Wireshark-dev: Re: [Wireshark-dev] Add checksum validation option for MTP2
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Florent.Drouin@xxxxxxxxxxxxxxxxx
Date: Mon, 5 Feb 2007 17:32:37 +0100
Thanks,  I will try to do something similar with 2 registered dissectors.

Best regards
Florent


                                                                                                                                   
                      "Luis Ontanon"                                                                                               
                      <luis.ontanon@xxxxxxxxx>         To:      "Developer support list for Wireshark"                             
                      Sent by:                         <wireshark-dev@xxxxxxxxxxxxx>                                               
                      wireshark-dev-bounces@wi         cc:                                                                         
                      reshark.org                      Subject: Re: [Wireshark-dev] Add checksum validation option for MTP2        
                                                                                                                                   
                                                                                                                                   
                      05/02/2007 17:09                                                                                             
                      Please respond to                                                                                            
                      Developer support list                                                                                       
                      for Wireshark                                                                                                
                                                                                                                                   




IMO you could do like packet-eth.c does, it registers two dissectors
("eth_withfcs", "eth_withoutfcs") anyway and has a common dissector
that will determine one or the other (based on a preference maybe).

You could register one to handle ENCAP_WITH_FCS and ENCAP_WITHOUT_FCS
or use heuristics instead.

However you decide to go, I believe that having two registered
dissectors instead of an alternative one is a good idea anyway.


Luis


On 2/5/07, Florent.Drouin@xxxxxxxxxxxxxxxxx
<Florent.Drouin@xxxxxxxxxxxxxxxxx> wrote:
>
>       Hi luis,
>
>
> Right, it seems the problem with the FCS is not only a problem of
Datalink.
> Up to now, if you read a K12 file, and if the record/file for the stack
is
> pointing to mtp2, the MTP2 dissector is called.
> With the current MTP2 dissector, there is no problem with .rf5 record,
> because the FCS are ignored.
> But, if you are reading a MTP2 frame from an other capture device, the
FCS
> are present(at least for the board I am using).
> And in the ITU Q703 norma, the FCS are mentionned too, so they should be
> present.
>
> So, the problem is how to find a solution to have a MTP2 dissector
> compatible with both format (without FCS, and with FCS).
> My first patch was with an option to have a checksum validation.
> But, if the option is enabled, the rf5 record are detected as malformed,
> because of these 2 bytes missing, (and because the SCCP dissector has not
> be modified to accept such frame).
>
> Now, if I change the datalink to indicate the presence of Checksum, do I
> will have to call a specific MTP2_FCS dissector ? Or is it possible to
read
> the datalink on the pinfo structure in the current MTP2 dissector, to
call
> a specific code for the FCS validation ?
> In this case, it could work with K12 files too, as the datalink is set to
> WTAP_ENCAP_K12.
> Am I rigth, or do I missed something ?
>
> Best regards
> Florent
>
>
>
>
>
>                       "Luis Ontanon"
>                       <luis.ontanon@xxxxxxxxx>         To:
"Developer support list for Wireshark"
>                       Sent by:
<wireshark-dev@xxxxxxxxxxxxx>
>                       wireshark-dev-bounces@wi         cc:
>                       reshark.org                      Subject: Re:
[Wireshark-dev] Add checksum validation option for MTP2
>
>
>                       05/02/2007 15:41
>                       Please respond to
>                       Developer support list
>                       for Wireshark
>
>
>
>
>
> On 2/5/07, Florent.Drouin@xxxxxxxxxxxxxxxxx
> <Florent.Drouin@xxxxxxxxxxxxxxxxx> wrote:
> >       Hello Jeff,
> > Thank you for your comments, I will follow your advices and request a
new
> > DLT for MTP2 with FCS.
> > But before, I will, first, ask for the agreement of the board
> manufacturer.
> > I hope they will not disagree..
> >
> > In the same time, if someone has samples of use for the MTP2 DLT, it
> could
> > be very helpfull.
> > Maybe, the right way will be to have :
> > - DLT_MTP2_noFCS for K12 files,
>
> k12 files use a single WTAP_ENCAP_K12 and the actual protocol is
> choosen by name by the user associating it with the ".stk" file
> declared for a given port. As far as the dissecctor handle called by
> the name "mtp2" does not change its behaviour there's no problem.
>
> > - DLT_MTP2_FCS, for this board.
> > - and to keep the current DLT_MTP2 for compatibility.
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
>
>
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>


--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev