Wireshark-users: Re: [Wireshark-users] How to import RRC hex dump into Wireshark fordecoding

From: "Kukosa, Tomas" <tomas.kukosa@xxxxxxxxxxx>
Date: Tue, 23 Oct 2007 19:47:30 +0200
It is necessary to assign to the user DLT specific RRC message type (instead of "rrc").
There are following message types registered:
rrc.dl.dcch
rrc.dl.dcch
rrc.ul.dcch
rrc.dl.ccch
rrc.ul.ccch
rrc.pcch
rrc.dl.shcch
rrc.ul.shcch
rrc.bcch.fach
rrc.bcch.bch
rrc.mcch
rrc.msch
 
Unfortunately with this solution it is not possible to have more message types in one cap file.
 

________________________________

Od: wireshark-users-bounces@xxxxxxxxxxxxx za uživatele PF Law
Odesláno: út 23.10.2007 19:06
Komu: Community support list for Wireshark
Předmět: Re: [Wireshark-users] How to import RRC hex dump into Wireshark fordecoding


I have constructed the cap file. However, I shall also need to specify the message type for the RRC protocol, e.g. DL-DCCH-Message, UL-DCCH-Message, DL-CCCH-Message, UL-CCCH-Message, PCCH-Message, .....

In my example, message type is UL-DCCH-Message and the hex dump is "BF 02 26 13 9A 25 00 25 02 76 84 94 48 4E 50 04 7F FE 43 73 60 00 48 00". 

Where and how can I tell the RRC dissector that message to be decoded is a UL-DCCH-Message? Thanks.

No.     Time        Source                Destination           Protocol Info
      1 0.000000                                                RRC      

Frame 1 (24 bytes on wire, 24 bytes captured)
    Arrival Time: Oct 24, 2007 00:42:28.000000000
    [Time delta from previous captured frame: 0.000000000 seconds]
    [Time delta from previous displayed frame: 0.000000000 seconds]
    [Time since reference or first frame: 0.000000000 seconds]
    Frame Number: 1
    Frame Length: 24 bytes
    Capture Length: 24 bytes
    [Frame is marked: False]
    [Protocols in frame: user_dlt:rrc] 
DLT: 153
Radio Resource Control (RRC) protocol

0000  bf 02 26 13 9a 25 00 25 02 76 84 94 48 4e 50 04   ..&..%.%.v..HNP.
0010  7f fe 43 73 60 00 48 00                           ..Cs`.H.



On 10/23/07, Luis EG Ontanon <luis.ontanon@xxxxxxxxx> wrote: 

	take a look to:
	http://wiki.wireshark.org/HowToDissectAnything
	
	
	On 10/22/07, PF Law <pok.fung@xxxxxxxxx> wrote: 
	> Wireshark 0.99.6 supports RRC protocol.
	>
	> If I want to just make use of this capability to decode some external RRC
	> hex dump for some purposes, does anyone know how I can achieve this in
	> details?
	>
	> e.g. I want to get the below RRC hex dump decoded in Wireshark.
	>
	> RRC hex dump: BF 02 26 13 9A 25 00 25 02 76 84 94 48 4E 50 04 7F FE 43 73 60
	> 00 48 00
	>
	> Thanks a lot. 
	>
	> _______________________________________________
	> Wireshark-users mailing list
	> Wireshark-users@xxxxxxxxxxxxx
	> http://www.wireshark.org/mailman/listinfo/wireshark-users
	>
	>
	
	
	--
	This information is top security. When you have read it, destroy yourself.
	-- Marshall McLuhan
	_______________________________________________ 
	Wireshark-users mailing list
	Wireshark-users@xxxxxxxxxxxxx
	http://www.wireshark.org/mailman/listinfo/wireshark-users 
	


<<winmail.dat>>