Wireshark · Wireshark-dev: Re: [Wireshark-dev] Compilation error in asn.1 file

[<taraniteja.vishwanatha@xxxxxxxxx>]

Thanx a ton Anders....I ll have to slightly modify the code now..


> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-
> bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
> Sent: Friday, January 04, 2008 3:48 PM
> To: 'Developer support list for Wireshark'
> Subject: Re: [Wireshark-dev] Compilation error in asn.1 file
>
> Hi,
> Here's an example Trace from
>  http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2154 the first frame
> starting from the (ANSI)TCAP layer
>
>
> ANSI Transaction Capabilities Application Part
>     11.. .... = Class: PRIVATE (3)
>     ..1. .... = P/C: Constructed Encoding
>     ...0 0010 = Tag: 2
>     Length: 144
>     queryWithPerm
>         11.. .... = Class: PRIVATE (3)
>         ..0. .... = P/C: Primitive Encoding
>         ...0 0111 = Tag: 7
>         Length: 4
>         identifier: 5A003021
>         11.. .... = Class: PRIVATE (3)
>         ..1. .... = P/C: Constructed Encoding
>         ...0 1000 = Tag: 8
>         Length: 135
>         componentPortion: 1 item
>             11.. .... = Class: PRIVATE (3)
>             ..1. .... = P/C: Constructed Encoding
>             ...0 1001 = Tag: 9
>             Length: 132
>             Item: invokeLast (9)
>                 invokeLast
>                     11.. .... = Class: PRIVATE (3)
>                     ..0. .... = P/C: Primitive Encoding
>                     ...0 1111 = Tag: 15
>                     Length: 1
>                     componentIDs: 00
>                     11.. .... = Class: PRIVATE (3)
>                     ..0. .... = P/C: Primitive Encoding
>                     ...1 0001 = Tag: 17
>                     Length: 2
>                     operationCode: private (17)
>                         private: 2351 Origination Request
>                     parameter:
> F27B81071050034E40E50084090100210A39999689608904...
> ANSI Mobile Application Part
>     11.. .... = Class: PRIVATE (3)
>     ..1. .... = P/C: Constructed Encoding
>     ...1 0010 = Tag: 18
>     Length: 123
>     originationRequest
>         10.. .... = Class: CONTEXT (2)
>         ..0. .... = P/C: Primitive Encoding
>         ...0 0001 = Tag: 1
>         Length: 7
>         billingID: 1050034E40E500
>             MarketID: 4176
>             Switch Number (SWNO): 3
>             ID Number: 5128421
>             Segment Counter: 0
>
> 0010                       e2 81 90 c7 04 5a 00 30 21   ............Z.0!
> 0020  e8 81 87 e9 81 84 cf 01 00 d1 02 09 2f f2 7b 81   ............/.{.
> 0030  07 10 50 03 4e 40 e5 00 84 09 01 00 21 0a 39 99   ..P.N@......!.9.
> 0040  96 89 60 89 04 36 0f e7 74 95 03 10 50 03 9f 62   ..`..6..t...P..b
> 0050  04 00 00 00 00 9f 7b 02 04 51 9f 20 05 01 19 2e   ......{..Q. ....
> 0060  02 08 bf 82 18 0c 9f 82 19 01 03 9f 82 15 03 ff   ................
> 0070  fb 1f 9f 21 02 a2 02 88 05 87 77 71 48 22 9f 5d   ...!......wqH".]
> 0080  09 06 30 21 0a 87 67 04 36 75 82 02 02 a2 9f 50   ..0!..g.6u.....P
> 0090  09 02 30 21 0a 87 67 04 36 75 9f 81 13 01 00 9f   ..0!..g.6u......
> 00a0  82 17 01 24 d0 04 21 10 50 03                     ...$..!.P.
>
> As you can see the
>                     operationCode: private (17)
>                         private: 2351 Origination Request
>                     parameter:
> F27B81071050034E40E50084090100210A39999689608904...
>
> OperationCode is part of TCAP and the message on top of TCAP is the
> Parameter. The ANSI TCAP dissector has to somehow hand the Parameter
> And the opcode to a subdissector.
> In this TCAP message the only thing "identifying" the upper layer is
> The SCCP address and possibly the private opcode.
>  If you look at Wireshark/asn/ansi-tcap/TCAPPackage.asn there
> Can be a dialogue portion which will identify the receiver of the data.
> So how you are going to find the sub dissector in your case depends on how
> The TCAP part will look.
> The content of the parameter would be your xxArg or xxRes pointed to by
> the
> Opcode.
> Hope this helps.
> Note that as the ANSI TCAP dissector currently only has one sub dissector
> (
> ansi map) the code to find the subdissector is simplified.
> Regards
> Anders
>
>
> -----Ursprungligt meddelande-----
> Från: wireshark-dev-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För
> taraniteja.vishwanatha@xxxxxxxxx
> Skickat: den 4 januari 2008 04:40
> Till: wireshark-dev@xxxxxxxxxxxxx
> Ämne: Re: [Wireshark-dev] Compilation error in asn.1 file
>
> Hi Anders,
>
> I am sorry , I don't have any trace of the protocol. It s still in the
> development phase. That is the reason we are facing so many issues.
>
> We have gone through inap , gsmmap and ansi_map code and implemented in
> the
> following manner:
>
> static void
> dissect_xxx(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree){
>
>         int offset = 0;
>         static guint32 opcode=0;
>         proto_item *item=NULL;
>         proto_tree *tree=NULL;
>
>         if(tree){
>                 item = proto_tree_add_item(tree, proto_xxx, tvb, 0, -1,
> FALSE);
>                 tree = proto_item_add_subtree(item, ett_xxx);
>         }
>         if (check_col(pinfo->cinfo, COL_PROTOCOL))
>                 col_set_str(pinfo->cinfo, COL_PROTOCOL, "XXX");
>         if (check_col(pinfo->cinfo, COL_INFO))
>                 col_clear(pinfo->cinfo, COL_INFO);
>
> static int
> dissect_xxx_Opcode(gboolean implicit_tag _U_, tvbuff_t *tvb, int offset,
> packet_info *pinfo _U_, proto_tree *tree, int hf_index) {
>  offset = dissect_ber_integer(FALSE, pinfo, tree, tvb, offset, hf_index,
> &opcode);
>
>   if (check_col(pinfo->cinfo, COL_INFO)){
>     col_add_fstr(pinfo->cinfo, COL_INFO, "%s ", val_to_str(opcode,
> inap_opr_code_strings, "Unknown XXX (%u)"));
>   }
>
> }
>         switch(opcode){
>
>         case 0 :
>                 offset = dissect_xxx_Arg();
>                 offset = dissect_xxx_Res();
>         break;
>
> I suppose dissect_ber_integer() function will give the value of the
> opcode.
> Could you please confirm the above implementation?
>
>
> BR,
> Tarani
>
> > -----Original Message-----
> > From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-
> > bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
> > Sent: Thursday, January 03, 2008 4:35 PM
> > To: 'Developer support list for Wireshark'
> > Subject: Re: [Wireshark-dev] Compilation error in asn.1 file
> >
> > Hi,
> > - Have you got a trace with your protocol?
> > - Is it ANSI TCAP?
> > If you look at the trace with Wireshark the trace is decoded to the ANSI
> > TCAP layer including operation code - right?
> > If so you need some code in the ANSI TCAP dissector to call your
> dissector
> > How that should be done depends on the content of the ANSI TCAP layer...
> > Could you post a sample packet of the establishment phase?
> > Regards
> > Anders
> >
> > -----Ursprungligt meddelande-----
> > Från: wireshark-dev-bounces@xxxxxxxxxxxxx
> > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För
> > taraniteja.vishwanatha@xxxxxxxxx
> > Skickat: den 3 januari 2008 11:51
> > Till: wireshark-dev@xxxxxxxxxxxxx
> > Ämne: Re: [Wireshark-dev] Compilation error in asn.1 file
> >
> >
> > Hi Anders,
> >
> > I was able to compile my asn successfully. There are three different
> > opcodes
> > mentioned for three different operations. Each operation contains an
> > argument / parameter part and a result. As you have rightly said, I have
> > to
> > call my Argument methods ( dissect_xxxArg) and result methods(
> > dissect_xxxRes) in the template.c file. Now I am facing some problems
> > here:
> >
> > 1. Switch(opcode){
> > 	Case xxx:
> > 	Dissect_xxxArg();
> > 	Break;
> > Here, how am I supposed to capture the value of the opcode. In normal
> > dissection, we simply use the function tvb_get_guint8(tvb, offset).
> > I have looked at ansi_map code , but the implementation seems a bit
> > complicated.
> >
> > 2. I have referred ITU Q.773 for OPERATION class.I am not sure what
> > modules
> > I should include for my asn i.e before DEFINITIONS. This is the link I
> ve
> > looked into.
> > http://www.itu.int/ITU-T/asn1/database/itu-t/q/q773/1997/index.html
> >
> > BR,
> > Tarani
> >
> > > -----Original Message-----
> > > From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-
> > > bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
> > > Sent: Wednesday, December 26, 2007 4:46 PM
> > > To: 'Developer support list for Wireshark'
> > > Subject: Re: [Wireshark-dev] Compilation error in asn.1 file
> > >
> > > Hi,
> > > Ok I think I remember now you are dealing with ANSI TCAP stuff -
> right?
> > > And you are hand writing the asn1 file?
> > >
> > > I don't think asn2wrs can handle "ANSI OPERATIONS" in theory you
> should
> > > IMPORT OPERATIONS like:
> > >
> > > IMPORTS
> > > 	OPERATION
> > > FROM TCAP-Remote-Operations-Information-Objects {iso(1)memberbody(2)
> > > usa(840) t1-114(10013)
> > > 	modules(0) informationObjects(1) version4(4) }
> > >
> > > And that asn1 file should be compiled with your asn1 file or you could
> > > Declare the OPERATION class in our .cnf file.
> > >
> > > However if you just define the parameters in the asn1 file like:
> > >
> > > xxxRequest ::= SEQUENCE {
> > >
> > > aaa (2) AAA,
> > >
> > > bbb (3) BBB }
> > >
> > > xxxResult ::=
> > >
> > > (see ANSI MAP)
> > >
> > > Then in your template file you'll have to make the connection from
> > > operation
> > > code to xxxRequest.
> > > Switch(code){
> > >  Case xxx:
> > > 	Dissect_xxxRequest();
> > > 	Break;
> > > }
> > > A bit more complicated to get it called from ANSI TCAP but that
> depends
> > on
> > > How the ANSI TCAP bit looks in your case...
> > >
> > > Regards
> > > Anders
> > >
> > > -----Ursprungligt meddelande-----
> > > Från: wireshark-dev-bounces@xxxxxxxxxxxxx
> > > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För
> > > taraniteja.vishwanatha@xxxxxxxxx
> > > Skickat: den 26 december 2007 11:20
> > > Till: wireshark-dev@xxxxxxxxxxxxx
> > > Ämne: Re: [Wireshark-dev] Compilation error in asn.1 file
> > >
> > >
> > > Hi ,
> > >
> > > Let me explain you in detail. I have a protocol defined in asn.1
> format
> > ,
> > > whose operations and parameters look like the ones mentioned below:
> > >
> > > Operation Code=1
> > >
> > > Class=1
> > >
> > > ASN.1 Formal Description
> > >
> > > xxxRequest ::= OPERATION
> > >
> > > PARAMETER SEQUENCE {
> > >
> > > aaa (2) AAA,
> > >
> > > bbb (3) BBB }
> > >
> > > RESULT
> > >
> > > reqresult (4) ReqResult
> > >
> > > Parameters :
> > >
> > > xxx ::= ENUMERATED {
> > >
> > > xxxNotActive (0),
> > >
> > > xxxActive (1) }
> > >
> > > I have copied these exactly to generate my .asn file . I am still
> having
> > > hiccups in generating the .cnf file. But the code is not getting
> > compiled
> > > and it is giving error at each line of the .asn file.
