Wireshark · Wireshark-dev: [Wireshark-dev] libwireshark message "Dissector is not available"

[于明明-安盟信息 <yumm@xxxxxxxxx>]

Hi, All:

 

I try to use libwireshark (version is 2.0.2) to parsed 61850 MMS data packet, but get the message " Dissector is not available", below is the output:

 

======================================

itemname: tpkt, TPKT, Version: 3, Length: 66

    itemname: tpkt.version, Version: 3

    itemname: tpkt.reserved, Reserved: 0

    itemname: tpkt.length, Length: 66

itemname: cotp, ISO 8073/X.224 COTP Connection-Oriented Transport Protocol

    itemname: cotp.li, Length: 2

    itemname: cotp.type, PDU Type: DT Data (0x0f)

    itemname: cotp.destref, Destination reference: 0x0000

    itemname: cotp.tpdu-number, .000 0000 = TPDU number: 0x00

    itemname: cotp.eot, 1... .... = Last data unit: Yes

itemname: ses, ISO 8327-1 OSI Session Protocol

    itemname: ses.type, SPDU Type: Give tokens PDU (1)

    itemname: ses.length, Length: 0

itemname: ses, ISO 8327-1 OSI Session Protocol

    itemname: ses.type, SPDU Type: DATA TRANSFER (DT) SPDU (1)

    itemname: ses.length, Length: 0

itemname: pres, ISO 8823 OSI Presentation Protocol

    itemname: pres.user_data, user-data: fully-encoded-data (1)

        itemname: pres.fully_encoded_data, fully-encoded-data: 1 item

            itemname: pres.PDV_list_element, PDV-list

                itemname: pres.presentation_context_identifier, presentation-context-identifier: 3

                itemname: pres.presentation_data_values, presentation-data-values: single-ASN1-type (0)

                    itemname: text, Dissector is not available

                        itemname: _ws.expert, Expert Info (Warn/Undecoded): Dissector is not available

                            itemname: pres.dissector_not_available, Dissector is not available

                                                        itemname: _ws.expert.severity, Severity level: Warn

                            itemname: _ws.expert.group, Group: Undecoded

 

====================

 

here is my code:

static void try_dissect(epan_t *session, const char *raw_data, int data_len, int frame_number) {
    struct wtap_pkthdr phdr;
    frame_data fdata;

    memset(&phdr, 0, sizeof(struct wtap_pkthdr));
    frame_data_init(&fdata, frame_number, &phdr, 0, 0);

    fdata.pkt_len  = data_len;
   fdata.cap_len  = data_len;

    fdata.lnk_t = WTAP_ENCAP_ETHERNET;

    epan_dissect_t *edt = epan_dissect_new(session, TRUE, TRUE);
    epan_dissect_run(edt, 0, &phdr, tvb_new_real_data((const guint8 *)raw_data, data_len, data_len), &fdata, NULL);

    print_tree(edt->tree->first_child->next->next->next->next, 0);

    epan_dissect_free(edt);
    frame_data_destroy(&fdata);
    wtap_phdr_cleanup(&phdr);
}


int main(int argc, char** argv) {

    init_process_policies();
    epan_init(register_all_protocols, register_all_protocol_handoffs, NULL, NULL);

    epan_t *session = epan_new();
    try_dissect(session, mms_data, sizeof(mms_data), 1);
    epan_free(session);

    epan_cleanup();

    return 0;
}

 

My question is how to fully parsed MMS package with libwireshark?

Thank you!

 

---------------------------------------------------

Yumm