Hi,
The gprscdr dissector isn’t registered by name so the tshark command will not work. Adding “registration by name” isn’t straight forward as
The format of the CDR isn’t backwards compatible the GTP dissector calls
dissect_gprscdr_GPRSCallEventRecord_PDU() if Release is 6 or less
and
issect_gprscdr_GPRSRecord_PDU(next_tvb,
pinfo, cdr_dr_tree, NULL)
otherwise.
Regards
Anders
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx]
On Behalf Of Edward Vogel
Sent: den 27 februari 2016 01:38
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] gprscdr
Hi all,
I have some CDRs in a file that I'm trying to decode with wireshark or tshark. The file has the raw asn.1 ber with no encapsulation. I found the "HowToDissectAnything" page which seems to give exactly what I need.
I got the http example from that page to work:
$ tshark -o 'uat:user_dlts:"User 0 (DLT=147)","http","0","","0",""' -r httpresp.pcap
1 0.000000 -> HTTP HTTP/1.1 200 OK
But trying the same thing with a CDR doesn't seem to work:
$ tshark -o 'uat:user_dlts:"User 0 (DLT=147)","gprscdr","0","","0",""' -r 1.pcap
tshark: Invalid -o flag "uat:user_dlts:"User 0 (DLT=147)","gprscdr","0","","0","""
|
