Wireshark
the world's foremost network protocol analyzer
Wireshark-users: [Wireshark-users] Question about parsing raw MTP3
From: "Keith Fleming" <kfleming@xxxxxxxxxxxxxxxxxx>
Date: Wed, 4 Oct 2006 10:05:40 -0500
|
I have taken some raw SS7 MTP3 data from our application and
have converted it to pcap format. Wireshark is able to pull this file in, but it
is looking at it as if it was Ethernet. It is expecting the first six octets to
be the MAC address, etc. It is MTP3 data, starting with the SIO octet, then the
two 24 bit point codes, then the SLS, etc. Is it possible to tell wireshark, “interpret this as
MTP3 and don’t worry about there not being any link-level (or lower)
data” I’m thinking there has to be a way of short circuiting
the lower layer dissectors. Any help is appreciated. Thanks in advance. The information contained in this message may be confidential to Kodiak Networks, Inc. and its subsidiaries and protected from disclosure. If this message did not reach the intended recipient, or an employee or agent responsible for delivering it to the intended recipient, you are hereby informed that any distribution or copying of this communication is prohibited. If you have received this communication in error, please notify us immediately by replying to the sender of the message and then delete the message. Thank you. |
- Follow-Ups:
- Re: [Wireshark-users] Question about parsing raw MTP3
- From: Anders Broman
- Re: [Wireshark-users] Question about parsing raw MTP3
- Prev by Date: [Wireshark-users] Problems locating relevant calls
- Next by Date: Re: [Wireshark-users] Question about parsing raw MTP3
- Previous by thread: [Wireshark-users] Problems locating relevant calls
- Next by thread: Re: [Wireshark-users] Question about parsing raw MTP3
- Index(es):