http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2320
Summary: New dissector: redback lawful intercept
Product: Wireshark
Version: SVN
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: flo@xxxxxxxxxx
Created an attachment (id=1502)
--> (http://bugs.wireshark.org/bugzilla/attachment.cgi?id=1502)
RedBack LI Patch against SVN 24458
Build Information:
./configure && make
--
New dissector for the RedBack Lawful Intercept Packet header.
Patch against SVN Revision 24458
Builds okay and survived fuzz test with 100 passes ...
Redback encapsulates LI Sessions in UDP and prepends the final IP Packet with a
Packet Header - Decoded it looks like this:
Redback Lawful Intercept
Sequence No AVP
AVP Type: 1
AVP Length: 4
Sequence No: 36303
Lawful Intercept Id AVP
AVP Type: 2
AVP Length: 4
Lawful Intercept Id: 0
Session Id AVP
AVP Type: 3
AVP Length: 4
Session Id: 0
Label AVP
AVP Type: 20
AVP Length: 16
Label: Xrdsl-gtso-de99
End Of Header AVP
AVP Type: 0
AVP Length: 0
Basically a list of AVPs where only 5 of them are currently in use. There is no
predefined UDP Port this traffic can be found on - its a configuration issue on
the BRASes side.
--
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
