Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Hello to the list and a nested dissector

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Anders Broman" <anders.broman@xxxxxxxxxxxx>
Date: Tue, 17 Mar 2009 17:01:17 +0100
Hi,
How does the TCAP portion of your packet look?
Example:
Transaction Capabilities Application Part
begin
Source Transaction ID
Transaction Id: 2DB901
oid: 0.0.17.773.1.1.1 (dialogue-as-id)
dialogueRequest
application-context-name: 0.4.0.0.1.0.25.2 (shortMsgMT-RelayContext-v2)
:
In this case the GSM MAP dissector has:

register_ber_oid_dissector_handle("0.4.0.0.1.0.25.2", map_handle, proto_gsm_map,"shortMsgMT-RelayContext-v2" );

Hope this helps.

Regards

Anders


From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of yagvoc-web@xxxxxxxx
Sent: den 17 mars 2009 15:24
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
I think I don't have such an identifier (x.y.z.a....). I checked the ASN.1 definition and couldn't find any.
Is there any way to create a "local" one just to link the tcap to this protocol? Then, as far as I understand, I should call register_ber_oid_dissector_handle passing the OID  as parameter, right?

Thank you very much and sorry for this stuff that may sound banal
Gaetano

Da: Anders Broman <anders.broman@xxxxxxxxxxxx>
A: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Inviato: Martedì 17 marzo 2009, 10:27:23
Oggetto: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
Look at GSM MAP how it can be done. You have an OID for your protocol,
right?
Just register that OID with a callback and you'll be handed a tvb with
the data.
Regards
Anders

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Gaetano Vocca
Sent: den 16 mars 2009 20:50
To: wireshark-dev@xxxxxxxxxxxxx
Subject: Re: [Wireshark-dev] Hello to the list and a nested dissector

Thank you Anders for your answer.
I have already parsed the asn by means of asn2wrs, I have also developed
the dissection of the header, afterwards I use the call_tcap_dissector
function from the asn1/tcap dissector to have the TCAP layer decoded
and, in the end, I need to decode the TCAP component by means of my ASN1
protocol.
Now what I don't know is how to retrieve the Component content from the
parsed TCAP and pass it to the dissection of the inner protocol.

Thanks again
Gaetano

________________________________________________________________________
___
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev

mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube