Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Modify ASN1 developed dissector

From: Anders Broman <anders.broman () ericsson com>
Date: Thu, 2 Oct 2014 10:50:18 +0000
Hi,
You need to modify the template and possibly the .cnf file to insert your changes into the generated code there 
shouldn’t be a need to modify the ASN1 files.

I have no knowledge of the protocol itself so this is just general statements. If the UDP packets contains multiple 
PDU’s you probably have to check the PDU length
And loop trough the UDP data until all of the buffer has been read. Reassembly should be done in a similar way if the 
PDU size is bigger than the received UDP segment
You should call the reassembly code until enough data has been received. It looks like it might be unaligned PER which 
might be a challenge to handle if PDUs don’t align to byte boundaries, if fragments don’t align shouldn’t be a (big) 
problem.

Regards
Anders


From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Victor Xiang
Sent: den 2 oktober 2014 01:17
To: wireshark-dev () wireshark org
Subject: [Wireshark-dev] Modify ASN1 developed dissector

Hi,

I am trying to use the TETRA dissector, which is developed in ASN1.

After a couple of weeks analyzing through the code with my TETRA packets, I wasn’t able to see some of the MAC 
procedures described in the ETSI’s drafts of this mobile communications protocol and the author of the dissector 
confirmed me they are not implemented.
Specifically, I couldn’t see any dissociation nor reassembling after fragmentation.

The process of association means that a logical channel of a packet can contain multiple PDUs. So to do the 
dissociation I should add some loops inside a logical channel to go through all the PDUs by checking the length field 
of each one and separating them in a new subtree.
The fragmentation of a PDU is done in bits and not in bytes. I mean, the fragmented part could begin in the bit number 
10 of a PDU (not beginning in a new byte). I would like to see the reassembled SDU in the last fragmented packet.

As I am new in Wireshark development, I would like to know if it would be possible to modify easily an ASN1 developed 
dissector to include this features and a couple of tips of how should I begin proceeding. As there are many files 
generated for this dissector, I am a bit lost and don’t know what’s the road I should follow.

Thanks in advance

Victor Xiang

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: