On May 21, 2008, at 5:16 PM, Cloud Strife wrote:
I know its off topic but I need some clarifications. I just want to
have a general overview on how to parse DIAMETER packets. I have
recently parsed RADIUS packets using ethereal/wireshark and
freeradius source codes as guide. In DIAMETER, it is very different.
Checking on ethereal/wireshark and opendiameter source code, there
seems a need to have an XML parser? Why is that?
So that it can read the DIAMETER dictionary that specifies what the
names and types of the values for particular AVPs are.
If all you need to do with a DIAMETER AVP is report
its AVP code, as a number;
whether it needs to be encrypted;
whether it's mandatory;
whether it's vendor-specific;
its length;
its value, as an uninterpreted sequence of bytes;
then you don't need an XML parser.
Otherwise, either you need an XML parser to read the dictionary that
gives you, for a given AVP code, an indication of what the AVP's name
is and what data type it has, or you need to translate the XML
dictionary into some other form and have code to read it in *that*
form, or you need to hard-code that information (as Wireshark used to
do before we added our own XML parser so that we didn't have to fall
back on hard coding if libxml wasn't present).
Isn't it just extract this data/value from this byte to that byte
like in RADIUS?
The RADIUS dissector in current versions of Wireshark *isn't* like
that; that dissector also reads a dictionary to tell it how to
interpret AVPs. The RADIUS dictionary is, however, in FreeRADIUS
format; that's a simple text format, not an XML-based format.
