Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] GTPV2 packets in GPRS Tunneling protocol

From: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Date: Sun, 2 Jun 2013 23:15:18 +0200
2013/6/2 Manish Kumar <mkumar9009@xxxxxxxxx>
Thanks Pascal for a quick reply.

I was going through the same file but the problem is m not getting how the functions written in this file are being called up from other module.
For instance, how the function dissect_gtpv2_imsi( ...,....,...,..,...) is being called. Or lets I put a filter gtpv2.imsi in the code how its control flow code works. If someone can elaborate it will be really helpful.


dissect_gtpv2_imsi function is called when the IMSI Information Element is found. See dissect_gtpv2_ie_common() function and gtpv2_ies table definition.
If you want to see how the gtpv2.imsi filter is added, search for hf_gtpv2_imsi definition (line 5423 in trunk) and usage (line 868).

Pascal.

Regards,
Manish Kumar


On Sun, Jun 2, 2013 at 10:56 PM, Pascal Quantin <pascal.quantin@xxxxxxxxx> wrote:
Le 02/06/2013 18:01, Manish Kumar a écrit :
> Hi All,
>
> I am a beginner to wireshark development. I want to add a small filter
> related to small information contained in GTPV2 packets. Can any one
> guide me how to go about this.
>
> Which one is the main file in the whole code through I can browse the
> code. Any help will be appreciated.
>
> Regards,
> Manish

Hi Manish,

the GTPv2 dissection code is located in epan/dissectors/packet-gtpv2.c
I recommend you to read doc/README.developer so as to learn how to add
filters and look at the code of the GTPv2 dissector for examples. Once
done, you can submit your patch as explained here:
https://www.wireshark.org/docs/wsdg_html_chunked/ChSrcContribute.html

Regards,
Pascal.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe