On Oct 23, 2011, at 2:13 PM, Keith French wrote:
> OK I can do that, I have a trace of a very simple Q.Sig call, however the text or CSV options do not show the detailed decode at layer 3 that is contained within the .aps files, they only show the summary view (very like the appearance of a normal Wireshark trace.
Presumably you mean "like the appearance of the summary view in Wireshark", i.e. the entries in the packet list pane.
> How do you want me to send them to you?
I infer, perhaps incorrectly, from your earlier message:
> I have an ISDN (E1) analyser that cannot decode Q.Sig’s ASN1 notation holding information about call transfers etc. I know from another analyser that can export its D channel decode in Wireshark format, that Wireshark has an excellent decode for this.
>
> Is there any way I can take the raw hex at layers 2 & 3 (LAPD layer 2) for each message and via something like text2pcap get Wireshark to decode this for me?
>
> I have tried a syntax like:-
>
> text2pcap input.txt output.pcap
>
> but it just reports that it has read 0 packets.
>
> The input file just contains the hex from one message, I have tried combining the layer 2 & 3 hex and just using the L3 hex.
that the Aethra software can dump the raw hex contents of the packet. That's the information we really need, so that we can try to find, within the binary .aps file, the raw packet data. Any "meta-data" shown by the analyzer, whether it's in the form of a Wireshark-like detailed dissection or even just a summary view, would also be useful; packets are probably time-stamped, so the time stamps for all the packets would be useful. There might be other metadata, such as packet direction (user-to-network or network-to-user), channel, etc. in the summary, or in a CSV dump, or even in a screenshot. The more, the better.
