Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Help!!!Fake packets about S1AP and SCTP protocol

From: "Anders Broman" <a.broman@xxxxxxxxx>
Date: Tue, 16 Dec 2008 06:39:27 +0100
Hi,

>All,
>
>1. Is there anyone know how to change the dissector of S1AP protocol?
>It's generated by asn2ws tool. I want to add a NAS protocol dissector on
>it.

You do your changes in the template or .cnf file and regenerate the
dissector with asn2wrs. We already have the base for a NAS dissector 
in packet-nas_eps.c patches to extend it are welcome.

>2. And another question is how to assemble a fake packet for S1AP
>protocol?
>I found the handoff condition is sctp.port == 0. Since sctp.port is
>src.port or des.port, I tried to set src.port or des.port to 0. But it
>also can NOT pass to S1AP dissector.
>
>Is there anyone can help me figure this out? Really appreciate it.
>
>
>Thanks,
>
>ZHAO Yang Robinson

There is a preference to set the port used by S1AP or you can do "decode as"
on the packet and chose port instead of pid.

Regards
Anders

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe