Wireshark mailing list archives
Re: Modify ASN1 developed dissector
From: Anders Broman <anders.broman () ericsson com>
Date: Thu, 2 Oct 2014 10:50:18 +0000
Hi, You need to modify the template and possibly the .cnf file to insert your changes into the generated code there shouldn’t be a need to modify the ASN1 files. I have no knowledge of the protocol itself so this is just general statements. If the UDP packets contains multiple PDU’s you probably have to check the PDU length And loop trough the UDP data until all of the buffer has been read. Reassembly should be done in a similar way if the PDU size is bigger than the received UDP segment You should call the reassembly code until enough data has been received. It looks like it might be unaligned PER which might be a challenge to handle if PDUs don’t align to byte boundaries, if fragments don’t align shouldn’t be a (big) problem. Regards Anders From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Victor Xiang Sent: den 2 oktober 2014 01:17 To: wireshark-dev () wireshark org Subject: [Wireshark-dev] Modify ASN1 developed dissector Hi, I am trying to use the TETRA dissector, which is developed in ASN1. After a couple of weeks analyzing through the code with my TETRA packets, I wasn’t able to see some of the MAC procedures described in the ETSI’s drafts of this mobile communications protocol and the author of the dissector confirmed me they are not implemented. Specifically, I couldn’t see any dissociation nor reassembling after fragmentation. The process of association means that a logical channel of a packet can contain multiple PDUs. So to do the dissociation I should add some loops inside a logical channel to go through all the PDUs by checking the length field of each one and separating them in a new subtree. The fragmentation of a PDU is done in bits and not in bytes. I mean, the fragmented part could begin in the bit number 10 of a PDU (not beginning in a new byte). I would like to see the reassembled SDU in the last fragmented packet. As I am new in Wireshark development, I would like to know if it would be possible to modify easily an ASN1 developed dissector to include this features and a couple of tips of how should I begin proceeding. As there are many files generated for this dissector, I am a bit lost and don’t know what’s the road I should follow. Thanks in advance Victor Xiang
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Modify ASN1 developed dissector Victor Xiang (Oct 01)
- Re: Modify ASN1 developed dissector Anders Broman (Oct 02)