Wireshark-dev: Re: [Wireshark-dev] New WiMAX R6 plug-in
From: SAWADA Kentaro <sawa-ken@xxxxxxxxxxxxxx>
Date: Wed, 25 Jul 2007 11:17:32 +0900
I also express my thanks to Nivin.

A few comments to add.

(1) I also agree to give the different name to R6 plugin or rename
    the existsted wimax plugin with packet-ieee80216e and keep yours.

(2) I'd like to feedback some points, but is it right place to do such
    things here, or I'd better to email directly with Nivin san?
    Anyway, here's my check.

    a) TLV length is wrongly including 'Type' and 'Length' field.
         Stage3 5.3.1 says:
            The Length field defines the length of the value portion
            in octets (thus a TLV with no value portion would have a
            length of zero.
         which means the length should be only the 'Value' part.

    b) No padding.
         Stage3 5.3.1 says:
            Padding is not included in the length field (so a three
            octet value would have a length of three, but the total
            size of the TLV would be eight octets). 
         which means padding is required.

    For instance,
        Tag: Protocol [138], Length: 5
        Wimax TLV tag: 138
        Wimax TLV length: 5
        TLV Data: 01

    must be as follows.

        Tag: Protocol [138], Length: 5
        Wimax TLV tag: 138
        Wimax TLV length: 1 <=== HERE
        TLV Data: 01
        Padding: 00 00 00   <=== HERE

    c) 2nd,3rd,5th packet of your sample, wireshark says:
         Packet is Malformed: Check Tag

    d) 8th packet of your sample, wireshark says:
         Packet is Malformed: Check Tag MS Info

    e) 9th packet of your sample, wireshark has:
         [Dissector bug, protocol WIMAX: STATUS_ACCESS_VIOLATION: dissctor accessed an invalid memory address]

|Thanks for posting this Nivin,
|
|I'm building it now and will try to test later on today, but here are
|a few quick comments:
|
|(1) I renamed the folder (on my machine) to be plugins/wimax-r6r4, so
|as not to clash with the exisint air interface protocols plugin.  Does
|that seem OK to you?
|
|(2) you do lots of switches to convert between numbers and their
|meanings as strings.
|- please use value_string arrays and val_to_str() to look these up instead
|- it would be nice to #define symbols for these
|
|(3) it would also be nice to see #defines, or at least comments for
|the tag values used in get_tag_type()
|
|(4) how complete is this plugin?  Do you have a TODO list?
|
|Best regards,
|Martin
|
|On 7/24/07, Nitin Naveen <Nitin.Naveen@xxxxxxx> wrote:
|> Hello All,
|>
|> I am sharing the code for WiMAX R6/R4 plugin. Hope that it is useful to
|> the community.
|>
|> Regards
|> Nitin Naveen
|> Principal Engineer
|> HUGHES SYSTIQUE
|> D-8, Infocity-11
|> Sector-33, Gugaon
|> Haryana, India
|> tel: +91-124-3045400
|> fax: +91-124-4039301
|> nitin.naveen@xxxxxxx
|> www.hsc.com
|>
|>
|>
|> From: "Martin Mathieson" <martin.r.mathieson@xxxxxxxxxxxxxx>
|> Date: Thu, 19 Jul 2007 10:29:46 +0100
|>
|> Hi,
|>
|> Please do send the code, preferably with one or more test captures (I
|> have examples for some of R6, but not all)!
|>
|> Thanks,
|> Martin
|>
|>
|>
|>
|>
|> Nitin Naveen/ENGG/GGN/HSC
|> 07/19/2007 09:22 AM
|>
|> To
|> wireshark-dev@xxxxxxxxxxxxx
|> cc
|> gerald@xxxxxxxxxxxxx
|> Subject
|> New WiMAX R6 plug-in
|>
|>
|>
|>
|>
|> Hi,
|>
|> I generated dummy packets for WiMAX protocol. Saved the capture to a dummy
|> file wimax_ether.cap.
|> Then ran 'fuzz-test.sh"
|> ../fuzz-test.sh -p 2000 -d /root/ /root/wimax_ether.cap
|>
|> For all passes I got the following message
|> Pass 839:
|>     /root/wimax_ether.cap:  OK
|>
|> Have I missed something or all is OK. If all is OK the I shall make clean
|> and release the code.
|>
|> Regards
|> Nitin
|>
|>
|> From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
|> Date: Tue, 10 Jul 2007 19:32:01 +0200
|>
|> Hi,
|>
|>
|> First thing to so it testdrive it using fuzztest. Have a collection of
|> capture files ready which fuzztest will feed to your Wireshark+plugin.
|> That way you may find bugs not found during code review.
|>
|> Then make sure all support files are in as stated in README.plugin.
|>
|> Then 'make clean' the plugin directory and gzip it, after which you can
|> attach it to a mail to the developer mailing list. When time permits we'll
|> go over it and consider it for inclusion.
|>
|>
|> In the mean time a Wiki page would be nice, and most importantly, a sample
|> capture file.
|>
|> Thanx,
|> Jaap
|>
|>
|>
|> Nitin Naveen wrote:
|>
|>
|> Hi,
|>
|> I am Nitin Naveen working at HUGHES SYSTIQUE. We have developed a plug-in
|> to display
|> WiMAX R6 messages (between BTS and ASNGW). This plug-in is NOT for the AIR
|> interface.
|> It is for WiMAX signalling messages carried over Ethernet/ IP/ UDP.
|>
|> We have followed most of the guidelines as per README.developer.  It would
|> be great if
|> it can be included with the normal Wireshark distribution.
|>
|> Please let us know what are the various steps that we need to follow.
|>
|> Regards
|> Nitin Naveen
|> Principal Engineer
|> HUGHES SYSTIQUE
|> D-8, Infocity-11
|> Sector-33, Gugaon
|> Haryana, India
|> tel: +91-124-3045400
|> fax: +91-124-4039301
|> nitin.naveen@xxxxxxx
|> www.hsc.com
|>
|>
|>
|>
|> *****************************************************DISCLAIMER*****************************************************
|>
|> This message and/or attachment(s) contained here are confidential,
|> proprietary to HUGHES SYSTIQUE and its customers.
|> Contents may be privileged or otherwise protected by law. The information is
|> solely intended for the entity it is
|> addressed to. If you are not the intended recipient of this message, it is
|> strictly prohibited to read, forward,
|> print, retain, copy or disseminate this message or any part of it. If you
|> have received this e-mail in error,
|> please notify the sender immediately and delete the message.
|>
|> ********************************************************************************************************************
|>
|>
|_______________________________________________
|Wireshark-dev mailing list
|Wireshark-dev@xxxxxxxxxxxxx
|http://www.wireshark.org/mailman/listinfo/wireshark-dev


---
SAWADA Kentaro