On Thu, Feb 28, 2002 at 05:35:48PM +0300, Corpse wrote:
> I have an opportunity to send Q.931 packets through local network to
> specified port using UDP protocol. As an option, I can send LAPD or
> HDLC packets also. I use my own code for Q.931/PRI and LAPD, and want
> to analize traffic on L3, or both layers, using local network.
>
> Can I use ethereal to capture and dissect such packets?
Not without changing it.
> If no, then what is required to activate Q.931 dissector?
If you are sending Q.931 and LAPD inside UDP with no additional headers,
then you should modify the Q.931 dissector so that
"proto_reg_handoff_q931()" does
dissector_handle_t q931_handle;
q931_handle = find_dissector("q931");
dissector_add("udp.port", {q931-portnum}, q931_handle);
where {q931-portnum} is the UDP port number you're using for Q.931, and
you should modify the LAPD dissector so that "proto_reg_handoff_lapd()"
does, after the existing call to "dissector_add()":
dissector_add("udp.port", {lapd-portnum}, lapd_handle)
where {lapd-portnum} is the UDP port number you're using for LAPD.
There is no HDLC dissector in Ethereal - there's a "Cisco HDLC"
dissector, but that's not really normal HDLC, and there are dissectors
for various specific HDLC-based protocols (LAPB, LAPD, 802.2 LLC) where
there's a convention or standard for the protocol that runs above them -
so there's no HDLC dissector to modify.
