Hello,
Could you try to use the latest wireshark version.
In the capture menu, use the device dag0 and the datalink "ERF"
For the capture filter, use "!fisu", to remove the FISU.
And in the ERF decoder, set the decoding of HDLC to SS7 MTP2.
It should work.
Regards
Florent
-----Message d'origine-----
De : wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] De la part de B.Tosovsky
Envoyé : mercredi 14 mai 2008 15:27
À : wireshark-users@xxxxxxxxxxxxx
Objet : [Wireshark-users] DAG 3.7T card SS7 capture
Hello,
can you please help. I am playing with this card in Debian. Card is properly installed, libpcap was compiled with DAG support.
If i try to capture mtp2 packets with endace tool dagsnap and save in ERF format I a can read this file offline in wireshark properly.
But if i try to capture packets directly in wireshark through new interface dag0 I see capturing packets, but there are decoded as CISCO HDLC malformed packets ???
Same situation is if i try to convert ERF file with dagconvert tool to pcap file.
Thanks
B.
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
