Wireshark-dev: Re: [Wireshark-dev] Dissectors for SMS over GPRS-LLC
From: "Neil Piercy" <[email protected]>
Date: Thu, 16 Aug 2007 16:57:24 +0100
Title: Dissectors for SMS over GPRS-LLC
IMHO the gsm_a is really about four protocol dissectors which are too inter-mixed in the one huge file, and should really all be in separate files and with "proper" wireshark linkage between them. The clue is in the name: it contais the set of protocols carried over the A interface, not one protocol.
 
I'd support (and might be able to help with) such a separation.
 
Neil


From: [email protected] [mailto:[email protected]] On Behalf Of Anders Broman (AL/EAB)
Sent: 16 August 2007 16:03
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Dissectors for SMS over GPRS-LLC

Hi,
>some SMS Control Protocol (SMS CP) fields are included in GSM A DTAP dissector, but not the whole protocol.
Should all SMS-CP dissection be done by the new dissector or perhaps the code moved into packet-gsm_a.c ?
Regards
Anders


From: [email protected] [mailto:[email protected]] On Behalf Of Cyrille Colin
Sent: den 16 augusti 2007 16:10
To: [email protected]
Subject: [Wireshark-dev] Dissectors for SMS over GPRS-LLC

Hi

SMS msg can be carried over packet switched GPRS, and I am trying to have Wireshark decode SMS carried on GPRS LLC protocol (SAPI 7).

The stack is the following:

  -------------------
 | sms msg     |               
  -------------------
 | sms T-PDU  |         --> dissector exists (gsm_sms) in packet-gsm_sms.c
  -------------------
 | sms RP       |               --> dissector exists (gsm_a_rp) in packet-gsm_a.c
  -------------------
 | sms CP       |              
  -------------------
 | GPRS LLC   |         --> dissector exists  (gprs-llc) in packet-gprs-llc.c
  -------------------

some SMS Control Protocol (SMS CP) fields are included in GSM A DTAP dissector, but not the whole protocol.

So I basically wrote a small plugin for SMS CP -following the dev guidelines-, and linked to GPRS-LLC and SMS-RP and it works fine.


The questions are:
- is there any interest in having this submitted back to the Wireshark source ?
- if it is the case, what is the best practice (plugin, native) and recommendations for the dissector calls - restrain the calls to be within the new protocol code, or rather use call_dissector() etc in other dissectors, which implies a small diff on other dissectors too.


Thks, and btw I found the developper doc extremely useful -many thks to the author(s).

Cyrille