Wireshark-dev: Re: [Wireshark-dev] Problems in calling a message fromRANAPdissector
Hi,
Have
you tried with Edit->preferences-protocols->per "Display internal per
fields" "tick the box"
If you
then have the same data in a "proper" RANAP trace compare the
bits...
You
can also check that the Higligted data in the HEX pane makes
sense.
Regards
Anders From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of taraniteja.vishwanatha@xxxxxxxxx Sent: den 24 januari 2008 11:16 To: wireshark-dev@xxxxxxxxxxxxx Subject: Re: [Wireshark-dev] Problems in calling a message fromRANAPdissector Hi
Anders, I ve tried to include
the function “dissect_resetResource” and also gave it a new tvb, but not much
improvement. I have exported some messages in the ranap.cnf
file like reset, initial ue
etc. The improved code
: ranap_tvb =
tvb_new_real_data(buf,offset,offset); tvb_set_child_real_data_tvbuff(tvb,ranap_tvb); add_new_data_source(pinfo,
ranap_tvb, "RANAP over XXX"); offset =
dissect_initialUE_Message(ranap_tvb, offset, &actx,
xxx_tree); please see the
difference b/w my test data and general ranap data. The protocol ie s are too
high a number in the test packet. Ranap data in my test
packet :
XXX
Protocol indicator: RANAP protocol (2)
RANAP Message type: initial UE (4)
Message length: 81
Information element identifier: RANAP initial UE message
(32)
Information element length: 68
initialUE-Message
protocolIEs: 63385 items
Item 0
Item
Id: unknown (
12856)
Criticality : reject
(0) [Malformed Packet:
XXX] General RANAP packet
: Radio Access Network
Application Part
RANAP_PDU: initiatingMessage (0)
initiatingMessage
procedureCode: id-InitialUE-Message (19)
criticality: ignore (1)
initialUE-Message
protocolIEs: 6 items
Item 0
Item
id: id-CN-DomainIndicator (3)
criticality: ignore (1)
id-CN-DomainIndicator: cs-domain (0)
Item 1
Item
id: id-LAI (15)
criticality: ignore (1)
id-LAI
pLMNidentity: 42F099
Mobile
Country Code (MCC):
Mobile network code (MNC): 99
lAC: 012F
Item 2 …….. so on
There is some mistake
in either calling the function or allocation of the buffer. Can you please
help. BR, Tarani
From:
wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx]
On Behalf Of Anders
Broman Hi, The principle is ok but
you should probably use "dissect_ResetResource_PDU" and give it a new tvb with
the RANAP data. Possibly causes of the
decoding problem dissect_ranap_ResetResource()
may expect offset in bits and return bit_offset. The data given to
dissect_ranap_ResetResource() is not correct(including opcode etc
perhaps?). The .cnf file should be used to
export functions. Regards Anders From:
wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx]
On Behalf Of
taraniteja.vishwanatha@xxxxxxxxx Hi , I have my test dissector , running
over SUA , in TLV ( tag length value) format. In one of the messages, I want to
add an existing RANAP ( asn.1 format) message along with the other parameters of
my protocol. The coding of one of the messages in which I have called RANAP
message goes like this: dissect_message(tvbuff_t *tvb,int
offset ,proto_tree *xxx_tree,packet_info *pinfo) { asn1_ctx_t actx;
asn1_ctx_init(&actx,
ASN1_ENC_PER, TRUE, pinfo); offset =
dissect_ranap_ResetResource(tvb, offset, &actx, macic_tree,
hf_macic_ranap_resetResource); proto_tree_add_item(xxx_tree,
hf_xxx_clust,tvb, offset, en, FALSE); offset = offset +
len; } I have seen this way of
implementation in MEGACO , trying to call a h245 message. But the RANAP message
is not dissected properly and also I am not able to get the remaining parameters
in the message. Could somebody confirm whether it is the right way to call a
message from a different dissector. BR, Tarani The
information contained in this electronic message and any attachments to this
message are intended for the exclusive use of the addressee(s) and may contain
proprietary, confidential or privileged information. If you are not the intended
recipient, you should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately and destroy all copies of this message and any
attachments. WARNING:
Computer viruses can be transmitted via email. The recipient should check this
email and any attachments for the presence of viruses. The company accepts no
liability for any damage caused by any virus transmitted by this
email. www.wipro.com P
Please do not print this email unless it is absolutely necessary. Spread
environmental awareness. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com |
- References:
- [Wireshark-dev] Problems in calling a message from RANAP dissector
- From: taraniteja.vishwanatha
- Re: [Wireshark-dev] Problems in calling a message from RANAP dissector
- From: Anders Broman
- Re: [Wireshark-dev] Problems in calling a message from RANAPdissector
- From: taraniteja.vishwanatha
- [Wireshark-dev] Problems in calling a message from RANAP dissector
- Prev by Date: Re: [Wireshark-dev] Problems in calling a message from RANAPdissector
- Next by Date: Re: [Wireshark-dev] wireshark-0.99.7 compiling error, The file contains a character that cannot be represented in the current code page (936). Save the file in Unicode format to prevent data loss
- Previous by thread: Re: [Wireshark-dev] Problems in calling a message from RANAPdissector
- Next by thread: [Wireshark-dev] Exporting TAP statistics at a regular interval
- Index(es):