Wireshark-bugs: [Wireshark-bugs] [Bug 2509] SCCP dissector - assoc->calling_ssn or assoc-> calle
Date: Wed, 30 Apr 2008 03:51:35 -0700 (PDT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2509





--- Comment #6 from João Fonseca <j.pedro.fonseca@xxxxxxxxxxxxxxx>  2008-04-30 03:49:56 GMT ---
Here are the hex dumps of two packets where the problem shows up:

Packet 1:
0000  83 08 01 9a 30 09 00 03  05 07 02 42 01 02 42 01   ....0... ...B..B.
0010  05 01 8e 60 03 00 8e 60  88 00 00 75 00 00 00 00   ...`...` ...u....
0020  00 00 00 00 00 00 00 00  00 00 00 1c 4d 53 ba 91   ........ ....MS..

Packet 2:
0000  83 68 02 42 00 01 00 00  00 02 02 06 04 43 68 02   .h.B.... .....Ch.
0010  8e 0f 4e 00 13 40 4a 00  00 06 00 03 40 01 00 00   ..N..@J. ....@...
0020  0f 40 06 00 09 f1 11 2c  11 00 3a 40 08 00 09 f1   .@....., ..:@....
0030  11 2c 11 01 de 00 10 40  18 17 05 08 61 09 f1 11   .,.....@ ....a...
0040  2c 11 4f 08 99 10 11 12  21 01 41 82 33 03 4f 08   ,.O..... !.A.3.O.
0050  00 00 4f 40 03 00 00 0a  00 56 40 05 09 f1 11 00   ..O@.... .V@.....
0060  0b 11 01 0f 00 00 00 00  c8 00 04 2f 61 09 f1 11   ........ .../a...
0070  2c 11 4f 08 99 10 11 12  21 01 41 82 33 03 4f 08   ,.O..... !.A.3.O.
0080  00 00 4f 40 03 00 00 0a  00 00 00 6c 8d 2c 7c d9   ..O@.... ...l.,|.


These are ATM AAL5 frames, containing both padding and the AAL5 trailer. To
view them on wireshark, you'll probably have to cut them off, keeping only the
data payload (packet 1: 28 bytes, packet 2: 108 bytes).

Also, you have to set some Wireshark preferences:
-ATM: "Dissect LANE as SSCOP"
-SSCOP: "SSCOP Payload Protocol" SSCF-MTP3-b



The second frame shows as RANAP in the packet list, but the packet detail
decodes it as SCCPMG. The SSN is 142, so this is a RANAP frame.

On the original capture file, containing more frames, the second packet shows
as SCCPMG even in the packet list.

Hope this helps.

Thanks,
Joao Fonseca


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.