Note: forwarded message attached.
Stay in the know. Pulse on the new Yahoo.com.
Check it out.
--- Begin Message ---
Hi,
I need to parse GTP' packet consisting in its message field the GCDR and then SRecord. Srecord is the record defined by us.
Now obviously I need to add code to the ethereal to do this.
I plan to check for the type fields in the pay load of the packet myself and then call the corresponding decoding functions for those fields. This I feel will give me more control on the execution of the code.
Now I would like to know where it would be best to add the code?
Shall I add the parsing code for both the G-CDR and the Srecord in decode_gtp_tr_comm( ........) function?
In the above function the return value is 2 --- is this the offset returned?
In that case let us assume that I have parsed the contents of the G -CDR and SRecord in the decode_gtp_tr_comm ( ) function. Now, if I return from the function decode_gtp_tr_comm( ) --- the
value ( 2 + number of bytes in G-CDR + the number of bytes in Srecord ) would that be correct?
Or shall i need to add the parsing code in dissect_gtp( ) ?
Which is better?
And if i call from the function, decode_gtp_tr_com( ), the decoder functions such as decode_gtp_imsi( ) or decode_gtp_msisdn( ) directly would that be correct ?
And one final thing, now are all the functions to decode each of the fields in G-CDR provided in ethereal or I have to write atleast some of the decoder functions for the parsing of the G-CDR fields ? I have found some of the functions but still have to search for the other functions for decoding the G-CDR fields. How ever for SRecord fields I obviously have to write my own decoder functions
Thanks a lot,
Prashanth
All-new Yahoo! Mail - Fire up a more powerful email and get things done faster._______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
--- End Message ---