Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE)

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Date: Fri, 18 Feb 2011 11:33:29 +0100
Hi,

2011/2/18 Karl-Heinz ECKSTEIN <karl-heinz.eckstein@xxxxxxxxxxxxxx>

Hello Vincent,

Hello Anders,

 

It looks like we all have a common mother!  J Interesting!

Many thanks for your hints!

Right now have the problem, that we receive a crash on wireshark, when we open the pcap file including one NAS-EPS(LTE) message.

The error message tells us:  “Runtime Error! – Program: C:\Program Files\Wireshark\wireshark.exe – This application has requested the Runtime to terminate it in an unusual way. Please contact the application support team for more information.”

 

What we have done before?

We “captured” a NAS (LTE) message outside of wireshark. This message was just extracted from a trace line, we receive from LTE platform (UE). This NAS message is expected to be correct.

Then we translated this text line (adding  a ‘000000’ in front of the NAS message) to pcap format. We use the command:

"c:\Program Files\Wireshark\text2pcap.exe" -l 147 NAS_message_test_6.txt NAS_message_test_6.pcap

We use a preference setup for the User 0 (DLT-147) and reference to protocol NAS-EPS in wireshark. (User 0 (DLT=147), NAS-EPS,0,””’,0,””

When we start wireshark, we crash.

 

Do we something wrong, or could it be an error?


You must use nas-eps and not NAS-EPS. That's why Wireshark crashes.
Moreover the pcap you generated is not correct:
0000  07 41 71 08 29 26 08 30  00 00 00 04 05 80 c0 00
0010  00 00 00 04 02 01 d0
It lacks the last byte (11), leading to a decoding error.

Regards,
Pascal.
 

 

Many thanks!

 

 

Best regards
Karl Heinz Eckstein

 

 

 

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
Sent: Donnerstag, 17. Februar 2011 18:45
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE)

 

Hi,

Both the NAS-EPS dissector and the LTE-RRC dissector are fairly well updated however you need to call them by using a User DLT

or something like that.

Regards

Anders

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Karl-Heinz ECKSTEIN
Sent: den 17 februari 2011 18:00
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE)

Hello,

May I ask, which status is applicable on ASN.1, especially dissector of RRC and NAS-EPS.

I’m asking, because I’m trying to dissector a pcap file, which I had generated via text2pcap from a LTE NAS message.

The NAS message is not “decoded”/dissectored by wireshark in my example. But NAS-EPS is available in Filters but not in preferences.

I’m using latest 1.5.1 build.

 

Many thanks for any help about this.

Best regards

Karl Heinz Eckstein

 


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube