Wireshark-dev: Re: [Wireshark-dev] Help on understanding Application context inTCAPto be used b
SM-DeliveryFailureCause ::= SEQUENCE {
sm-EnumeratedDeliveryFailureCause SM-EnumeratedDeliveryFailureCause,
diagnosticInfo SignalInfo OPTIONAL,
extensionContainer ExtensionContainer OPTIONAL,
...}
GSM Mobile
Application
10.. .... = Class: CONTEXT
(2)
..1. .... = P/C: Constructed
Encoding
...0 0011 = Tag: 3
Length:
9
Component: returnError
(3)
returnError
00.. .... = Class: UNIVERSAL
(0)
..0.
.... = P/C: Primitive
Encoding
...0 0010 = Tag: INTEGER
(2)
Length: 1
invokeID:
0
errorCode: localValue
(0)
00.. .... = Class: UNIVERSAL
(0)
..0. .... = P/C: Primitive
Encoding
...0 0010 = Tag: INTEGER
(2)
Length:
1
localValue: sm-DeliveryFailure
(32)
00..
.... = Class: UNIVERSAL
(0)
..0.
.... = P/C: Primitive
Encoding
...0 1010 = Tag: ENUMERATED
(10)
Length: 1
BER Error: Sequence expected but class:UNIVERSAL(0) primitive tag:10 was
unexpected
0000 e8 e8 3f 83 0a 40 88
70 09 00 03 0e 18 0b 12 08 [email protected]........
0010 00 12 04 79 51 05
39 00 11 0a 12 08 00 12 04 79 ...yQ.9........y
0020 54 85
99 04 3d 64 3b 49 04 b5 07 f1 5a 6b 26 28
T...=d;I....Zk&(
0030 24 06 07 00 11 86 05 01 01 01 a0 19 61 17 a1
09 $...........a...
0040 06 07 04 00 00 01 00 19 03 a2 03
02 01 00 a3 05 ................
0050 a1 03 02 01 00 6c 0b
a3 09 02 01 00 02 01 20 0a .....l........ .
0060 01
01
..
Shouldn't there be SEQUENCE before the ENUMERATED tag?
Regards
Anders
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of DROUIN FLORENT
Sent: den 7 januari 2009 18:26
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Help on understanding Application context inTCAPto be used by GSM MAP
De : wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] De la part de tulip neo
Envoyé : mercredi 7 janvier 2009 15:31
À : wireshark-dev@xxxxxxxxxxxxx
Objet : [Wireshark-dev] Help on understanding Application context in TCAPto be used by GSM MAP
Hi List,
Good Evening. I have a problem with GSM MAP Decoding.So according to the implimentaion map rel version should be determined dynamically based on application context. I undesrstand it this way.Application conext is used if its recieved by traffic. if its recived and the call alreday exist than we may fall back with mismatch. My question is How do i know which version of GSM map wireshark uses internally for a specific message.(Well need to debug is there any other way). There seem to be no version checking except some checking with application context value 1,2 and 3.Wireshark checks only application_context_version ==3 nd in some cases <3 .I m intrested to know is it only handled this way or some other way out. I Know that the following version release are possible in case of GSM MAP. GSM 09.02 Ph 1 :v3.11.0
GSM 09.02 Ph 2 :v4.19.1 3GPP TS 29.002 :v3.12.0 3GPP TS 29.002 :v4.13.0 3GPP TS 29.002 :v5.7.0 3GPP TS 29.002 :v5.10.0 3GPP TS 29.002 :v6.8.0 3GPP TS 29.002 :v6.14.0 3GPP TS 29.002 :v7.8.0 Which version wireshark currently supports.
I see only the following from sources: ETSI TS 129 002 ETSI TS 129 002 V7.5.0 (3GPP TS 29.002 V7.5.0 (2006-09) Release 7) ETSI TS 129 002 V8.4.0 (3GPP TS 29.002 V8.1.0 (2007-06) Release 8) 3GPP TS 24.080 secondly i saw from sources that it is using MTP3 PC to match a
call.I understand
it this way when we have a message,we check for OID(Source/destnination).continue can have both while begin has source and abort/end have destination.so comparing previously recived message with recently recived message we can find the matching call but i m wondering why MTP3 PC is used. I have attached a smaple trace where frame 1 and 3 belong to same
transaction.
frame 1 is begin and frame 3 is end.begin message at frame 1 source transaction id C746F173 is same as end messae at frame 3(dest trans id C746F173).both have application-context-name: 0.4.0.0.1.0.24.2 (mwdMngtContext-v2). so in this case v2 is used.if with end message there would not have been any application-context-name than it would have used begin's Application context name. on the other hand in frame 2 it gives some decoding error.is it the case that wireshark has a bug or some thing else. Any help/pointer on this would help me really to understand the
transaction management in TCAP.
Br
tulip |
Add more friends to your messenger and enjoy! Invite them now.
- Follow-Ups:
- References:
- Prev by Date: Re: [Wireshark-dev] Package issue under Windows XP
- Next by Date: Re: [Wireshark-dev] Help on understanding Application contextinTCAPto be used by GSM MAP
- Previous by thread: Re: [Wireshark-dev] Help on understanding Application context in TCAPto be used by GSM MAP
- Next by thread: Re: [Wireshark-dev] Help on understanding Application contextinTCAPto be used by GSM MAP
- Index(es):