Hi,
Is
what Wireshark version are you using? 0.99.7? Is ssn included in
SCCP?
Hav
you tried "Edit->preferences->Inap and tied the ssn to
INAP?
Regards
Anders
Hi all,
I have a problem to decode a .rf5 (K12xx)
capture.
I add a new match in the K12 Protocols
preferences.
match: d:\k15\stacks\inap\spain01
_inap.stk
protos:mtp2
and, of
course, the capture is decoded but just up to SCCP. No information about
TCAP/INAP wich I need.
The spain01_inap.stk file looks
as:
STACK
"ProtocolStack" 4
4
PATH
c:/k1205/stacks/inap/
LAYER
"MTP-L2" ../../protocols/base/base.upd*
LOADED "MTP Level 2"
LAYER
"SCCP"
../../protocols/whibsccp/whibsccp.upd1
LOADED "White Book SCCP"
LAYER
"SCMG"
../../protocols/whibsccp/whibsccp.upd2
LOADED "White Book SCCP Management"
LAYER "INAP"
../../protocols/inap/esp1inap.upd1 LOADED
"Telefonica de Espana CoreINAP, ER.n7.008 Ed 3a"
RELATION
"BASE" "MTP-L2"
UNCOND
RELATION "MTP-L2"
"SCCP" PARAM SIO
0b????0011
RELATION "SCCP"
"SCMG" PARAM SSN
1
RELATION "SCCP"
"INAP" UNCOND
DECKRNL
"MTP-L2" LSBF
UPD_DK
DECKRNL "SCCP"
LSBF UPD_DK
DECKRNL
"SCMG" LSBF
UPD_DK
DECKRNL "INAP"
MSBF UPD_DK
SPC_CONF 14
"4-3-4-3"
CIC_CONF 12
"7-5"
LAYPOS "BASE"
65 374 355 414
LAYPOS "MTP-L2"
65 290 355
330
LAYPOS "SCCP"
65 200 355
240
LAYPOS "SCMG"
65 100 160
140
LAYPOS "INAP"
260 100 355 140
So, I tried, editing protos fiels as sccp:inap,
mtp2:sccp, mtp2:scmg, ... but no way to see further than sccp part.
Do
you have any clue about how to successfully decode such trace?
Thanks a
lot,
/Pedro
