Yes I can give you the L2 & L3 hex in the CSV or text format. As I said I
now believe the "Export to Ethereal" is only for their ADSL & Ethernet
analysers, so we can forget that. Currently I only have a few traces, I can
do many more in about three weeks, both of my analysers are currently at
customers at the moment. When I get them back I'll get you traces from my
lab of any ASN.1 you need.
Do you just want me to attach them to one of these emails to
Wireshark-users?
-----Original Message-----
From: Guy Harris
Sent: Monday, October 24, 2011 12:53 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] ISDN Layer 3 decode
On Oct 23, 2011, at 2:13 PM, Keith French wrote:
OK I can do that, I have a trace of a very simple Q.Sig call, however the
text or CSV options do not show the detailed decode at layer 3 that is
contained within the .aps files, they only show the summary view (very
like the appearance of a normal Wireshark trace.
Presumably you mean "like the appearance of the summary view in Wireshark",
i.e. the entries in the packet list pane.
How do you want me to send them to you?
I infer, perhaps incorrectly, from your earlier message:
I have an ISDN (E1) analyser that cannot decode Q.Sig�s ASN1 notation
holding information about call transfers etc. I know from another analyser
that can export its D channel decode in Wireshark format, that Wireshark
has an excellent decode for this.
Is there any way I can take the raw hex at layers 2 & 3 (LAPD layer 2) for
each message and via something like text2pcap get Wireshark to decode this
for me?
I have tried a syntax like:-
text2pcap input.txt output.pcap
but it just reports that it has read 0 packets.
The input file just contains the hex from one message, I have tried
combining the layer 2 & 3 hex and just using the L3 hex.
that the Aethra software can dump the raw hex contents of the packet.
That's the information we really need, so that we can try to find, within
the binary .aps file, the raw packet data. Any "meta-data" shown by the
analyzer, whether it's in the form of a Wireshark-like detailed dissection
or even just a summary view, would also be useful; packets are probably
time-stamped, so the time stamps for all the packets would be useful. There
might be other metadata, such as packet direction (user-to-network or
network-to-user), channel, etc. in the summary, or in a CSV dump, or even in
a screenshot. The more, the better.
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe