Wireshark-dev: Re: [Wireshark-dev] VoIP call analysis

From: "Luis EG Ontanon" <luis@xxxxxxxxxxx>
Date: Thu, 20 Nov 2008 19:23:09 +0100
if IOS5 uses the connection-less SCCP service SCCP-connection-tracking
cannot help you.

If it instead uses the Conection-Oriented SCCP service, you can take a
look at how RANAP and BSSAP put "interesting information" into the
SCCP data for the packet/connection.

(Beware that in order to trace calls SCCP needs the "Keep Track of..."
preference being enabled).

BR

Lego

On Thu, Nov 20, 2008 at 7:15 PM, Michael Lum
<michael.lum@xxxxxxxxxxxxxxxxx> wrote:
> Hi,
>
> I'm looking at voip_calls.c and there is a voip_protocol_name array
> that contains, among others, SCCP, BSSMAP and RANAP.
>
> How does this work for a with the following partial stack:
>
> BSSMAP or RANAP
> SCCP
> M3UA
> ...
>
> ?
>
> I tried out one of my traces with SCCP and it sort of works.
> Was it meant to be used with the above or for some other kind
> of protocol layering ?
> (I thought only "A-interfaces" used connection-oriented SCCP.)
>
> I say it only sort of works because SCCP can't determine a
> call state or even imply a call is taking place.
>
> Should I just ignore the SCCP code eventhough IOS 5 is
> carried on it ?
>
> Thanks.
>
> --
> Michael Lum                   Principal Software Engineer
> 4600 Jacombs Road             +1.604.276.0055
> Richmond, B.C.
> Canada V6V 3B1
> Star Solutions
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> https://wireshark.org/mailman/listinfo/wireshark-dev
>



-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan