Re: Request for new DLT value for Wireshark Dissector

[Schemmel, Hans-Christoph <hans-christoph.schemmel () cinterion com>]

Guy Harris <guy <at> alum.mit.edu> writes:

> On Jan 10, 2011, at 6:16 AM, Schemmel, Hans-Christoph wrote:
>
> > I´ve written a dissector (MUX27010) for wireshark and I want to commit it to
the project. Therefore I need
> a new DLT value for this dissector/protocol because the protocol doesn´t base
upon another data link
> layer protocol.
> > What the dissector does: It analyses a multiplexed communication between a
GSM modem and the host,
> whereby the multiplexing is based upon the specification 3G TS 27.010.
>
> So does a packet begin with the address field, as described by TS 27.010
section 5.2.1.2, followed by the
> section 5.2.1.3 control field, followed by the information field if present?
(Or does it, for example,
> include the flag octets - in which case the packet contents presumably escape
that octet value - or do
> something else?


A packet begins with a flag (octet 0xF9, section 5.2.1.1), followed by address
and control field.
The dissector is based upon the specification but there are slight deviations to
meet the actual implementation of Cinterion and Siemens modules, e.g. no I frame
support, but an additional UIH_E frame.

Regards,
Hans-Christoph Schemmel

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.