Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Problems with text2pcap on windows

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Abhik Sarkar" <sarkar.abhik@xxxxxxxxx>
Date: Wed, 5 Sep 2007 16:40:41 +0400
Hi Xavier,

What is the lowest level protocol in your SS7 frames? If it isn't one
of the SIGTRAN protocols, it is unlikely that is will work if you
encapsulate it in SCTP header. Since you are trying to decode ISUP, I
guess the lowest level protocol in your text file would have to be
M3UA for this approach to work.

Best regards,
Abhik

On 9/5/07, Varuna De Silva <varunax@xxxxxxxxx> wrote:
> Hi,
>
>
> I have a problem with running text2pcap on windows, when I try to run it, it
> truncates in 16 bytes. For example in the following part of script i tried
> to convert
> a file isup.txt to a pcap format with a pseudo SCTP header the file is
> larger than
> 16 bytes (36 bytes) but it truncates at 16 bytes.This file contains a SS7
> frame
> without frame delimiters.
>
>
> C:\Program Files\Wireshark>text2pcap  -s1234,4321,23 isup.txt isup.pcap
> Input from: isup.txt
> Output to: isup.pcap
> Generate dummy Ethernet header: Protocol: 0x800
> Generate dummy IP header: Protocol: 132
> Generate dummy SCTP header: Source port: 1234. Dest port: 4321. Tag: 23
> Wrote packet of 16 bytes at 0
> Read 1 potential packets, wrote 1 packets
>
> I tried to increase the maximum packet size with -ml but still it worked in
> a bit different way.
> It has written 16 packets of 1 byte each
>
> C:\Program Files\Wireshark>text2pcap -ml200 isup.txt isuppcp.pcap
> Input from: isup.txt
> Output to: isuppcp.pcap
> Wrote packet of 1 bytes at 0
> Wrote packet of 1 bytes at 1
> Wrote packet of 1 bytes at 2
> Wrote packet of 1 bytes at 3
> Wrote packet of 1 bytes at 4
> Wrote packet of 1 bytes at 5
> Wrote packet of 1 bytes at 6
> Wrote packet of 1 bytes at 7
> Wrote packet of 1 bytes at 8
> Wrote packet of 1 bytes at 9
> Wrote packet of 1 bytes at 10
> Wrote packet of 1 bytes at 11
> Wrote packet of 1 bytes at 12
> Wrote packet of 1 bytes at 13
> Wrote packet of 1 bytes at 14
> Wrote packet of 1 bytes at 15
> Read 17 potential packets, wrote 16 packets
>
> Please help me regarding this. A similar post is there in the archives but
> unfortunately I cant see any reply to it.
>
> What I am trying to do is to get my SS7 frame which is in text to be
> decoded by WireShark. For this I put it inside a SCTP frame and try to
> decode the contents of its body. Is it possible to do it? Just instruct me
> If I am going in a wrong path.
>
> Rgds
>
> Xavier
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube