Wireshark mailing list archives

Re: How to use lte_rrc in wireshark?

From: Wael Showair <showair2003 () yahoo com>
Date: Mon, 22 Feb 2010 10:50:15 -0800 (PST)

Dear Martin,
Thanks a lot for your help, but actually I am sorry, i did not get your point so let me explain to you my whole problem 
in a different way.

I have an eNB simulator, that generates LTE packets having LTE MAC-header,RLC header, PDCP header & RRC.
I have also LTE UE, that can communicate with this eNB where the PHY is simulated using UDP sockets. It is just MAC to 
MAC communication.
In other words:
the whole LTE-MAC header is encapsulated inside IP header and ethernet header that simulate the LTE-PHY layer.
 
My main target is to display the LTE protocol messages  that are exchanged between the eNB and the UE using the 
wireshark.
I expect that any frame exchanged between the eNB and the UE could be displayed with wireshark as follows:
Ethernet header-->IP header--->Data
this Data represents the LTE-MAC header and using the dissector of packet-mac-lte.c, different fields of LTE-MAC header 
can be displayed on wireshark window

In turn it would contain RLC Header and again it would be displayed on wireshark window using packet-rlc-lte.c
so that i can see the fields of LTE-RLC layer

In turn it would contain PDCP Header and again it would be displayed on wireshark window using packet-pdcp-lte.c

and @ the end I will see the control air messages by the same way using packet-lte-rrc.c

I run the eNB simulator, then UE and I can see that there is exchanged data between. I opened wireshark then capture 
the traffic data @ the UE side but I just can see:
Ethernet Header----> IP header--->Data
where Data is just stream of bytes but I am sure that it has an LTE meaning so what is missing? how shall I configure 
wireshark to interpret this data as LTE data (MAC,RLC,PDCP,RRC)?
 
PS: I am using wireshark 1.2.6 for Linux


 


From: Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>
 Date: Mon, 22 Feb 2010 15:39:55 +0000

 
The LTE PDCP dissector is an example of how it can be called.  See 
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-pdcp-lte.c?revision=31661&view=markup

The function pasted below works out hotwto get the appropriate
dissector handle.  Search the file to see how that dissector handle is
then used to call the dissector on the appropriate range of bytes.
Note
that the MAC and RLC dissectors also have support for calling the RRC
dissector for transparent mode - by setting preferences appropriately
you should be able to decode many RRC messages starting from captured
MAC frames.

Hope this helps,
Martin

/* Look for an RRC dissector for signalling data (using channel type and direction) */
static dissector_handle_t lookup_rrc_dissector_handle(struct pdcp_lte_info  *p_pdcp_info)

{
    dissector_handle_t rrc_handle = 0;

switch (p_pdcp_info->channelType)
    {
case Channel_CCCH:

if (p_pdcp_info->direction == DIRECTION_UPLINK) {
                rrc_handle = find_dissector("lte-rrc.ul.ccch");
            }

else {
                rrc_handle = find_dissector("lte-rrc.dl.ccch");
            }
break;

case Channel_PCCH:
            rrc_handle = find_dissector("lte-rrc.pcch");
break;

case Channel_BCCH:
switch (p_pdcp_info->BCCHTransport) {
case BCH_TRANSPORT:

                    rrc_handle = find_dissector("lte-rrc.bcch.bch");
break;
case DLSCH_TRANSPORT:

                    rrc_handle = find_dissector("lte-rrc.bcch.dl.sch");
break;
            }
break;

case Channel_DCCH:
if (p_pdcp_info->direction == DIRECTION_UPLINK) {
                rrc_handle = find_dissector("lte-rrc.ul.dcch");

            }
else {
                rrc_handle = find_dissector("lte-rrc.dl.dcch");
            }
break;



default:
break;
    }

return rrc_handle;
}




On Sun, Feb 21, 2010 at 10:39 PM, Wael Showair <showair2003@xxxxxxxxx> wrote:

Hi All,
I
am new in wireshark. I want to use it to display the lte-rrc air
messages. I have searched a lot for any documentation to start from it
but unfortunately i found nothing.

I believe that my problem is just about the dissector of lte_rrc? can anyone tell me how to use/enable it?

thanks,
Wael

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

How to use lte_rrc in wireshark? Wael Showair (Feb 22)
- Re: How to use lte_rrc in wireshark? Martin Mathieson (Feb 22)
- <Possible follow-ups>
- Re: How to use lte_rrc in wireshark? Wael Showair (Feb 23)