ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-users: Re: [Wireshark-users] How to decode AVP 1003 and 1022 ??

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Luis EG Ontanon" <luis.ontanon@xxxxxxxxx>
Date: Mon, 27 Aug 2007 21:48:24 +0200
If you are using 0.99.6 or lower you are probably either missing
libxml.dll or not have enabled the use of the dictionary in
preferences.

BTW Instead of looking for the lib that does not come with
wireshark... you could download
fromhttp://www.wireshark.org/download/automated/  a recent snapshot
which has a greatly improved Diameter dissector .

Luis

On 8/27/07, Leonard Wu (liwu) <liwu@xxxxxxxxx> wrote:
>
>
> Hi,
>
>
> I ve added the following to dictionary.xml, but wirehshark does not decode
> it:
>
>
>
> <avp name="AGW-IP-Address" code="1003" mandatory="may" vendor-bit="must"
> may-encrypt="no">
>
> <type type-name="IPAddress"/>
>
> </avp>
>
> <avp name="Access-Network-Charging identifier-Ty" code="1022"
> mandatory="may" vendor-bit="must" vendor-id="3GPP" may-encrypt="no">
>
>
>
> <type type-name="UTF8String"/>
>
> </avp>
>
>
>
> Thanks,
>
> Leonard
>
>
>
>  ________________________________
>  From: wireshark-users-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
> Anders Broman
> Sent: Sunday, August 26, 2007 3:45 AM
> To: 'Community support list for Wireshark'
> Subject: Re: [Wireshark-users] How to decode AVP 1003 and 1022 ??
>
>
>
>
>
> Hi,
>
> Have a look in /diameter/dictionary.xml I think it also holds the reference
> to the relevant 3GPP specification.
>
> Please send us any update as a patch for inclusion into Wireshark.
>
> Regards
>
> Anders
>
>
>
>  ________________________________
>
>
> Från: wireshark-users-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] För Leonard
> Wu (liwu)
> Skickat: den 26 augusti 2007 09:07
> Till: wireshark-users@xxxxxxxxxxxxx
> Ämne: [Wireshark-users] How to decode AVP 1003 and 1022 ??
>
>
>
>
>
> Hi,
>
>
>
>
>
> My wireshark can't decode AVP 1003 and 1022 as below:
>
>
>
>
>
> Unknown AVP:0x000003eb (1003) (OctetString) l:0x12 (18 bytes) (20 padded
> bytes)
>
>
>     AVP Code: Unknown AVP:0x000003eb (1003) (1003)
>
>
>     AVP Flags: 0xc0 (Mandatory, Vendor-Specific)
>
>
>     AVP Length: 18
>
>
>     AVP Vendor Id: 3rd Generation Partnership Project 2 (3GPP2) (5535)
>
>
>     Hex Data Highlighted Below
>
>
>
>
>
> Unknown AVP:0x000003fe (1022) (OctetString) l:0x20 (32 bytes) (32 padded
> bytes)
>
>
>     AVP Code: Unknown AVP:0x000003fe (1022) (1022)
>
>
>     AVP Flags: 0xc0 (Mandatory, Vendor-Specific)
>
>
>     AVP Length: 32
>
>
>     AVP Vendor Id: 3GPP (10415)
>
>
>     Hex Data Highlighted Below
>
>
>
>
>
> ===
>
>
>
>
>
> I really appreciate if Someone can provide me with some guidance. It has
> blocked my testing work.
>
>
> Is that because wireshark is dictionary-driven and it is possible that not
> all the AVPs have been loaded into it.
>
>
> Is it possible to add new AVPs ?
>
>
>
>
>
> Thanks,
>
>
> Leonard
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>
>


-- 
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube