Dear Martin,
Thanks a lot for your help, but actually I am sorry, i did not get your point so let me explain to you my whole problem in a different way.
I have an eNB simulator, that generates LTE packets having LTE MAC-header,RLC header, PDCP header & RRC.
I have also LTE UE, that can communicate with this eNB where the PHY is simulated using UDP sockets. It is just MAC to MAC communication.
In other words:
the whole LTE-MAC header is encapsulated inside IP header and ethernet header that simulate the LTE-PHY layer.
My main target is to display the LTE protocol messages that are exchanged between the eNB and the UE using the wireshark.
I expect that any frame exchanged between the eNB and the UE could be displayed with wireshark as follows:
Ethernet header-->IP header--->Data
this Data represents the LTE-MAC header and using the dissector of packet-mac-lte.c, different fields of LTE-MAC header can be displayed on wireshark window
In turn it would contain RLC Header and again it would be displayed on wireshark window using packet-rlc-lte.c
so that i can see the fields of LTE-RLC layer
In turn it would contain PDCP Header and again it would be displayed on wireshark window using packet-pdcp-lte.c
and @ the end I will see the control air messages by the same way using packet-lte-rrc.c
I run the
eNB simulator, then UE and I can see that there is exchanged data between. I opened wireshark then capture the traffic data @ the UE side but I just can see:
Ethernet Header----> IP header--->Data
where Data is just stream of bytes but I am sure that it has an LTE meaning so what is missing? how shall I configure wireshark to interpret this data as LTE data (MAC,RLC,PDCP,RRC)?
PS: I am using wireshark 1.2.6 for Linux
From: Martin Mathieson <
martin.r.mathieson@xxxxxxxxxxxxxx>
Date: Mon, 22 Feb 2010 15:39:55 +0000
The LTE PDCP dissector is an example of how it can be called. See
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-pdcp-lte.c?revision=31661&view=markup
The function pasted below works out hotwto get the appropriate
dissector handle. Search the file to see how that dissector handle is
then used to call the dissector on the appropriate range of bytes.
Note
that the MAC and RLC dissectors also have support for calling the RRC
dissector for transparent mode - by setting preferences appropriately
you should be able to decode many RRC messages starting from captured
MAC frames.
Hope this helps,
Martin
/* Look for an RRC dissector for signalling data (using channel type and direction) */
static dissector_handle_t lookup_rrc_dissector_handle(struct pdcp_lte_info *p_pdcp_info)
{
dissector_handle_t rrc_handle = 0;
switch (p_pdcp_info->channelType)
{
case Channel_CCCH:
if (p_pdcp_info->direction == DIRECTION_UPLINK) {
rrc_handle = find_dissector("lte-rrc.ul.ccch");
}
else {
rrc_handle = find_dissector("lte-rrc.dl.ccch");
}
break;
case Channel_PCCH:
rrc_handle = find_dissector("lte-rrc.pcch");
break;
case Channel_BCCH:
switch (p_pdcp_info->BCCHTransport) {
case BCH_TRANSPORT:
rrc_handle = find_dissector("lte-rrc.bcch.bch");
break;
case DLSCH_TRANSPORT:
rrc_handle = find_dissector("lte-rrc.bcch.dl.sch");
break;
}
break;
case Channel_DCCH:
if (p_pdcp_info->direction == DIRECTION_UPLINK) {
rrc_handle = find_dissector("lte-rrc.ul.dcch");
}
else {
rrc_handle = find_dissector("lte-rrc.dl.dcch");
}
break;
default:
break;
}
return rrc_handle;
}
On Sun, Feb 21, 2010 at 10:39 PM, Wael Showair
<showair2003@xxxxxxxxx> wrote:
Hi All,
I
am new in wireshark. I want to use it to display the lte-rrc air
messages. I have searched a lot for any documentation to start from it
but unfortunately i found nothing.
I believe that my problem is just about the dissector of lte_rrc? can anyone tell me how to use/enable it?
thanks,
Wael
