Hi List,
Attached is a small patch to fix this problem. The issue is that
TCAP also uses MTP3 layer, so the MTP3 tap was called also for TCAP
packets, and there was not checking if the upper layer was ISUP or TCAP.
I made this matching using the frame number (not sure if this is the
clearest way to do it).
Regards
Alejandro
Jacques, Olivier (OCBU-Test Infra) wrote:
Hello,
Using VoIP call analysis, I encountered one issue:
if the capture contains a mix of TCAP+ISUP protocol, then all packets
following an ISUP message are seen as being duplicate of the last ISUP
messages (like in the picture attached), this is both in the voip dialog
and in the graph.
Btw, I cannot thanks enough everybody who worked on this feature. This
is just a fantastic one.
Olivier.
------------------------------------------------------------------------
------------------------------------------------------------------------
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
Index: gtk/voip_calls.c
===================================================================
--- gtk/voip_calls.c (revision 13572)
+++ gtk/voip_calls.c (working copy)
@@ -650,6 +650,7 @@
static guint16 isup_cic;
static guint8 isup_message_type;
static guint8 isup_cause_value;
+static guint32 isup_frame_num;
/****************************************************************************/
/* whenever a isup_ packet is seen by the tap listener */
@@ -668,7 +669,7 @@
isup_message_type = pi->message_type;
isup_cause_value = pi->cause_value;
isup_cic = pinfo->circuit_id;
-
+ isup_frame_num = pinfo->fd->num;
return 0;
}
@@ -738,6 +739,9 @@
const mtp3_tap_rec_t *pi = mtp3_info;
+ /* check if the upper layer is ISUP matching the frame number */
+ if (isup_frame_num != pinfo->fd->num) return 0;
+
/* check wether we already have a call with these parameters in the list */
list = g_list_first(tapinfo->strinfo_list);
while (list)
