Wireshark-dev: Re: [Wireshark-dev] Dificulties in dissecting some packets
From: "Anders Broman \(AL/EAB\)" <[email protected]>
Date: Wed, 13 Dec 2006 17:50:06 +0100
Hi,
In addition it looks like a telecom proto with a BCD coded number so it might allready be a dissector
or a routine avalable.
BR
Anders
 

________________________________

From: [email protected] on behalf of Sebastien Tandel
Sent: Wed 12/13/2006 5:30 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Dificulties in dissecting some packets



hi,

sorry for the previous mail, I was reading my mail with horde and the
figures did not rendered the format correctly and now I'm seeing it in
Thunderbird and it represents them correctly now ;)

all is documented in the doc/README.developer

case 1) with a structure "value_string"
case 2) if you're using the svn version of wireshark, you're lucky, you
can use the new feature "range_string" else see the following
http://www.wireshark.org/lists/wireshark-dev/200612/msg00039.html
case 3) "true_false_string"


Hope that helps,

Sebastien Tandel



[email protected] wrote:
> hi,
>
>   may you format you mail in an other way, please?
>
> Selon [email protected]:
>
>  
>> Hi ,
>>
>> I have encountered some problems when dissecting the packets for a
>> protocol.I am mentioning 3 different scenarios
>>
>>
>>
>> 1.
>>
>> In the below case , the octet is split into parts and each part viz x ,
>> y and z take different values.
>>
>> I am not able to understand how to go about it.
>>
>>
>>
>>                                                             PARAMETER 1
>>
>>
>> 7
>>
>> 6
>>
>> 5
>>
>> 4
>>
>> 3
>>
>> 2
>>
>> 1
>>
>> 0
>>
>> octet
>>
>> X
>>
>> Y
>>
>> Z
>>
>> 3
>>
>> Number of Digits
>>
>> 4
>>
>> Digit 2
>>
>> Digit 1
>>
>> 5
>>
>> Digit 4
>>
>> Digit 3
>>
>> 6
>>
>> Digit 2n
>>
>> Digit 2n-1
>>
>> n+4
>>
>> SUB PARAMETER X
>>
>> Value
>>
>> Description
>>
>> 0
>> 1
>>
>> aaa
>> bbb
>>
>>
>>
>>                                           SUB PARAMETER Y
>>
>> Value
>>
>> Description
>>
>> 0
>> 1
>>
>> 2
>>
>> 3
>>
>> A
>> B
>>
>> C
>>
>> D
>>
>>
>>
>>
>>
>> 2.
>>
>> In the parameter mentioned below the value  may come in a range,. How
>> can we dissect such values??
>>
>>
>>
>>
>> PARAMETER 2
>>
>> Value
>>
>> Description
>>
>> 0
>> 1-10
>> 10-255
>>
>> Not used
>> xxx
>> yyy
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> 3.
>>
>> In the following parameter, the value of each bit indicates if the
>> assosiated version is currently used or not.
>>
>>
>>
>> Value 0 :  not used
>>
>> Value 1 : used
>>
>>
>> PARAMETER 3
>>
>> Bit7
>>
>> Bit6
>>
>> Bit5
>>
>> Bit4
>>
>> Bit3
>>
>> Bit2
>>
>> Bit1
>>
>> Bit0
>>
>> octet
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Is it possible to include such informations, which depend upon whether a
>> bit is set or not ,  in the dissector .
>>
>>
>>
>> Regards ,
>>
>> Tarani
>>
>>
>>
>>
>> The information contained in this electronic message and any attachments to
>> this message are intended for the exclusive use of the addressee(s) and may
>> contain proprietary, confidential or privileged information. If you are not
>> the intended recipient, you should not disseminate, distribute or copy this
>> e-mail. Please notify the sender immediately and destroy all copies of this
>> message and any attachments.
>>
>> WARNING: Computer viruses can be transmitted via email. The recipient should
>> check this email and any attachments for the presence of viruses. The company
>> accepts no liability for any damage caused by any virus transmitted by this
>> email.
>>
>> www.wipro.com
>>    
>
>
> _______________________________________________
> Wireshark-dev mailing list
> [email protected]
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>  

_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev


<<winmail.dat>>