Ethereal-users: Re: [Ethereal-users] LCF decode from Vocaltec GK does not display 2ndalternate e
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Tomas Kukosa <tomas.kukosa@xxxxxxxxxxx>
Date: Wed, 14 Apr 2004 08:28:19 +0200
Could you look into the attached report if your capture file is decoded well? If yes I will relese the h235 ASAP. Tomas Michael Oliveras wrote:
Ronnie,Thanks very much for your patch! I compiled ehtereal from cvs and the LCF is now decoded properly. It seems however that the patch introduced a problem. There is a "challengestring" present in the token section of several h225 messages - ARQ, RRQ, and SETUP. Before your patch ethereal simply ignored this section; in the cvs version, ethereal is trying to decode the clear token and does not know how to decode this. The packet is reported as malformed, and the rest of the packet is not decoded. Could you add support for the challenge string?I attached a capture file that contains an ARQ, RRQ, and SETUP message. Thanks for all your help, Mike Oliveras -----Original Message----- From: Ronnie Sahlberg [mailto:ronnie_sahlberg@xxxxxxxxxxxxxx] Sent: Thursday, April 08, 2004 8:10 PM To: Ethereal user support Subject: Re: [Ethereal-users] LCF decode from Vocaltec GK does not display 2ndalternate endpoi nt LCF decode from Vocaltec GK does not display 2nd alternate endpointHi, Many thanks for your bugreport. I have checked in a patch that will make ethereal decode that packet properly. It will be avaialble in the next version of ethereal. Ethereal when decoding that packet should have printed something like "NOT DECODED YET[ClearToken]" to the console which meansthat ethereal encountered a PER contrust (cleartoken in this case) ewtherealdid not know how to decode and thus everything from that point further in that packet was just decoded as garbage data. The problem with your packet was that no one had even bothered enough about H.235 to even attempt to decode theseClearToken fields. Maybe H.235 is very rare so almost no one had encounteredit previously? I dont know, Im not a VoIP person. Since no one had implemented decoding of ClearTokens previously ethereal failed to decode your packet properly (since it contained ClearTokens).I implemented a limited support for ClearTokens and its fields so it will atleast decode your packet properly. There are though still a lot of other contrustcs, mainly related to H.235 that no one has cared enough about to implement and which can/will cause similar problems. Please report any other problems you see and encounter. I dont use VoIP myself, dont have access to VoIP and also lack interest in VoIP so itis impossible for me to create required captures to test those unimplementedfields. Please keep sending captures and bugreports to the list and myself or someone else can implement the missing parts. Thanks again for the bugreport (missing functionality) and for the capture that allowed me to implement decodes for these fields. best regards ronnie sahlberg ----- Original Message ----- From: Michael Oliveras To: 'ethereal-users@xxxxxxxxxxxx' Sent: Thursday, April 08, 2004 9:34 AM Subject: [Ethereal-users] LCF decode from Vocaltec GK does not display 2ndalternate endpoi nt I noticed a decode issue on ethereal 0.10.3 I attached a trace of an LCF that was sent from a Vocaltec GK. The LCF contains a total of three endpoints (an endpoint and two alternate endpoints). When I look at the decode on ethereal, it only displays the 1st alternate endpoint and not the 2nd. I can actually see the h323ID of the 2nd alternate endpoint in the text decode of the hex pane (5350-t1-13@xxxxxxxxxxxxxxxxxxx), so it seems that the information was captured but not decoded. Any help would be appreciated. Thanks, Mike Oliveras
Frame 1 (372 bytes on wire, 372 bytes captured)
Ethernet II, Src: 00:07:eb:59:2c:58, Dst: 00:d0:ff:90:98:00
Internet Protocol, Src Addr: 209.58.84.245 (209.58.84.245), Dst Addr: 209.58.84.84 (209.58.84.84)
User Datagram Protocol, Src Port: 58625 (58625), Dst Port: 1719 (1719)
H.225.0 RAS
RasMessage
RasMessage: .010 01.. : admissionRequest (9)
AdmissionRequest
RequestSeqNum: 19288
CallType
CallModel
EndpointIdentifier: 627725D800000001
DestinationInfo
srcInfo
BandWidth: 1280
CallReferenceValue: 902
nonStandardData
NonStandardIdentifier
nonStandardIdentifier: .1.. .... : h221NonStandard (1)
h221NonStandard
H.221 Manufacturer: Cisco (0xb5000012)
Octet String Length: 66
data: 8000000A280B124953444E20332F303A...
Data (66 bytes)
0000 80 00 00 0a 28 0b 12 49 53 44 4e 20 33 2f 30 3a ....(..ISDN 3/0:
0010 44 30 00 2d 49 41 4d 2c 0d 0a 47 43 49 2c 61 33 D0.-IAM,..GCI,a3
0020 63 36 64 63 32 63 38 63 62 32 31 31 64 38 38 61 c6dc2c8cb211d88a
0030 33 66 38 62 39 35 35 34 65 31 31 31 37 37 0d 0a 3f8b9554e11177..
0040 0d 0a ..
conferenceID: A3C6DC2C8CB211D88A3F8B9554E11177
activeMC: 0... .... False
answerCall: .0.. .... False
canMapAlias: 1... .... True
CallIdentifier
tokens
Item 0
cleartoken
tokenOID: 1.2.840.113548.10.1.2.1
timeStamp: 1081882388
challenge: 72E06CAFF3AD2C28212B3F52A9AEF866
random: 217
generalID: 5350-ss7t1-15
CryptoH323Tokens
Item 0
CryptoH323Token
CryptoH323Token: .000 .... : cryptoEPPwdHash (0)
cryptoEPPwdHash
AliasAddress
AliasAddress: .... .1.. : h323ID (1)
h323ID: 5350-ss7t1-15
timeStamp: 1081882388
token
algorithmOID: 1.2.840.113549.2.5
paramS
Bit String Length: 128
hash: 4DAB52A13D0EE5D01C451FFE4C7DFE0E
willSupplyUUIEs: 0... .... False
Frame 2 (749 bytes on wire, 749 bytes captured)
Ethernet II, Src: 00:07:eb:59:2c:58, Dst: 00:01:96:1f:76:a3
Internet Protocol, Src Addr: 209.58.84.245 (209.58.84.245), Dst Addr: 209.58.84.234 (209.58.84.234)
Transmission Control Protocol, Src Port: 12452 (12452), Dst Port: 1720 (1720), Seq: 3362492619, Ack: 2589491499, Len: 695
TPKT
Q.931
H.225.0 CS
H323_UserInformation
H323_UU_PDU
h323_message_body
h323_message_body: .... .000 : setup (0)
SetupUUIE
ProtocolIdentifier: 0.0.8.2250.0.4
sourceAddress
sourceInfo
activeMC: ..0. .... False
conferenceID: A3C6DC2C8CB211D88A3F8B9554E11177
conferenceGoal
CallType
sourceCallSignalAddress
CallIdentifier
tokens
Item 0
cleartoken
tokenOID: 1.2.840.113548.10.1.2.1
timeStamp: 1081882388
challenge: 26A2147DCA85CAFCFA8B460BE4FBF674
random: 218
generalID: 5350-ss7t1-15
nonStandard
nonStandardIdentifier: 0.1.2.4
Octet String Length: 124
data: 407C371426A2147DCA85CAFCFA8B460B...
fastStart
mediaWaitForConnect: 0... .... False
canOverlapSend: 0... .... False
multipleCalls: 1... .... True
maintainConnection: 1... .... True
h245Tunneling: 0... .... False
nonStandardControl
Frame 3 (265 bytes on wire, 265 bytes captured)
Ethernet II, Src: 00:01:96:1f:76:a3, Dst: 00:d0:ff:90:98:00
Internet Protocol, Src Addr: 209.58.84.234 (209.58.84.234), Dst Addr: 209.58.84.85 (209.58.84.85)
User Datagram Protocol, Src Port: 58750 (58750), Dst Port: 1719 (1719)
H.225.0 RAS
RasMessage
RasMessage: .000 11.. : registrationRequest (3)
RegistrationRequest
RequestSeqNum: 15930
ProtocolIdentifier: 0.0.8.2250.0.4
discoveryComplete: 0... .... False
callSignalAddress
rasAddress_sequence
terminalType
GatekeeperIdentifier: zgk3602.itxc.com
VendorIdentifier
TimeToLive: 60
tokens
Item 0
cleartoken
tokenOID: 1.2.840.113548.10.1.2.1
timeStamp: 1081882401
challenge: 3179869BBF91AC427DA51889DC1D6458
random: 190
generalID: 5300-t1-4
CryptoH323Tokens
Item 0
CryptoH323Token
CryptoH323Token: .000 .... : cryptoEPPwdHash (0)
cryptoEPPwdHash
AliasAddress
AliasAddress: .... .1.. : h323ID (1)
h323ID: 5300-t1-4
timeStamp: 1081882401
token
algorithmOID: 1.2.840.113549.2.5
paramS
Bit String Length: 128
hash: 61C57D444C3242B059A9C7D21F24878A
keepAlive: 1... .... True
EndpointIdentifier: 6207410400000006
willSupplyUUIEs: 0... .... False
maintainConnection: 1... .... True
- References:
- Prev by Date: RE: [Ethereal-users] removing duplicate packets from a trace
- Next by Date: RE: [Ethereal-users] LCF decode from Vocaltec GK does not display2ndalternate endpoi nt - challenge string
- Previous by thread: [Ethereal-users] LCF decode from Vocaltec GK does not display 2ndalternate endpoi nt - challenge string
- Next by thread: RE: [Ethereal-users] LCF decode from Vocaltec GK does not display 2ndalternate endpoi nt - challenge string
- Index(es):
