impossible to put forward any implementation problem on the vendors equipments. 2) the "filtering function" doesn't work: when we start filtering a 3000 frames file containing gtp messages, we get a "segmentation fault, core dump" message and we get dropped.I did not find what's wrong with the code. The memory allocations seem good. 3) Moreover the MAP causes, are not those that are given in the ETSI 9.02 specs for the two GTP messages that use MAP causes. As a consequence, in response to the mail that Guy Harris sent me, I submit you my own gtp-gtp' dissector. My dissector respects the "mandatory fields", has a working filtering function and encloses GTP' decoding (latest ETSI 12.15 spec). My dissector has been validated on both Nortel Networks and Nokia equipments for GTP and GTP'. I hope it will help. David NGO Nortel Networks GPRS Core Network Europe TAS
Attachment:
packet-gtp.c
Description: application/unknown-content-type-c_auto_file
/* packet-gtp.h * Routines for GPRS Tunneling Protocol dissection * Copyright 2000, David NGO <ngodavid@xxxxxxxxxxxxxxxxxx> * * $Id: README.developer,v 1.16 2000/08/18 13:47:42 deniel Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@xxxxxxxxxx> * Copyright 1998 Gerald Combs * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* #-----------------------------------------------------------------# ! File : packet-gtp.h ! ! Type : .h header file for C code ! ! Description : Dissector for Ethereal concerning the gtp protocol! ! for the GPRS (GSM Ph2+) ! #-----------------------------------------------------------------# ! History: ! ! ! ! - 2000/10/24 : Creation (Compliancy with GSM 09.60 Ed 7.5.0) ! #-----------------------------------------------------------------# */ #ifndef __PACKET_GTP_H__ #define __PACKET_GTP_H__ #include <stdio.h> #include <sys/types.h> #include <string.h> #include "packet.h" /* #-----------------------------------------------------------------# ! Here we will define all the value of the type of messages ! ! available in the GTP protocal respecting GSM 09.60 Ed 7.5.0 ! #-----------------------------------------------------------------# */ #define ECHO_REQUEST 1 #define ECHO_RESPONSE 2 #define VERSION_NOT_SUPPORTED 3 #define NODE_ALIVE_REQUEST 4 #define NODE_ALIVE_RESPONSE 5 #define REDIRECTION_REQUEST 6 #define REDIRECTION_RESPONSE 7 #define CREATE_PDP_CONTEXT_REQUEST 16 #define CREATE_PDP_CONTEXT_RESPONSE 17 #define UPDATE_PDP_CONTEXT_REQUEST 18 #define UPDATE_PDP_CONTEXT_RESPONSE 19 #define DELETE_PDP_CONTEXT_REQUEST 20 #define DELETE_PDP_CONTEXT_RESPONSE 21 #define CREATE_AA_PDP_CONTEXT_REQUEST 22 #define CREATE_AA_PDP_CONTEXT_RESPONSE 23 #define DELETE_AA_PDP_CONTEXT_REQUEST 24 #define DELETE_AA_PDP_CONTEXT_RESPONSE 25 #define ERROR_INDICATION 26 #define PDU_NOTIFICATION_REQUEST 27 #define PDU_NOTIFICATION_RESPONSE 28 #define PDU_NOTIFICATION_REJECT_REQUEST 29 #define PDU_NOTIFICATION_REJECT_RESPONSE 30 #define SEND_ROUTEING_INFORMATION_FOR_GPRS_REQUEST 32 #define SEND_ROUTEING_INFORMATION_FOR_GPRS_RESPONSE 33 #define FAILURE_REPORT_REQUEST 34 #define FAILURE_REPORT_RESPONSE 35 #define NOTE_MS_GPRS_PRESENT_REQUEST 36 #define NOTE_MS_GPRS_PRESENT_RESPONSE 37 #define IDENTIFICATION_REQUEST 48 #define IDENTIFICATION_RESPONSE 49 #define SGSN_CONTEXT_REQUEST 50 #define SGSN_CONTEXT_RESPONSE 51 #define SGSN_CONTEXT_ACK 52 #define DATA_RECORD_TRANSFER_REQUEST 240 #define DATA_RECORD_TRANSFER_RESPONSE 241 #define T_PDU 255 /*ASSIGNED NUMBERS FOR PROTOCOLS OVER IP In THE GTP T-PDU*/ /*See RFC 790 for details*/ #define PROTO_ICMP 1 /* control message protocol */ #define PROTO_IPV4 4 /* IP header */ #define PROTO_TCP 6 /* tcp */ #define PROTO_UDP 17 /* user datagram protocol */ #define PROTO_IPV6 41 /* IP6 header */ #define PROTO_ESP 50 /* ESP */ #define PROTO_AH 51 /* AH */ #define PROTO_OSPF 89 /* #-----------------------------------------------------------------# ! Here we will define the strings corresponding to the value ! ! defined beside correspondig to GSM 09.60 Ed 7.5.0 ! #-----------------------------------------------------------------# */ #define ECHO_REQUEST_STR "Echo Request" #define ECHO_RESPONSE_STR "Echo Response" #define VERSION_NOT_SUPPORTED_STR "Version Not Supported" #define NODE_ALIVE_REQUEST_STR "Node Alive Request" #define NODE_ALIVE_RESPONSE_STR "Node Alive Response" #define REDIRECTION_REQUEST_STR "Redirection Request" #define REDIRECTION_RESPONSE_STR "Redirection Response" #define CREATE_PDP_CONTEXT_REQUEST_STR "Create PDP Context Request" #define CREATE_PDP_CONTEXT_RESPONSE_STR "Create PDP Context Response" #define UPDATE_PDP_CONTEXT_REQUEST_STR "Update PDP Context Request" #define UPDATE_PDP_CONTEXT_RESPONSE_STR "Update PDP Context Response" #define DELETE_PDP_CONTEXT_REQUEST_STR "Delete PDP Context Request" #define DELETE_PDP_CONTEXT_RESPONSE_STR "Delete PDP Context Response" #define CREATE_AA_PDP_CONTEXT_REQUEST_STR "Create AA PDP Context Request" #define CREATE_AA_PDP_CONTEXT_RESPONSE_STR "Create AA PDP Context Response" #define DELETE_AA_PDP_CONTEXT_REQUEST_STR "Delete AA PDP Context Request" #define DELETE_AA_PDP_CONTEXT_RESPONSE_STR "Delete AA PDP Context Response" #define ERROR_INDICATION_STR "Error Indication" #define PDU_NOTIFICATION_REQUEST_STR "PDU Notification Request" #define PDU_NOTIFICATION_RESPONSE_STR "PDU Notification Response" #define PDU_NOTIFICATION_REJECT_REQUEST_STR "PDU Notification Reject Request" #define PDU_NOTIFICATION_REJECT_RESPONSE_STR "PDU Notification Reject Response" #define SEND_ROUTEING_INFORMATION_FOR_GPRS_REQUEST_STR "Send Routeing Information for GPRS Request" #define SEND_ROUTEING_INFORMATION_FOR_GPRS_RESPONSE_STR "Send Routeing Information for GPRS Response" #define FAILURE_REPORT_REQUEST_STR "Failure Report Request" #define FAILURE_REPORT_RESPONSE_STR "Failure Report Response" #define NOTE_MS_GPRS_PRESENT_REQUEST_STR "Note MS GPRS Present Request" #define NOTE_MS_GPRS_PRESENT_RESPONSE_STR "Note MS GPRS Present Response" #define IDENTIFICATION_REQUEST_STR "Identification Request" #define IDENTIFICATION_RESPONSE_STR "Identification Response" #define SGSN_CONTEXT_REQUEST_STR "SGSN Context Request" #define SGSN_CONTEXT_RESPONSE_STR "SGSN Context Response" #define SGSN_CONTEXT_ACK_STR "SGSN Contest Acknowledge" #define DATA_RECORD_TRANSFER_REQUEST_STR "Data Record Transfer Request" #define DATA_RECORD_TRANSFER_RESPONSE_STR "Data Record Transfer Response" #define T_PDU_STR "T-PDU" #define OTHER_TYPE_PDU_STR "Type not recognized by GSM 09.60" /* #-----------------------------------------------------------------# ! We define here some values concerning the gtp protocol: length ! ! of the header and some values... ! #-----------------------------------------------------------------# */ #define GTP_HEADER_LENGTH 20 #define GTP_TID_START 13 /* * #-----------------------------------------------------------------# * ! We define here the MAP causes ! * #-----------------------------------------------------------------# * */ /*For Send Routeing Info OPERATION defined in TS 9.02 7.7.0 p 1090 & 1121*/ #define MAP_CAUSE_SYSTEM_FAILURE 34 #define MAP_CAUSE_DATA_MISSING 35 #define MAP_CAUSE_UNEXPECTED_DATA_VALUE 36 #define MAP_CAUSE_FACILITY_NOT_SUPPORTED 21 #define MAP_CAUSE_FACILITY_NOT_ALLOWED 48 #define MAP_CAUSE_UNKNOWN_SUBSCRIBER 1 #define MAP_CAUSE_NUMBER_CHANGED 44 #define MAP_CAUSE_BEARER_SERVICE_NOT_PROVISIONED 10 #define MAP_CAUSE_TELESERVICE_NOT_PROVISIONED 11 #define MAP_CAUSE_ABSENT_SUBSCRIBER 27 #define MAP_CAUSE_BUSY_SUBSCRIBER 45 #define MAP_CAUSE_NO_SUBSCRIBER_REPLY 46 #define MAP_CAUSE_CALL_BARRED 13 /* #-----------------------------------------------------------------# ! We define here some variables corresponding to causes of GTP ! #-----------------------------------------------------------------# */ #define GTP_CAUSE_REQUEST_IMSI 0 #define GTP_CAUSE_REQUEST_IMEI 1 #define GTP_CAUSE_REQUEST_IMSI_AND_IMEI 2 #define GTP_CAUSE_NO_IDENTITY_NEEDED 3 #define GTP_CAUSE_MS_REFUSES 4 #define GTP_CAUSE_MS_IS_NOT_GPRS_RESPONDING 5 #define GTP_CAUSE_SYSTEM_FAILURE 59 #define GTP_CAUSE_THE_TRANSMIT_BUFFERS_ARE_BECOMING_FULL 60 #define GTP_CAUSE_THE_RECEIVE_BUFFERS_ARE_BECOMING_FULL 61 #define GTP_CAUSE_ANOTHER_NODE_IS_ABOUT_TO_GO_DOWN 62 #define GTP_CAUSE_THIS_NODE_IS_ABOUT_TO_GO_DOWN 63 #define GTP_CAUSE_REQUEST_ACCEPTED 128 #define GTP_CAUSE_NON_EXISTENT 192 #define GTP_CAUSE_INVALID_MESSAGE_FORMAT 193 #define GTP_CAUSE_IMSI_NOT_KNOWN 194 #define GTP_CAUSE_MS_IS_GPRS_DETACHED 195 #define