Hi Satish,
This is definitely very similar to what I did (with help) for the
Cisco paklog facility. Just have a look at packet-syslog.c and you
will get the idea.
Best regards,
Abhik
On Sat, Dec 27, 2008 at 12:15 AM, Satish Chandra
<satishchandra.lko@xxxxxxxxx> wrote:
> Hi,
>
> I have got a mtp2 hex dump. I have written a trivial client/server program
> and running both on my system. I am passing this mtp2 hex dump on the udp
> socket using the client program. I use wireshark to capture the packet on my
> ethernet card. So, in this way, complete mtp2 message gets encapsulated
> inside an UDP packet. Wireshark is able to capture the UDP packet but not
> able to decode it. It shows the complete mtp2 packet as Data. I tried the
> same for SCTP packets and it was successfully decoded.
>
> I also tried adding the following code to packet-mtp2.c file:
> dissector_add("udp.port", 2906, mtp2_handle); /* 2906 is an
> arbitrary port */
>
> compiled again, but still no success.
>
> Although dissectors of both the protocols are present, I think, I just need
> to some how invoke mtp2 dissector after UDP dissector.
>
> Can anyone help me please.
>
> Thanks Regards,
> Satish Chandra
>
> On Fri, Dec 26, 2008 at 9:24 PM, Abhik Sarkar <sarkar.abhik@xxxxxxxxx>
> wrote:
>>
>> Hi Satish,
>>
>> Is the entire MTP2 packet encapsulated in a UDP datagram as it is?
>> What is the source of this UDP data stream? Just in case you are using
>> the Cisco paklog functionality, you need to Decode As syslog and try.
>>
>> HTH
>> Abhik.
>>
>> On Fri, Dec 26, 2008 at 7:34 PM, Satish Chandra
>> <satishchandra.lko@xxxxxxxxx> wrote:
>> > Hi,
>> >
>> > I wish to decode a MTP2 message which is encapsulated with UDP header,
>> > but
>> > wireshark shows the complete message as Data and doesn't decodes it.
>> >
>> > I tried to use the "Decode As" option but was surprised to see that MTP2
>> > was
>> > missing from the list for UDP message.
>> >
>> > Can anyone help me with this. If it is not possible via configuration,
>> > can I
>> > modify the dissector code of UDP or MTP2 so that MTP2 packets inside UDP
>> > header are dissected. Where can I find the source code of UDP and MTP2
>> > protocol dissectors for wireshark?
>> >
>> > --
>> > Thanks Regards,
>> > Satish Chandra
>> >
>> >
>> > ___________________________________________________________________________
>> > Sent via: Wireshark-users mailing list
>> > <wireshark-users@xxxxxxxxxxxxx>
>> > Archives: http://www.wireshark.org/lists/wireshark-users
>> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>> >
>> > mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>> >
>>
>> ___________________________________________________________________________
>> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
>> Archives: http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>>
>> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>
> --
> Thanks Regards,
> Satish Chandra
>
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
