Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] ANSI TCAP/ANSI MAP dissection problem

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Michael Lum" <michael.lum@xxxxxxxxxxxxxxxxx>
Date: Fri, 20 Nov 2009 10:09:09 -0800
Hi Anders,
 
we found the problem with frame #2.
 
The conversation with permission is for continuing the dialog
between the two users.
 
The Transaction ID part of the Conversation Portion contains TWO
transaction identifiers.
 
You'll notice the Transaction ID length is 8 and there are two IDs or 4 octets each:
Originating Transaction ID
Responding Transaction ID
 
So in frame #2
 
Otid = 0x0000000e
Rtid = 0x00000027
 
with the Rtid corresponding to the invoke transaction ID.
 
Thanks
 
 
Michael Lum (michael.lum@xxxxxxxxxxxxxxxxx) | STAR SOLUTIONS | Principal Software Engineer
4600 Jacombs Road, Richmond BC, Canada V6V 3B1 | +1.604.303.2315
 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
Sent: November 17, 2009 12:47 PM
To: 'Developer support list for Wireshark'
Subject: Re: [Wireshark-dev] ANSI TCAP/ANSI MAP dissection problem

Hi,

Frame 1:

BER Error: Unknown field in SET class:CONTEXT(2) tag:390

I don’t have a protocol reference where MCID is included in facilitiesDirective2.

 

Frame 2:

I think the problem is that the identifier:

identifier: 0000000E00000027

is not the same as in the INVOKE (Frame 1)

identifier: 00000027 and WS can’t match the response.

 

Frame 3:

I’ll check in a fix.

 

Best regards

Anders

 

Från: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För Michael Lum
Skickat: den 17 november 2009 18:38
Till: Developer support list for Wireshark
Ämne: Re: [Wireshark-dev] ANSI TCAP/ANSI MAP dissection problem

 

Crap, I forgot the attachment.

 

Michael Lum (michael.lum@xxxxxxxxxxxxxxxxx) | STAR SOLUTIONS | Principal Software Engineer

4600 Jacombs Road, Richmond BC, Canada V6V 3B1 | +1.604.303.2315

 

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Michael Lum
Sent: November 17, 2009 9:34 AM
To: Developer support list for Wireshark
Subject: [Wireshark-dev] ANSI TCAP/ANSI MAP dissection problem

Hello,

 

I'm having some issues with the attached capture file.

 

This capture contains ITU MTP3.

 

There are a couple of issues:

 

Frame 2:

 

ANSI TCAP problem, conversationWithPerm isn't supported ?

 

Frame 3:

 

I think this is an ANSI MAP dissector problem.  That last line in the packet details window says "Unknown invokeData blob".

 

 

Michael Lum (michael.lum@xxxxxxxxxxxxxxxxx) | STAR SOLUTIONS | Principal Software Engineer

4600 Jacombs Road, Richmond BC, Canada V6V 3B1 | +1.604.303.2315

 

-- 
This email was Anti Virus checked by Astaro Security Gateway. http://www.astaro.com
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube