Wireshark-users: Re: [Wireshark-users] Gr Interface
Date: Fri, 2 Mar 2007 15:23:52 +0100
Hi,
The recommended linux system is Debian, stable version Sarge (see
www.debian.org).
The installation CD for Debian linux is included in the package, with the
software for the board.
If you have a recent PC, you can install the Etch version, because the SATA
is not taken into account in the installer for the Sarge Version.
Of course, you can install an other distribution if you want ( Ubuntu,
Redhat, or Suse etc..)
The instructions for the system configuration are given in the "Linux
FreeBSD Installation Guide", and in the "User Guide".
If you are familiar with linux installation/configuration, and if you are
able to compile the kernel and wireshark/libpcap from scratch, you will not
have difficulties for the system installation.
For the system configuration, it is a little bit the same, but not really
complex, and you can ask the support team or me.
Regards
Florent
"Cortes, Joseph"
<joseph.cortes@xxxxxxxxxxx To: "Community support list for Wireshark"
> <wireshark-users@xxxxxxxxxxxxx>
Sent by: cc:
wireshark-users-bounces@wi Subject: Re: [Wireshark-users] Gr Interface
reshark.org
02/03/2007 14:22
Please respond to
Community support list for
Wireshark
Florent,
Thanks for the info; I already have a price for the card and pod and will
most probably be getting it.
I am fairly conversant with Linux. Can you please send me some instructions
on how to get this going, what particular distro do you recommend ?
Joe
If you have any questions or comments please let me know.
Kind Regards
Joseph Cortes
Current Date & Time in Gibraltar
Joseph Cortes
Wireless Department
Gibtelecom
P.O. Box 929
Suite 942 Europort
Gibraltar
Tel: +350 52211
GSM: +350 57003000
Fax: +350 57003500
Email: joseph.cortes@xxxxxxxxxxx
Web: www.gibtele.com
STANDARD EMAIL DISCLAIMER FOLLOWS FOR LEGAL REASONS:
This electronic message contains information from GIBTELECOM which may be
privileged or confidential. The information is intended to be for the use
of the individual(s) or entity named above. If you are not the intended
recipient, be aware that any disclosure, copying, distribution or use of
the contents of this information is prohibited. If you have received this
electronic message in error please notify us by telephone or e-mail (to the
number or address above) and delete it
Viruses: Although our Company attempts to sweep e-mail and attachments for
viruses, it does not guarantee that either are virus-free and accepts no
liability for any damage sustained as a result of viruses
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
Florent.Drouin@xxxxxxxxxxxxxxxxx
Sent: 01 March 2007 15:54
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Gr Interface
Hello,
I will just complete the answers of Anders.
For each of the three board manufacturers referenced in the capture/SS7
wiki, a Web Site link is available.
You can have a look at the distributors list on the Web site, I think all
of them have resellers in Europe.
But I think you should first contact the sales and request for a quotation,
and/or for additional informations to be sure this is the system you are
expecting.
For my part, I have got an Endace DAG37T board on a linux PC to monitor the
target system.
The board can monitor 8 E1/T1 duplex (8 ports for RX and 8 ports for TX on
the external 16-port Pod)
( see http://www.endace.com/dag3.7T.htm )
To setup the system, you have to compile the linus kernel, and to integrate
a specific module for the board.
Then you will have to compile the last libpcap to integrate the specific
API for the board.
And finally, you will have to compile the last version of wireshark (or at
leat 99.5) to link to your private libpcap.
For the connectic, you have to use Y cables (or better E1/T1 Tap), because
the system is not working in loop mode.
Once the monitoring system is installed and configured, you can capture and
analyze in real-time the trafic on the E1/T1 links with wireshark.
Best regards.
Florent
"Anders Broman"
<a.broman@xxxxxxxxx> To:
"'Community support list for Wireshark'"
Sent by:
<wireshark-users@xxxxxxxxxxxxx>
wireshark-users-bounces@wi cc:
reshark.org Subject: Re:
[Wireshark-users] Gr Interface
01/03/2007 14:11
Please respond to
Community support list for
Wireshark
Hi,
Following the "endance" link on the wiki gives
http://www.endace.com/contact.htm I'm sure Intel will have the samy type of
info. I have no experience of these cards myself.
Best regards
Anders
-----Ursprungligt meddelande-----
Från: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] För Cortes, Joseph
Skickat: den 1 mars 2007 11:15
Till: Community support list for Wireshark
Ämne: Re: [Wireshark-users] Gr Interface
Florent / Anders,
Thanks for the info,
Any idea where I can purchase these cards in Europe?
Thanks
Joe
If you have any questions or comments please let me know.
Kind Regards
Joseph Cortes
Current Date & Time in Gibraltar
Joseph Cortes
Wireless Department
Gibtelecom
P.O. Box 929
Suite 942 Europort
Gibraltar
Tel: +350 52211
GSM: +350 57003000
Fax: +350 57003500
Email: joseph.cortes@xxxxxxxxxxx
Web: www.gibtele.com
STANDARD EMAIL DISCLAIMER FOLLOWS FOR LEGAL REASONS:
This electronic message contains information from GIBTELECOM which may be
privileged or confidential. The information is intended to be for the use
of
the individual(s) or entity named above. If you are not the intended
recipient, be aware that any disclosure, copying, distribution or use of
the
contents of this information is prohibited. If you have received this
electronic message in error please notify us by telephone or e-mail (to the
number or address above) and delete it
Viruses: Although our Company attempts to sweep e-mail and attachments for
viruses, it does not guarantee that either are virus-free and accepts no
liability for any damage sustained as a result of viruses
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
Florent.Drouin@xxxxxxxxxxxxxxxxx
Sent: 27 February 2007 11:54
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Gr Interface
Hello Joseph,
Sorry for the delay.
As said Anders, you can have a look at the wiki.
The boards integrated with the PCAP library can be used under several OSs
(libpcap for Unix, Winpcap for windows) to do realtime monitoring.
In any case, I suggest you to use the last PCAP library, there are a lot of
changes concerning the SS7.
Regards
Florent
"Anders Broman \(AL/EAB\)"
<anders.broman@xxxxxxxxxxx To:
"Community
support list for Wireshark"
m>
<wireshark-users@xxxxxxxxxxxxx>
Sent by: cc:
wireshark-users-bounces@wi Subject: Re:
[Wireshark-users] Gr Interface
reshark.org
26/02/2007 11:44
Please respond to
Community support list for
Wireshark
Hi,
You can find some information on SS7 capture here
http://wiki.wireshark.org/CaptureSetup/SS7
Best regards
Anders
________________________________
Från: wireshark-users-bounces@xxxxxxxxxxxxx genom Cortes, Joseph
Skickat: må 2007-02-26 10:52
Till: Community support list for Wireshark
Ämne: Re: [Wireshark-users] Gr Interface
Florent,
Are you by any chance capturing ss7 directly using Wireshark?
If so what hardware (ss7 card are you using, OS, etc...)
Thanks
Joe
If you have any questions or comments please let me know.
Kind Regards
Joseph Cortes
Current Date & Time in Gibraltar
Joseph Cortes
Wireless Department
Gibtelecom
P.O. Box 929
Suite 942 Europort
Gibraltar
Tel: +350 52211
GSM: +350 57003000
Fax: +350 57003500
Email: joseph.cortes@xxxxxxxxxxx
Web: www.gibtele.com
STANDARD EMAIL DISCLAIMER FOLLOWS FOR LEGAL REASONS:
This electronic message contains information from GIBTELECOM which may
be privileged or confidential. The information is intended to be for the
use of the individual(s) or entity named above. If you are not the
intended recipient, be aware that any disclosure, copying, distribution
or use of the contents of this information is prohibited. If you have
received this electronic message in error please notify us by telephone
or e-mail (to the number or address above) and delete it
Viruses: Although our Company attempts to sweep e-mail and attachments
for viruses, it does not guarantee that either are virus-free and
accepts no liability for any damage sustained as a result of viruses
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
Florent.Drouin@xxxxxxxxxxxxxxxxx
Sent: 23 February 2007 13:04
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Gr Interface
Joseph,
You could add your utility in the tools section of the wireshark wiki
http://wiki.wireshark.org/Tools
The datalink value for MTP2 is 140, so as the datalink is already
existing,
you do not need to use a User Datalink.
The value of the datalink are stored in wiretap/libpcap.c, or in the
libpcap sources.
Regards
Florent
"Cortes, Joseph"
<joseph.cortes@xxxxxxxxxxx To:
"Community support list for Wireshark"
>
<wireshark-users@xxxxxxxxxxxxx>
Sent by: cc:
wireshark-users-bounces@wi Subject: Re:
[Wireshark-users] Gr Interface
reshark.org
23/02/2007 12:11
Please respond to
Community support list for
Wireshark
Florent,
I already realised that, I have actually written a small utility to ever
come this i.e. to convert from hex text to Wireshark pcap in one go.
Where can I post this for other users with this problem?