GTP_CAUSE_REJ_MS_IS_NOT_GPRS_RESPONDING 196 #define GTP_CAUSE_REJ_MS_REFUSES 197 #define GTP_CAUSE_VERSION_NOT_SUPPORTED 198 #define GTP_CAUSE_NO_RESSOURCE_AVAILABLE 199 #define GTP_CAUSE_SERVICE_NOT_SUPPORTED 200 #define GTP_CAUSE_MANDATORY_IE_INCORRECT 201 #define GTP_CAUSE_MANDATORY_IE_MISSING 202 #define GTP_CAUSE_OPTIONNAL_IE_INCORRECT 203 #define GTP_CAUSE_REJ_SYSTEM_FAILURE 204 #define GTP_CAUSE_ROAMING_RESTRICTION 205 #define GTP_CAUSE_P_TMSI_SIGNATURE_MISMATCH 206 #define GTP_CAUSE_GPRS_CONNECTION_SUSPENDED 207 #define GTP_CAUSE_AUTHENTICATION_FAILURE 208 #define GTP_CAUSE_USER_AUTHENTICATION_FAILED 209 #define GTP_CAUSE_REQUEST_RELATED_TO_POSSIBLY 252 #define GTP_CAUSE_REQUEST_ALREADY_FULFILLED 253 #define GTP_CAUSE_SEQUENCE_NUMBER_INCORRECT 254 #define GTP_CAUSE_REQUEST_NOT_FULLFILLED 255 #define GTP_CAUSE_REQUEST_IMSI_STR "Request IMSI" #define GTP_CAUSE_REQUEST_IMEI_STR "Request IMEI" #define GTP_CAUSE_REQUEST_IMSI_AND_IMEI_STR "Request IMSI and IMEI" #define GTP_CAUSE_NO_IDENTITY_NEEDED_STR "No identity needed" #define GTP_CAUSE_MS_REFUSES_STR "MS refuses" #define GTP_CAUSE_MS_IS_NOT_GPRS_RESPONDING_STR "MS is not GPRS responding" #define GTP_CAUSE_SYSTEM_FAILURE_STR "System failure" #define GTP_CAUSE_THE_TRANSMIT_BUFFERS_ARE_BECOMING_FULL_STR "The transmit buffers are becoming full" #define GTP_CAUSE_THE_RECEIVE_BUFFERS_ARE_BECOMING_FULL_STR "The receive buffers are becoming full" #define GTP_CAUSE_ANOTHER_NODE_IS_ABOUT_TO_GO_DOWN_STR "Another node is about to go down" #define GTP_CAUSE_THIS_NODE_IS_ABOUT_TO_GO_DOWN_STR "This node is about to go down" #define GTP_CAUSE_REQUEST_ACCEPTED_STR "Request accepted" #define GTP_CAUSE_NON_EXISTENT_STR "Non-existent" #define GTP_CAUSE_INVALID_MESSAGE_FORMAT_STR "Invalid message format" #define GTP_CAUSE_IMSI_NOT_KNOWN_STR "IMSI not known" #define GTP_CAUSE_MS_IS_GPRS_DETACHED_STR "MS is GPRS detached" #define GTP_CAUSE_REJ_MS_IS_NOT_GPRS_RESPONDING_STR "MS is not GPRS responding" #define GTP_CAUSE_REJ_MS_REFUSES_STR "(Reject) MS refuses" #define GTP_CAUSE_VERSION_NOT_SUPPORTED_STR "Version not supported" #define GTP_CAUSE_NO_RESSOURCE_AVAILABLE_STR "No ressource available" #define GTP_CAUSE_SERVICE_NOT_SUPPORTED_STR "Service not supported" #define GTP_CAUSE_MANDATORY_IE_INCORRECT_STR "Mandatory IE incorrect" #define GTP_CAUSE_MANDATORY_IE_MISSING_STR "Mandatory IE missing" #define GTP_CAUSE_OPTIONNAL_IE_INCORRECT_STR "Optionnal IE incorrect" #define GTP_CAUSE_REJ_SYSTEM_FAILURE_STR "System failure" #define GTP_CAUSE_ROAMING_RESTRICTION_STR "Roaming restriction" #define GTP_CAUSE_P_TMSI_SIGNATURE_MISMATCH_STR "P-TMSI signature mismatch" #define GTP_CAUSE_GPRS_CONNECTION_SUSPENDED_STR "GPRS connection suspended" #define GTP_CAUSE_AUTHENTICATION_FAILURE_STR "Authentication failure" #define GTP_CAUSE_USER_AUTHENTICATION_FAILED_STR "User authentication failed" #define GTP_CAUSE_REQUEST_RELATED_TO_POSSIBLY_STR "Request related to possibly duplicated packets already fullfilled" #define GTP_CAUSE_REQUEST_ALREADY_FULFILLED_STR "Request already fullfilled" #define GTP_CAUSE_SEQUENCE_NUMBER_INCORRECT_STR "Sequence number incorrect" #define GTP_CAUSE_REQUEST_NOT_FULLFILLED_STR "Request not fullfilled" #define GTP_CAUSE_DEFAULT_STR "Cause seems to not respect GSM 09.03 & 12.15" /* #-----------------------------------------------------------------# ! Here we will define the different field type in the GTP body ! ! messages. ! #-----------------------------------------------------------------# */ #define GTP_FIELD_TYPE_CAUSE 1 #define GTP_FIELD_TYPE_IMSI 2 #define GTP_FIELD_TYPE_RAI 3 #define GTP_FIELD_TYPE_TLLI 4 #define GTP_FIELD_PTMSI 5 #define GTP_FIELD_TYPE_QOS_PROFILE 6 #define GTP_FIELD_REORDERING_REQUIRED 8 #define GTP_FIELD_AUTHENTICATION_TRIPLET 9 #define GTP_FIELD_MAP_CAUSE 11 #define GTP_FIELD_PTMSI_SIGNATURE 12 #define GTP_FIELD_MS_VALIDATED 13 #define GTP_FIELD_RECOVERY 14 #define GTP_FIELD_SELECTION_MODE 15 #define GTP_FIELD_FLOW_LABEL_DATA_I 16 #define GTP_FIELD_FLOW_LABEL_SIGNALLING 17 #define GTP_FIELD_FLOW_LABEL_DATA_II 18 #define GTP_FIELD_PACKET_TRANSFER_COMMAND 126 #define GTP_FIELD_CHARGING_ID 127 #define GTP_FIELD_END_USER_ADDRESS 128 #define GTP_FIELD_MM_CONTEXT 129 #define GTP_FIELD_PDP_CONTEXT 130 #define GTP_FIELD_ACCESS_POINT_NAME 131 #define GTP_FIELD_PROTOCOL_CONFIGURATION_OPTIONS 132 #define GTP_FIELD_GSN_ADDRESS 133 #define GTP_FIELD_MSISDN 134 #define GTP_FIELD_SEQUENCE_NUMBERS_OF_RELEASED_PACKETS 249 #define GTP_FIELD_SEQUENCE_NUMBERS_OF_CANCELLED_PACKETS 250 #define GTP_FIELD_CHARGING_GATEWAY_ADDRESS 251 #define GTP_FIELD_DATA_RECORD_PACKET 252 #define GTP_FIELD_REQUESTS_RESPONDED 253 #define GTP_FIELD_TYPE_NODE_ADDRESS 254 #define GTP_FIELD_TYPE_PRIVATE_EXTENSION 255 /* #-----------------------------------------------------------------# ! The place of the selection mode type ! #-----------------------------------------------------------------# */ #define GTP_SELECTION_MODE_0 0 #define GTP_SELECTION_MODE_1 1 #define GTP_SELECTION_MODE_2 2 #define GTP_SELECTION_MODE_3 3 /* #-----------------------------------------------------------------# ! The place of the selection mode strings. ! #-----------------------------------------------------------------# */ #define GTP_SELECTION_MODE_STRING_0 "MS or network provided APN, subscribed verified." #define GTP_SELECTION_MODE_STRING_1 "MS provided APN, subscription not verified." #define GTP_SELECTION_MODE_STRING_2 "Network provided APN, subscription not verified." #define GTP_SELCETION_MODE_STRING_3 "For future use. If sent, interpreted like '2'." /* #-----------------------------------------------------------------# ! Definition of PDP type organization and types ! #-----------------------------------------------------------------# */ #define GTP_PDP_TYPE_ORGANIZATION_VALUE_0 0 #define GTP_PDP_TYPE_ORGANIZATION_VALUE_1 1 #define GTP_PDP_TYPE_ORGANIZATION_VALUE_STRING_0 "ETSI" #define GTP_PDP_TYPE_ORGANIZATION_VALUE_STRING_1 "IETF" #define GTP_ETSI_PDP_TYPE_NUMBER_0 0 #define GTP_ETSI_PDP_TYPE_NUMBER_1 1 #define GTP_ETSI_PDP_TYPE_NUMBER_2 2 #define GTP_ETSI_PDP_TYPE_NUMBER_STRING_0 "X25" #define GTP_ETSI_PDP_TYPE_NUMBER_STRING_1 "PPP" #define GTP_ETSI_PDP_TYPE_NUMBER_STRING_2 "OSP:IHOSS" #define GTP_IETF_PDP_TYPE_NUMBER_21 0x21 #define GTP_IETF_PDP_TYPE_NUMBER_57 0x57 #define GTP_IETF_PDP_TYPE_NUMBER_STRING_21 "IPv4" #define GTP_IETF_PDP_TYPE_NUMBER_STRING_57 "IPv6" /* #-----------------------------------------------------------------# ! Definition of protocol type for protocol configuration options ! #-----------------------------------------------------------------# */ #define GTP_PROTOCOL_TYPE_OPTIONS_0 0 #define GTP_PROTOCOL_TYPE_OPTIONS_1 1 #define GTP_PROTOCOL_TYPE_OPTIONS_STRING_0 "IETF: PPP" #define GTP_PROTOCOL_TYPE_OPTIONS_STRING_1 "ETSI: OSP:IHOSS" #define GTP_PROTOCOL_TYPE_PPP_PAP 0xC023 #define GTP_PROTOCOL_TYPE_PPP_LCP 0xC021 #define GTP_PROTOCOL_TYPE_PPP_CHAP 0xC223 #define GTP_PROTOCOL_TYPE_PPP_IPCP 0x8021 #define GTP_PROTOCOL_TYPE_PPP_PAP_STRING "PAP" #define GTP_PROTOCOL_TYPE_PPP_LCP_STRING "LCP" #define GTP_PROTOCOL_TYPE_PPP_CHAP_STRING "CHAP" #define GTP_PROTOCOL_TYPE_PPP_IPCP_STRING "IPCP" /* #-----------------------------------------------------------------# ! Definition of error messages. ! #-----------------------------------------------------------------# */ #define GTP_MANDATORY_FIELD_NOT_PRESENT "A mandatory field is not present at this place. Please refer to GSM 09.60." /* #-----------------------------------------------------------------# ! Function : dissect_gtp ! ! Description : This function is the main part of the code called ! ! when a gtp packet is identified. (I don't ! ! understand really how, but...) ! ! Parameters : in : const u_char* pd: buffer containing the raw ! ! data of the frame. ! ! int offset: The place where we are arrived in ! ! the dissection of the frame. ! ! frame_data *fd : A pointer used to identify ! ! actual frame. ! ! proto_tree* tree : A pointer on the actual ! ! tree of the frame. ! ! out : void : NULL ! #-----------------------------------------------------------------# */ void dissect_gtp(const u_char *pd, int offset, frame_data *fd, proto_tree *tree); #endif
- Prev by Date: Re: [Ethereal-dev] RQUOTA updated
- Next by Date: [Ethereal-dev] Perl script to generate X11 headers.
- Previous by thread: Re: [Ethereal-dev] YAOP New obsolete protocol SPRAY
- Next by thread: [Ethereal-dev] Perl script to generate X11 headers.
- Index(es):