Re: Question regarding LTE RRC dissectors

["Jagadeesan, Viswanathan" <vjagadee () qti qualcomm com>]

Hi

    I am interested to know the best practice to debug the Plugin dissectors.

Regards,Viswa

From: Jagadeesan, Viswanathan
Sent: Wednesday, December 02, 2015 6:23 PM
To: 'Pascal Quantin'
Cc: Developer support list for Wireshark
Subject: RE: Question regarding LTE RRC dissectors

Thanks.

           Exactly we need something.  I thought, we can have
The approach:

External plugin register for UDP port 65534
Then Call external RRC dissector.

Your suggestions:
External plugin register for UDP port 65534
Then Call builtin RRC dissector.

I am fine with your approach, any samples code/ link, so we happy to start with

Regards,Viswa



From: Pascal Quantin [mailto:pascal.quantin () gmail com]
Sent: Wednesday, December 02, 2015 6:14 PM
To: Jagadeesan, Viswanathan
Cc: Developer support list for Wireshark
Subject: RE: Question regarding LTE RRC dissectors


Le 3 déc. 2015 12:06 AM, "Jagadeesan, Viswanathan" <vjagadee () qti qualcomm com<mailto:vjagadee () qti qualcomm com>> 
a écrit :
> Hi Pascal
>
>
>
>                 As know that wire shark  call the RRC dissector if packet has RRC payload of MAC->RLC->PDCP, 
> otherwise it wouldn’t invoke. We need something like
>
> Ethernet MAC + IP + UDP + LTE RRC instead of  Ethernet MAC + IP + UDP + MAC +RLC + PDCP +RRC.

So you are definitely taking the wrong approach.
You could create a custom plugin registering on a given UDP port that would extract the from the UDP payload some meta 
data identifying the LTE RRC  channel and the message payload, then calling the right dissector. All are registered by 
name (as seen in packet-lte-rrc.c) and can be called from a plugin.
You should not try to duplicate LTE RRC code.

> Any suggestions.
>
>
>
> Thanks,Viswa
>
>
>
>
>
> From: Pascal Quantin [mailto:pascal.quantin () gmail com<mailto:pascal.quantin () gmail com>]
> Sent: Wednesday, December 02, 2015 5:46 PM
> To: Jagadeesan, Viswanathan
> Cc: wireshark-dev () wireshark org<mailto:wireshark-dev () wireshark org>
> Subject: Re: Question regarding LTE RRC dissectors
>
>
>
>
>
>
>
> 2015-12-02 23:36 GMT+01:00 Jagadeesan, Viswanathan <vjagadee () qti qualcomm com<mailto:vjagadee () qti qualcomm 
> com>>:
> > From: Jagadeesan, Viswanathan
> > Sent: Wednesday, December 02, 2015 5:35 PM
> > To: 'pascal.quantin () gmail com<mailto:pascal.quantin () gmail com>'
> > Subject: Question regarding LTE RRC dissectors
> >
> >
> >
> > Hi
> >
> >
> >
> >          followup question, it does the creation of dissector dll for RRC successfully, when it loads on wireshark , 
> > it throws a error: "The procedure entry point dissect_lpp_Ellipsoid_Point_PDU could not be located in the dynamic 
> > link libwireshark.dll "
> >
> > any suggestions.
>
>
>
> Hi,
>
> as explained in your question on ask.wireshark.org<http://ask.wireshark.org> 
> (https://ask.wireshark.org/questions/48152/lte-rrc-dissector-linker-issue) this symbol is not exported by Wireshark. 
> So your plugin will not work with a standard Wireshark version.
>
> You have not explained yet why you try to duplicate the already existing LTE RRC dissector. If your changes are 
> intrusive enough to require accessing those functions, you should probably modify the source of LTE RRC dissector 
> directly and compile your own version of Wirehsark, rather than making a plugin. Or you will need to copy / paste 
> plenty of code in your own plugin, but that could collide with the embedded dissector.
>
> But without knowing your own constraints, we cannot really confirm whether the choice to make a plugin was the best 
> one or not.
>
>
>
> Best regards,
>
> Pascal.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe