Ethereal-users: Re: [Ethereal-users] More questions abou the Cisco IP phones

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <guy@xxxxxxxxxx>
Date: Thu, 21 Dec 2000 12:22:48 -0800 (PST)
(Both I and Gilbert are on the "ethereal-dev" and "ethereal-users"
mailing lists; there is no need to CC us on mail to those lists.)

>      In a previous mail I had asked about obtaining the contents/format
> of a certain configuration file that the Cisco call manager sends to the
> Cisco IP phone. Thank you for the replies. A key phrase in the replies
> seemed to be 'adding protocol decoders', so I looked up the mail archives
> for all the information I could find about this. I found that these
> protocol decoders were actually C files (and I almost passed out when I
> saw the contents of one of the C files). It looked really really
> difficult. Now c'mon all of you'll had a 'first time' with these protocol
> decoders, so could anyone, (anyone !), please explain if :
> 1. There is an easier way of going about getting the contents of the file
> I need.

Well, that depends on how the file - or the information in the file - is
sent out over the wire.

The page at

	http://www.cisco.com/univercd/cc/td/doc/product/voice/c_ipphon/ip_7960/admingde/overview.htm

lists a number of protocols used by the phone, including:

	Trivial File Transfer Protocol - this "allows you to transfer
	files over the network", and, "on the Cisco IP Phone 7960, TFTP
	enables you to obtain configuration file specific to the phone
	type", so perhaps the configuration file in question is
	transferred using TFTP; Ethereal dissects TFTP, although the
	actual file data being transferred is, as one would expect, just
	dissected as raw data, so:

		if the file is a text file, you'll have to find out its
		contents by looking at Ethereal's hex dump window;

		if the file is a binary file, you'll have to
		reverse-engineer its format, and Ethereal, not
		surprisingly, cannot help you except to show you the raw
		binary values you'll be reverse-engineering.

> 2. How do I go about getting the information needed to write a protocol
> decoder (yes, I did take a look at the mini-tutorial gilbert wrote in the 
> archives)

The mini-tutorial *is* all the information we have; you'd have to ask
questions of the ethereal-dev@xxxxxxxxxxxx mailing list to get more.

>  The main protocols that are used by the Cisco phone are bootp, dhcp,rtp,
> voip protocol (most of which are documented in the ethereal manpage). I
> also noticed that the CIsco discovery protocol and the Cisco Interior
> Gateway Routing Protocol have been documented in the ethereal man
> page. Would the code for that help,

The page whose URL I list above shows the protocols the Cisco phone
uses; this includes CDP (which we *partially* dissect; there may be
options we don't dissect, because we don't have information on them) but
not IGRP.