One small question why did you specify -l 140 ? Does this indicate MTP2,
I am using -l 147 and then setting the payload to MTP2 under one of the
DLT user settings for 147.
Joe
If you have any questions or comments please let me know.
Kind Regards
Joseph Cortes
Current Date & Time in Gibraltar
Joseph Cortes
Wireless Department
Gibtelecom
P.O. Box 929
Suite 942 Europort
Gibraltar
Tel: +350 52211
GSM: +350 57003000
Fax: +350 57003500
Email: joseph.cortes@xxxxxxxxxxx
Web: www.gibtele.com
STANDARD EMAIL DISCLAIMER FOLLOWS FOR LEGAL REASONS:
This electronic message contains information from GIBTELECOM which may
be privileged or confidential. The information is intended to be for the
use of the individual(s) or entity named above. If you are not the
intended recipient, be aware that any disclosure, copying, distribution
or use of the contents of this information is prohibited. If you have
received this electronic message in error please notify us by telephone
or e-mail (to the number or address above) and delete it
Viruses: Although our Company attempts to sweep e-mail and attachments
for viruses, it does not guarantee that either are virus-free and
accepts no liability for any damage sustained as a result of viruses
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
Florent.Drouin@xxxxxxxxxxxxxxxxx
Sent: 22 February 2007 17:14
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Gr Interface
Hello,
You have to modify your test file to add an "ascii dump" at each end of
line, and to remove the lines containing a description
(see the attached text file).
Then you will have to convert the file with:
text2pcap -l 140 hex2.txt hex2.cap
The link layer for Gr interface is MTP2.
(See attached file: hex2.txt)(See attached file: hex2.cap)
Regards
Florent
"Cortes, Joseph"
<joseph.cortes@xxxxxxxxxxx To:
<wireshark-users@xxxxxxxxxxxxx>, <wireshark-dev@xxxxxxxxxxxxx>
> cc:
Sent by: Subject:
[Wireshark-users] Gr Interface
wireshark-users-bounces@wi
reshark.org
22/02/2007 12:33
Please respond to
Community support list for
Wireshark
Hi,
Totally new to the wireshark product:
I've captured the following on the Gr interface i.e. between the SGSN
and
the HLR on a Nettest MPA 7300 and save the capture as hex only. (file
attached)
I've tried the text2pcap ? l 147 hex.txt hex.cap ( Not sure if this is
what
I should be doing) this creates the hex.cap file.
C:\Programs\Wireshark>text2pcap -l 147 hex.txt hex.cap
Input from: hex.txt
Output to: hex.cap
Wrote packet of 15 bytes at 0
Wrote packet of 15 bytes at 15
Wrote packet of 15 bytes at 30
Wrote packet of 15 bytes at 45
Wrote packet of 15 bytes at 60
Wrote packet of 15 bytes at 75
Read 6 potential packets, wrote 6 packets
I open this file with wireshark, then under DLT user A I select the
DLT=147
and the payload as gsm_map but I get
"DLT User A: No such proto: gsm_map"
How do I go about to decode this file??
Thanks
Joe
If you have any questions or comments please let me know.
Kind Regards
Joseph Cortes
Current Date & Time in Gibraltar
Joseph Cortes
Wireless Department
Gibtelecom
P.O. Box 929
Suite 942 Europort
Gibraltar
Tel: +350 52211
GSM: +350 57003000
Fax: +350 57003500
Email: joseph.cortes@xxxxxxxxxxx
Web: www.gibtele.com
STANDARD EMAIL DISCLAIMER FOLLOWS FOR LEGAL REASONS:
This electronic message contains information from GIBTELECOM which may
be
privileged or confidential. The information is intended to be for the
use
of the individual(s) or entity named above. If you are not the intended
recipient, be aware that any disclosure, copying, distribution or use of
the contents of this information is prohibited. If you have received
this
electronic message in error please notify us by telephone or e-mail (to
the
number or address above) and delete it
Viruses: Although our Company attempts to sweep e-mail and attachments
for
viruses, it does not guarantee that either are virus-free and accepts no
liability for any damage sustained as a result of viruses
(See attached file: HEX.TXT)
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
(See attached file: winmail.dat)
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
- References:
- Re: [Wireshark-users] Gr Interface
- From: Cortes, Joseph
- Re: [Wireshark-users] Gr Interface
- Prev by Date: Re: [Wireshark-users] Gr Interface
- Next by Date: [Wireshark-users] emergency, Please help me!
- Previous by thread: Re: [Wireshark-users] Gr Interface
- Next by thread: Re: [Wireshark-users] Using multiple files with tshark
- Index(es):