Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 4447] New: Endace ATM and AAL2 enhancements

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 1 Feb 2010 19:38:01 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4447

           Summary: Endace ATM and AAL2 enhancements
           Product: Wireshark
           Version: SVN
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: stephen@xxxxxxxxxx


Created an attachment (id=4245)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4245)
Endace ATM enhancement patch against svn 31765

Build Information:
wireshark 1.3.3 (SVN Rev 31761 from /trunk)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.18.3, with GLib 2.22.3, with libpcap 0.9-PRE-CVS, with
libz
1.2.3.3, with POSIX capabilities (Linux), with libpcre 7.8, without SMI,
without
c-ares, with ADNS, with Lua 5.1, without Python, with GnuTLS 2.8.3, with Gcrypt
1.4.4, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Jun 20
2009 13:28:51), without AirPcap, with new_packet_list.

Running on Linux 2.6.31-16-generic, with libpcap version 0.9-PRE-CVS, GnuTLS
2.8.3, Gcrypt 1.4.4.

Built using gcc 4.4.1.

--
The ERF format has a number of different formats for ATM, including raw ATM
cells and two different AAL2 encapsulations (ERF_TYPE_MC_AAL2 and
ERF_TYPE_AAL2).

This patch improves decoding by dissecting the ERF AAL2 pseudo header and
calling the appropriate packet-atm dissectors.

Raw ATM cell decoding (ERF_TYPE_ATM) is also improved by calling the packet-atm
dissector with ATM_NO_HEC flag, allowing the ATM cell header to be dissected
correctly.

Packet-atm dissect_atm_cell() is extended with the ATM_NO_HEC flag to allow the
dissection of raw ATM cells without HEC present.

Packet-atm TRAF_UMTS_FP dissector is extended to support a new flag
ATM_AAL2_NOPHDR to dissect tvbs without the 'dct2000 pseudoheader'.

Discussion:

It would be useful to have a user preference to set/override the
pinfo->pseudo_header->atm.type and atm.subtype fields. This information is not
available in ERF files, so we must set e.g. TRAF_UNKNOWN, TRAF_ST_UNKNOWN
providing poor dissection.

This preference could be added in packet-erf or in packet-atm, which is most
appropriate?

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube