Wireshark-users: Re: [Wireshark-users] DAG 3.7T card SS7 capture

From: "Luis EG Ontanon" <luis@xxxxxxxxxxx>
Date: Wed, 14 May 2008 16:43:36 +0200
Is the MTP flavour in Preferences->protocols->MTP set to the right one
(ITU/ANSI/Japan)?


2008/5/14 B.Tosovsky <B.Tosovsky@xxxxxxxxx>:
> Thank you for the response. I have partial succes. I changed link type to ss7 and now i see proper mtp3 layer messages, but sccp layer packets are malformed either as mtp2 layer packets  (FISU ???). Is it possible packets are somewhere cutted ?
>  I use latest stable wireshark 1.0.0 version and libpcap 0.9.8.
>
>  Thanks B.
>  > ------------ Původní zpráva ------------
>  > Od: B.Tosovsky <B.Tosovsky@xxxxxxxxx>
>  > Předmět: DAG 3.7T card SS7 captur
>  > Datum: 14.5.2008 15:27:03
>  > ----------------------------------------
>
>
> > Hello,
>  >
>  > can you please help. I am playing with this card in Debian. Card is properly
>  > installed, libpcap was compiled with DAG support.
>  >
>  > If i try to capture mtp2 packets  with endace tool dagsnap and save in ERF
>  > format I a can read this file offline in wireshark properly.
>  >
>  > But if i try to capture packets  directly in wireshark through new interface
>  > dag0  I see capturing packets, but there are decoded as CISCO HDLC malformed
>  > packets ???
>  >
>  > Same situation is if i try to convert ERF file with dagconvert tool to pcap
>  > file.
>  >
>  > Thanks
>  >
>  > B.
>  >
>  >
>  _______________________________________________
>  Wireshark-users mailing list
>  Wireshark-users@xxxxxxxxxxxxx
>  http://www.wireshark.org/mailman/listinfo/wireshark-users
>



-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan