Wireshark-dev: Re: [Wireshark-dev] Nested ASN1 dissector was Re: Hello to the list anda nested
From: "Anders Broman" <[email protected]>
Date: Wed, 18 Mar 2009 17:53:01 +0100
Hi,
Sorry can't help, I build on Windows :-)
Regards
Anders


From: [email protected] [mailto:[email protected]] On Behalf Of [email protected]
Sent: den 18 mars 2009 16:57
To: Developer support list for Wireshark
Subject: [Wireshark-dev] Nested ASN1 dissector was Re: Hello to the list anda nested dissector

Hi,
I was actually using a hand made Makefile as of http://wiki.wireshark.org/ASN1_sample, I was not using the autoconf+automake chain used by the wireshark sources. I have decided to start from scratch and to switch to the common behavior. These are the steps I think I will follow:
1)Copy from the asn1/tcap directory the Makefile*
2)Merge the two asn into one including both
3)Write a simple cnf file
4)Follow the usual compilation chain

Actually I already have problems in correctly using the build chain because the Makefile is not created, I don't see it in the list of the created ones while configure is running.
I hope you will have a few minutes to give me your suggestions

Thanks
Gaetano

PS: I changed the original subject, I think it's better


Da: Anders Broman <[email protected]>
A: Developer support list for Wireshark <[email protected]>
Inviato: Mercoledì 18 marzo 2009, 12:11:32
Oggetto: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
Well in makefile.common in your asn1/foo ( your asn2wrs generated dissector) try:
 
:

ASN_FILE_LIST = yourtcap.asn \

    foo.asn

:

 



From: [email protected] [mailto:[email protected]] On Behalf Of [email protected]
Sent: den 18 mars 2009 11:35
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
well, I think you are right. What I am actually trying to do this morning is to merge the ASN code from the TCAP dissector (your code!) and the one from the protocol I need even I don't know exactly how to do it.
The actual application is a client towards a cluster of serves using this protocol combination. It is built by means of an asn to c++ preprocessor applied to 2 asn files: the TCAP one, very similar to yours, and another one with the higher protocol but they are kept separated. Each outgoing message is assembled building the header then appending a TCAP primitive built around a previously constructed operation of the private protocol.

I am very new to the wireshark development world so I don't know how to move myself well so thank you for the help you are providing.

Gaetano


Da: Anders Broman <[email protected]>
A: Developer support list for Wireshark <[email protected]>
Inviato: Mercoledì 18 marzo 2009, 10:16:59
Oggetto: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
Perhaps you are better off including the relevant TCAP and ROS ASN1 code in your ASN1 based dissector.
How is the actual application built?
Using a asn1 to target code generator? If so it should be possible to use the same ASN1 files?
Regards
Anders


From: [email protected] [mailto:[email protected]] On Behalf Of Gaetano Vocca
Sent: den 17 mars 2009 23:19
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
my TCAP looks somewhat simpler:
Transaction Capabilities Application Part
  begin
    Source Transaction ID
      Transaction Id: 43000004
    Components: 1 item
      Item: invoke (1)
........
Data (276 bytes)


so I have neither oid field nor the ACN.
Do you think there is an alternative?

Thank you for your time 
Gaetano
On 17/mar/09, at 17:01, Anders Broman wrote:

Hi,
How does the TCAP portion of your packet look?
Example:
Transaction Capabilities Application Part
begin
Source Transaction ID
Transaction Id: 2DB901
oid: 0.0.17.773.1.1.1 (dialogue-as-id)
dialogueRequest
application-context-name: 0.4.0.0.1.0.25.2 (shortMsgMT-RelayContext-v2)
:
In this case the GSM MAP dissector has:

register_ber_oid_dissector_handle("0.4.0.0.1.0.25.2", map_handle, proto_gsm_map,"shortMsgMT-RelayContext-v2" );

Hope this helps.

Regards

Anders



From: [email protected] [mailto:[email protected]] On Behalf Of [email protected]
Sent: den 17 mars 2009 15:24
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
I think I don't have such an identifier (x.y.z.a....). I checked the ASN.1 definition and couldn't find any.
Is there any way to create a "local" one just to link the tcap to this protocol? Then, as far as I understand, I should call register_ber_oid_dissector_handle passing the OID  as parameter, right?

Thank you very much and sorry for this stuff that may sound banal
Gaetano


Da: Anders Broman <[email protected]>
A: Developer support list for Wireshark <[email protected]>
Inviato: Martedì 17 marzo 2009, 10:27:23
Oggetto: Re: [Wireshark-dev] Hello to the list and a nested dissector

Hi,
Look at GSM MAP how it can be done. You have an OID for your protocol,
right?
Just register that OID with a callback and you'll be handed a tvb with
the data.
Regards
Anders

-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Gaetano Vocca
Sent: den 16 mars 2009 20:50
To: [email protected]
Subject: Re: [Wireshark-dev] Hello to the list and a nested dissector

Thank you Anders for your answer.
I have already parsed the asn by means of asn2wrs, I have also developed
the dissection of the header, afterwards I use the call_tcap_dissector
function from the asn1/tcap dissector to have the TCAP layer decoded
and, in the end, I need to decode the TCAP component by means of my ASN1
protocol.
Now what I don't know is how to retrieve the Component content from the
parsed TCAP and pass it to the dissection of the inner protocol.

Thanks again
Gaetano

________________________________________________________________________
___
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev

mailto:[email protected]?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:[email protected]?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>