Wireshark · Wireshark-dev: Re: [Wireshark-dev] wireshark crashes after adding preferencecodeto my

[Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>]

On Sun, Jan 30, 2011 at 1:15 PM, Yosi Saggi <yosis@xxxxxxxxxxxxxxxxxxxxx> wrote:

Hi Martin

 

I am going over the mac_lte_info struct, and wanted to know if you can help me with the msain parameters I see I need to input to decode.

Most of the parameters I understand and can fill in the 2 of the top 3 I don’t understand:

   guint8          radioType;

   guint8          rntiType;

Your follow-up email said you now understand how to fill these fields in.
 

 

Direction is obvious.

What does the “radioType” stand for? I looked for some reference in the standard, but I guess I just don’t know what to look for.

What does “rntiType” stands for? Is it referring to SI-RNTI, RA-RNTI and C-RNTI?

 

I am also not sure about the isPredefinedData, reTxcount, dl_retx and oob_event parameters.

 

I have just committed a change to packet-mac-lte.h that hopefully gives clear descriptions of how these fields work.
Basically if the struct is zeroed (as se_alloc0() does) and you only fill in the parts you want to the rest should be ignored.
See http://anonsvn.wireshark.org/viewvc?view=rev&revision=35715 for my changes.  Please note that the 1.4 branch is quite far from being up to date with the LTE protocols so the trunk is much more up-to-date.
 

Is there a capture sample for the LTE that I can see how the dissector works?

 

I will try to dig out a simple test file for you tomorrow.
 

I do not use catapult-dct-2000. Also the LTE packets I am capturing are not over UDP.

My dissector is between PHY and MAC. I get Ethernet packets with type FFFF and dissect them with our proprietary API. I have no problem with my own API, the problem is when I’m getting to the MAC level (to the PHY data level). This is why I want to use the MAC, RLC,PDCP dissectors. I just don’t understand what do those parameters in the struct mean so I could fill them up.

 

I'm imagining that your own dissector is registered with ethertype FFFF, and then you then parse some parameters from the start of each frame before you come to the MAC payload.  And that those parameters include enough of mac_lte_info to get useful decodes.  Do let me know if any fields are still unclear.  Since my company's (test) product has been the first user, the fields available are probably a bit biased towards the UE side of the link and the way we happen to log them.  But there are now other users of the UDP framing method and the more people using the dissectors (and hopefully helping to improve them) the better (and more generally useful) they'll be.
 

Thanks for the help

 

Yosi

 

Best regards,
Martin
 

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Martin Mathieson
Sent: Thursday, January 27, 2011 6:31 PM

To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] wireshark crashes after adding preferencecodeto my

 

Hi Yosi

On Thu, Jan 27, 2011 at 3:37 PM, Yosi Saggi <yosis@xxxxxxxxxxxxxxxxxxxxx> wrote:

When I call the “mac-lte” dissector I get this message:

"Can't dissect LTE MAC frame because no per-frame info was attached!"

 

You need to create a struct of type mac_lte_info (see packet-mac-lte.h), fill in at least some of the details, and attach it to the frame using p_add_proto_data.

There are 2 examples of this:
- attach_mac_lte_info() in packet-catapult-dct2000.c (which I guess you're not using)
- dissect_mac_lte_heur() in packet-mac-lte.c.  This is enabled by turning on a preference "Try heurisitc LTE-MAC over UDP framing".  See the wiki page for a link to an example program that sends these frames
 

I don’t know what info do I need to add to the “pinfo” so it would work.

If you can help me in this point I will be very grateful.

 

I tried to send to the “mac-lte” dissector the buffer that contains only the MAC data (including the headers of course and all that comes with it (RLC, PDCP and finally IP data).

 

The dissector needs the context that comes from the mac_lte_info struct to decode the frame properly.  Some of the parameters are optional but useful for troubleshooting.  By setting preferences appropriately you can decode all the way up to RRC or IP, and there are stats (from the Telephony menu) for MAC and RLC which I use almost every day.

If you have the fields that go into mac_lte_info in a different format (from the existing heuristic header), you could write a simple dissector that just parsed out the header, filled in the struct and called the mac_lte dissector with the payload.
 
Best regards,
Martin

Any help will be great.

 

Yosi

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Martin Mathieson
Sent: Wednesday, January 26, 2011 12:44 PM

To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] wireshark crashes after adding preference codeto my

 

I can't see anything immediately wrong with this.  I assume your prefs variables (global_dan_lte_sdk_dissect_MAC and global_dan_lte_sdk_dissect_RLC) are gbooleans with file scope?

I'm wondering why the existing LTE MAC dissector isn't suitable, or can't be made to work with your frames?

Regards,
Martin

On Wed, Jan 26, 2011 at 10:07 AM, Yosi Saggi <yosis@xxxxxxxxxxxxxxxxxxxxx> wrote:

Hi

I wanted to add some options in the preference window for my dissector. This is the code I have added to the “proto_register” function:

 

module_t *dan_lte_sdk_module;

 

proto_dan_lte_sdk = proto_register_protocol ("DAN LTE SDK Protocol", "Dan LTE SDK", "dan_lte_sdk");

 

register_init_routine(dan_defragment_init);

 

proto_register_field_array (proto_dan_lte_sdk, hf, array_length (hf));

proto_register_subtree_array (ett, array_length (ett));

register_dissector("dan_lte_sdk", dissect_dan_lte_sdk, proto_dan_lte_sdk);

 

dan_lte_sdk_module = prefs_register_protocol(proto_dan_lte_sdk, NULL);

 

prefs_register_bool_preference(dan_lte_sdk_module, "Dissect_MAC_Payload",

                               "Dissect MAC Layer from Data Payload",

                               "In Uplink and Downlink data packets, dissect MAC heaser layer "

                               "Disabling MAC dissection will disable RLC dissection automaticly",

                               &global_dan_lte_sdk_dissect_MAC);

 

prefs_register_bool_preference(dan_lte_sdk_module, "Dissect_RLC_Payload",

                               "Dissect RLC Layer from Data Payload",

                               "In Uplink and Downlink data packets, dissect RLC heaser layer ",

                               &global_dan_lte_sdk_dissect_RLC);

 

It works fine until I add those two (even one of them)  "prefs_register_bool_preference" functions. What did I do wrong?

I get a "Runtime Error!" for wireshark.exe Removing those function fixes  it back.

 

Thanks

      Yosi

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

 

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

 

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe