Wireshark · Ethereal-users: RE: [Ethereal-users] tethereal & mgcp messages

Ethereal-users: RE: [Ethereal-users] tethereal & mgcp messages

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Trevor Reynolds <trevor.reynolds@xxxxxxxxxxxxxxx>

Date: Wed, 22 May 2002 10:03:01 -0400

I'm running tethereal 0.9.4, with GLib 1.2.10, with libpcap 0.6, with libz
1.1.3, without UCD SNMP on Solaris8 (sparc)

This is a clip from one of the packets that I am seeing.

User Datagram Protocol, Src Port: 2427 (2427), Dst Port: 2427 (2427)
    Source port: 2427 (2427)
    Destination port: 2427 (2427)
    Length: 370
    Checksum: 0xc4fd (correct)
Data (362 bytes)

0000  32 30 30 20 32 38 33 39 32 20 0a 5a 3a 20 53 31   200 28392 .Z: S1
0010  2f 44 53 31 2d 31 2f 31 0a 5a 3a 20 53 31 2f 44   /DS1-1/1.Z: S1/D
0020  53 31 2d 31 2f 32 0a 5a 3a 20 53 31 2f 44 53 31   S1-1/2.Z: S1/DS1
0030  2d 31 2f 33 0a 5a 3a 20 53 31 2f 44 53 31 2d 31   -1/3.Z: S1/DS1-1
0040  2f 34 0a 5a 3a 20 53 31 2f 44 53 31 2d 31 2f 35   /4.Z: S1/DS1-1/5
0050  0a 5a 3a 20 53 31 2f 44 53 31 2d 31 2f 36 0a 5a   .Z: S1/DS1-1/6.Z
0060  3a 20 53 31 2f 44 53 31 2d 31 2f 37 0a 5a 3a 20   : S1/DS1-1/7.Z: 
0070  53 31 2f 44 53 31 2d 31 2f 38 0a 5a 3a 20 53 31   S1/DS1-1/8.Z: S1
0080  2f 44 53 31 2d 31 2f 39 0a 5a 3a 20 53 31 2f 44   /DS1-1/9.Z: S1/D
0090  53 31 2d 31 2f 31 30 0a 5a 3a 20 53 31 2f 44 53   S1-1/10.Z: S1/DS
00a0  31 2d 31 2f 31 31 0a 5a 3a 20 53 31 2f 44 53 31   1-1/11.Z: S1/DS1
00b0  2d 31 2f 31 32 0a 5a 3a 20 53 31 2f 44 53 31 2d   -1/12.Z: S1/DS1-
00c0  31 2f 31 33 0a 5a 3a 20 53 31 2f 44 53 31 2d 31   1/13.Z: S1/DS1-1
00d0  2f 31 34 0a 5a 3a 20 53 31 2f 44 53 31 2d 31 2f   /14.Z: S1/DS1-1/
00e0  31 35 0a 5a 3a 20 53 31 2f 44 53 31 2d 31 2f 31   15.Z: S1/DS1-1/1
00f0  36 0a 5a 3a 20 53 31 2f 44 53 31 2d 31 2f 31 37   6.Z: S1/DS1-1/17
0100  0a 5a 3a 20 53 31 2f 44 53 31 2d 31 2f 31 38 0a   .Z: S1/DS1-1/18.
0110  5a 3a 20 53 31 2f 44 53 31 2d 31 2f 31 39 0a 5a   Z: S1/DS1-1/19.Z
0120  3a 20 53 31 2f 44 53 31 2d 31 2f 32 30 0a 5a 3a   : S1/DS1-1/20.Z:
0130  20 53 31 2f 44 53 31 2d 31 2f 32 31 0a 5a 3a 20    S1/DS1-1/21.Z: 
0140  53 31 2f 44 53 31 2d 31 2f 32 32 0a 5a 3a 20 53   S1/DS1-1/22.Z: S
0150  31 2f 44 53 31 2d 31 2f 32 33 0a 5a 3a 20 53 31   1/DS1-1/23.Z: S1
0160  2f 44 53 31 2d 31 2f 32 34 0a                     /DS1-1/24. 

Is there some option I am missing here for tethereal to decode this packet?
Seems with all other packets, this gets decoded quite nicely, for instance,
the sip packet below:

User Datagram Protocol, Src Port: 53131 (53131), Dst Port: 5060 (5060)
    Source port: 53131 (53131)
    Destination port: 5060 (5060)
    Length: 430
    Checksum: 0xe04b (correct)
Session Initiation Protocol
    Request line: BYE sip:209.246.37.44:5060 SIP/2.0
    Message Header
        Via: SIP/2.0/UDP  209.246.37.49:5060
        From: <sip:[email protected]>;tag=1F5CA04-159A
        To: "Voice
Port07"<sip:[email protected]>;tag=1291765166-1021984894797
        Date: Tue, 21 May 2002 12:41:50 GMT
        Call-ID: [email protected]
        User-Agent: Cisco-SIPGateway/IOS-12.x
        Max-Forwards: 6
        Timestamp: 1021984931
        CSeq: 101 BYE
        Content-Length: 0
-----Original Message-----
From: Guy Harris [mailto:guy@xxxxxxxxxx]
Sent: Tuesday, May 21, 2002 7:30 PM
To: Trevor Reynolds
Cc: ethereal-users@xxxxxxxxxxxx
Subject: Re: [Ethereal-users] tethereal & mgcp messages


On Tue, May 21, 2002 at 07:18:43PM -0400, Trevor Reynolds wrote:
> Does anyone have a working way to capture and decode mgcp messages with
> tethereal? I can get it to work with the console based version.

Tethereal *is* the console-based version.

Ethereal and Tethereal use the same code to load plugin dissectors, such
as the MGCP dissector.  As such, there should be no difference between
the behavior of Ethereal and the behavior of Tethereal, if you're
running the "same" version of Ethereal and Tethereal (e.g., if you
installed binary packages and are running the installed versions of
both, or if you built and installed from the same source tree and are
running the installed versions of both, or built from source and are
running them both from the same source tree).

If you *are* seeing a difference, make sure you're running the same
versions, and then give a detailed description of the difference ("can't
get it to work" doesn't say what it does *instead* of working).

Follow-Ups:
- Re: [Ethereal-users] tethereal & mgcp messages
  - From: Guy Harris

Prev by Date: Re: [Ethereal-users] Windows Icon Doesn't Look Right
Next by Date: Re: [Ethereal-users] Windows Icon Doesn't Look Right
Previous by thread: Re: [Ethereal-users] tethereal & mgcp messages
Next by thread: Re: [Ethereal-users] tethereal & mgcp messages
Index(es):
- Date
- Thread