Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] HowTo decode messages as X.411?

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Hoffmann Rainer" <rainer.hoffmann@xxxxxxx>
Date: Tue, 13 Jul 2010 16:50:35 +0200
Hi,

first of all you need to know the transport port that your application
uses to send/receive X411 messages. Then you decode the TCP packets as
TPKT, which is the ISO on TCP according to RFC1006. If you have the OSI
protocols enabled (like COTP, SES, PRES, ROSE, ACSE, RTSE, P7, X411,
X420) you should be able to see your all your MHS message details!

Regard,
Rainer


> -----Original Message-----
> From: wireshark-users-bounces@xxxxxxxxxxxxx 
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of 
> tomess@xxxxxxx
> Sent: Monday, July 12, 2010 4:23 PM
> To: wireshark-users@xxxxxxxxxxxxx
> Subject: [Wireshark-users] HowTo decode messages as X.411?
> 
> Hi,
> how can I decode messages as X411 (P1,P3) using wireshark?
> I'm using the latest version 'Development Release 1.4.0rc1' 
> but I cannot find any option like 'decode as X.411 message' 
> within the decode-menu. 
> 
> I've found an old patch, howto add this option to the menu 
> (http://www.mail-archive.com/wireshark-dev@xxxxxxxxxxxxx/msg03
> 539.html) but the required entry seems to be already included 
> in my version of './asn1/x411/packet-x411-template.c':
> 
> [..]
> /* ABSTRACT SYNTAXES */
> 
>   x411_handle = find_dissector("x411");
>   register_rtse_oid_dissector_handle("2.6.0.2.12", 
> x411_handle, 0, "id-as-mta-rtse", TRUE);
>   register_rtse_oid_dissector_handle("2.6.0.2.7", 
> x411_handle, 0, "id-as-mtse", FALSE);
> 
>   register_ber_syntax_dissector("X.411 Message", proto_x411, 
> dissect_x411_mts_apdu);
>   register_rtse_oid_dissector_handle("applicationProtocol.1", 
> x411_handle, 0, "mts-transfer-protocol-1984", FALSE);
>   
> register_rtse_oid_dissector_handle("applicationProtocol.12", 
> x411_handle, 0, "mta-transfer-protocol", FALSE); [..]
> 
> It would be great, if somebody of you could help me to get 
> this working. Thanks a lot.
> 
> Best regards.
> tomess
> --
> GMX DSL: Internet-, Telefon- und Handy-Flat ab 19,99 EUR/mtl.  
> Bis zu 150 EUR Startguthaben inklusive! 
> http://portal.gmx.net/de/go/dsl 
> ______________________________________________________________
> _____________
> Sent via:    Wireshark-users mailing list 
> <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>              
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
> 
> 
>
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube