Wireshark-dev: Re: [Wireshark-dev] GTP' (gtp prime) versus GTP dissector
From: "Anders Broman" <[email protected]>
Date: Thu, 21 Feb 2008 11:35:44 +0100
Hi,
>I'm limited in my ability to share traces that I get from others because
>they contain information from their network (phone numbers, IMSIs, etc).
>I can generate them myself using open-cgf and it's test tool but this
>isn't yet a good basis to build another implementation of (sort of like
>building a house using a square you built yourself).
 
Well perhaps the generated traces can be used to initially check the dissector implementation
and you can use your private traces to check the result?
Given a trace with a CDR and a interpretation of the CDR in the trace I could try to take a look at the asn1 part
if time permits. The asn1 code from 3GPP TS 32.298 should be used right?
Regards
Anders

________________________________

From: [email protected] on behalf of Anders Broman
Sent: Thu 2/21/2008 11:19 AM
To: Developer support list for Wireshark
Subject: RE: [Wireshark-dev] GTP' (gtp prime) versus GTP dissector


Hi,
A possibility for a trace is to save (a) packet(s) in text format and then edit the sensetive
information and use tex2pcap to recreate the .pcap file but it's a bit cumbersome.
Regards
Anders

________________________________

From: [email protected] on behalf of Bruce Fitzsimons
Sent: Thu 2/21/2008 11:14 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] GTP' (gtp prime) versus GTP dissector



Anders Broman wrote:
> Hi,
> I think you build a strong case for splitting the protocols and I don't
> see a problem with it
> but I don't have much first hand experience of GTP'...
>  
Thanks Anders, I will begin my task...
> If the CDR description is in ASN1 (3GPP TS 32.298?) a dissector for that
> should be built using asn2wrs.
> It might be beneficial to split the GTP' decoding and the actual CDR
> dissection in different files
> as that may make it easier to make hooks for proprietary formats.
>
>  
Okay, I will leave the hook there then, although possibly change it's
name. I'm using gtpp as name e.g. packet-gtpp.c so probably gtppcdr.
> Do you have any example traces to share?
>
>  
I'm limited in my ability to share traces that I get from others because
they contain information from their network (phone numbers, IMSIs, etc).
I can generate them myself using open-cgf and it's test tool but this
isn't yet a good basis to build another implementation of (sort of like
building a house using a square you built yourself).

I'll think about the possibilities, I would like to get a trace up onto
the wiki.

Regards,
Bruce
_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev


<<winmail.dat>>