> > >
> > > BR.
> > > Tarani
> > >
> > >
> > > > -----Original Message-----
> > > > From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-
> > > > bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
> > > > Sent: Tuesday, December 25, 2007 5:20 PM
> > > > To: 'Developer support list for Wireshark'
> > > > Subject: Re: [Wireshark-dev] Compilation error in asn.1 file
> > > >
> > > > Hi,
> > > > OPERATION is not a predefined asn1 type, in GSM MAP operation is
> from:
> > > >
> > > > :
> > > > IMPORTS
> > > > 	OPERATION
> > > > FROM Remote-Operations-Information-Objects {
> > > > joint-iso-itu-t remote-operations(4)
> > > >   informationObjects(5) version1(0)}
> > > > :
> > > >
> > > > And is used as:
> > > > sendRoutingInfo  OPERATION ::= {				--Timer m
> > > > -- The timer is set to the upper limit of the range if the GMSC
> > supports
> > > > pre-paging.
> > > > 	ARGUMENT
> > > > 		SendRoutingInfoArg
> > > > 	RESULT
> > > > 		SendRoutingInfoRes
> > > > 	ERRORS {
> > > > 		systemFailure |
> > > > :
> > > > I'm not sure what you are trying to achieve...
> > > > Regards
> > > > Anders
> > > >
> > > > ________________________________________
> > > > Från: wireshark-dev-bounces@xxxxxxxxxxxxx
> > > > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För
> > > > taraniteja.vishwanatha@xxxxxxxxx
> > > > Skickat: den 24 december 2007 11:46
> > > > Till: wireshark-dev@xxxxxxxxxxxxx
> > > > Ämne: Re: [Wireshark-dev] Compilation error in asn.1 file
> > > >
> > > > Hi ,
> > > >
> > > > There has to be a PDU added before DEFINITIONS in the .asn file. I
> > don't
> > > > have it but used it from existing asn files, though it is different
> > for
> > > > each
> > > > file.
> > > >
> > > > After that I am getting the following error:
> > > >
> > > > __main__.ParseError: LexToken(ASSIGNMENT,'::=',1,468)
> > > >
> > > > I think it is giving a problem at the following assingnment :
> > > >
> > > > XXX ::= OPERATION
> > > >
> > > > Here , I want to know whether the keyword OPERATION is in the
> standard
> > > > asn.1
> > > > notation , or some changes are required here?
> > > >
> > > > //Tarani
> > > >
> > > > ________________________________________
> > > > From: wireshark-dev-bounces@xxxxxxxxxxxxx
> > > > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Anders
> > Broman
> > > > Sent: Monday, December 24, 2007 3:52 PM
> > > > To: 'Developer support list for Wireshark'
> > > > Subject: Re: [Wireshark-dev] Compilation error in asn.1 file
> > > >
> > > > Hi,
> > > > >tsrp.cnf:65: UserWarning: Duplicated FN_PARS for Command. Previous
> > one
> > > is
> > > > at tsrp.cnf:57
> > > >
> > > > Is a problem in the .cnf file
> > > >
> > > > >__main__.ParseError: LexToken(DEFINITIONS,'DEFINITIONS',1,199)
> > > > Is a problem in the .asn file Line 199?
> > > > Regards
> > > > Anders
> > > >
> > > > ________________________________________
> > > > Från: wireshark-dev-bounces@xxxxxxxxxxxxx
> > > > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För
> > > > taraniteja.vishwanatha@xxxxxxxxx
> > > > Skickat: den 24 december 2007 06:38
> > > > Till: wireshark-dev@xxxxxxxxxxxxx
> > > > Ämne: [Wireshark-dev] Compilation error in asn.1 file
> > > >
> > > > Hi ,
> > > >
> > > > I have written .asn and  .cnf files for my dissector. I have created
> a
> > > > nominal template.c and template .h files as I suppose the asn2wrs
> > > compiler
> > > > would generate the functions and declarations. I also suppose I
> should
> > > add
> > > > the variable declarations and function definitions after the
> > > compilation.
> > > >
> > > > I am getting the following error while compiling :
> > > >
> > > > python ../../tools/asn2wrs.py -b -e -p tsrp -c tsrp.cnf -s
> > > > packet-tsrp-template tsrp.asn
> > > > ASN.1 to Wireshark dissector compiler
> > > > tsrp.cnf:65: UserWarning: Duplicated FN_PARS for Command. Previous
> one
> > > is
> > > > at
> > > > tsrp.cnf:57
> > > >   #.FN_BODY  Command Result VAL_PTR = &parameter_tvb
> > > > Traceback (most recent call last):
> > > >   File "../../tools/asn2wrs.py", line 4875, in ?
> > > >     eth_main()
> > > >   File "../../tools/asn2wrs.py", line 4831, in eth_main
> > > >     ast.extend(yacc.parse(f.read(), lexer=lexer, debug=pd))
> > > >   File
> "/home/eth/plugin_dev/wireshark_tsrp/wireshark/tools/yacc.py",
> > > line
> > > > 334, in parse
> > > >     tok = self.errorfunc(errtoken)
> > > >   File "../../tools/asn2wrs.py", line 4705, in p_error
> > > >     raise ParseError(str(t))
> > > > __main__.ParseError: LexToken(DEFINITIONS,'DEFINITIONS',1,199)
> > > > make: *** [packet-tsrp.c] Error 1
> > > >
> > > > I am not sure the error is pertaining to .asn, .cnf or the template
> > > > files.Can somebody please help.
> > > >
> > > > BR,
> > > > Tarani
> > > >
> > > > _______________________________________________
> > > > Wireshark-dev mailing list
> > > > Wireshark-dev@xxxxxxxxxxxxx
> > > > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> > >
> > >
> > > The information contained in this electronic message and any
> attachments
> > > to
> > > this message are intended for the exclusive use of the addressee(s)
> and
> > > may
> > > contain proprietary, confidential or privileged information. If you
> are
> > > not
> > > the intended recipient, you should not disseminate, distribute or copy
> > > this
> > > e-mail. Please notify the sender immediately and destroy all copies of
> > > this
> > > message and any attachments.
> > >
> > > WARNING: Computer viruses can be transmitted via email. The recipient
> > > should
> > > check this email and any attachments for the presence of viruses. The
> > > company accepts no liability for any damage caused by any virus
> > > transmitted
> > > by this email.
> > >
> > > www.wipro.com
> > > _______________________________________________
> > > Wireshark-dev mailing list
> > > Wireshark-dev@xxxxxxxxxxxxx
> > > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> > >
> > > _______________________________________________
> > > Wireshark-dev mailing list
> > > Wireshark-dev@xxxxxxxxxxxxx
> > > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
> > The information contained in this electronic message and any attachments
> > to
> > this message are intended for the exclusive use of the addressee(s) and
> > may
> > contain proprietary, confidential or privileged information. If you are
> > not
> > the intended recipient, you should not disseminate, distribute or copy
> > this
> > e-mail. Please notify the sender immediately and destroy all copies of
> > this
> > message and any attachments.
> >
> > WARNING: Computer viruses can be transmitted via email. The recipient
> > should
> > check this email and any attachments for the presence of viruses. The
> > company accepts no liability for any damage caused by any virus
> > transmitted
> > by this email.
> >
> > www.wipro.com
> >
> > _______________________________________________
> > Wireshark-dev mailing list
> > Wireshark-dev@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
> > _______________________________________________
> > Wireshark-dev mailing list
> > Wireshark-dev@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
> The information contained in this electronic message and any attachments
> to
> this message are intended for the exclusive use of the addressee(s) and
> may
> contain proprietary, confidential or privileged information. If you are
> not
> the intended recipient, you should not disseminate, distribute or copy
> this
> e-mail. Please notify the sender immediately and destroy all copies of
> this
> message and any attachments.
>
> WARNING: Computer viruses can be transmitted via email. The recipient
> should
> check this email and any attachments for the presence of viruses. The
> company accepts no liability for any damage caused by any virus
> transmitted
> by this email.
>
> www.wipro.com
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com