ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-dev: Re: [Ethereal-dev] VoIP call analysis: ISUP messages listed several times

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: LEGO <luis.ontanon@xxxxxxxxx>
Date: Thu, 3 Mar 2005 00:26:13 +0100
checked in

On Wed, 02 Mar 2005 14:26:30 -0700, Alejandro Vaquero
<alejandrovaquero@xxxxxxxxx> wrote:
> Hi List,
>     Attached is a small patch to fix this problem. The issue is that
> TCAP also uses MTP3 layer, so the MTP3 tap was called also for TCAP
> packets, and there was not checking if the upper layer was ISUP or TCAP.
> I made this matching using the frame number (not sure if this is the
> clearest way to do it).
> 
> Regards
> Alejandro
> 
> Jacques, Olivier (OCBU-Test Infra) wrote:
> 
> >Hello,
> >
> >Using VoIP call analysis, I encountered one issue:
> >if the capture contains a mix of TCAP+ISUP protocol, then all packets
> >following an ISUP message are seen as being duplicate of the last ISUP
> >messages (like in the picture attached), this is both in the voip dialog
> >and in the graph.
> >
> >Btw, I cannot thanks enough everybody who worked on this feature. This
> >is just a fantastic one.
> >
> >Olivier.
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >Ethereal-dev mailing list
> >Ethereal-dev@xxxxxxxxxxxx
> >http://www.ethereal.com/mailman/listinfo/ethereal-dev
> >
> >
> 
> 
> Index: gtk/voip_calls.c
> ===================================================================
> --- gtk/voip_calls.c    (revision 13572)
> +++ gtk/voip_calls.c    (working copy)
> @@ -650,6 +650,7 @@
>  static guint16         isup_cic;
>  static guint8          isup_message_type;
>  static guint8          isup_cause_value;
> +static guint32         isup_frame_num;
> 
>  /****************************************************************************/
>  /* whenever a isup_ packet is seen by the tap listener */
> @@ -668,7 +669,7 @@
>         isup_message_type = pi->message_type;
>         isup_cause_value = pi->cause_value;
>         isup_cic = pinfo->circuit_id;
> -
> +       isup_frame_num = pinfo->fd->num;
>         return 0;
>  }
> 
> @@ -738,6 +739,9 @@
> 
>         const mtp3_tap_rec_t *pi = mtp3_info;
> 
> +       /* check if the upper layer is ISUP matching the frame number */
> +       if (isup_frame_num != pinfo->fd->num) return 0;
> +
>         /* check wether we already have a call with these parameters in the list */
>         list = g_list_first(tapinfo->strinfo_list);
>         while (list)
> 
> 
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
> 
> 
> 


-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube