Wireshark-bugs: [Wireshark-bugs] [Bug 6153] Wireshark plugin for CSG2 R6 interface.
Date: Thu, 20 Oct 2011 11:58:20 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6153

--- Comment #21 from Anders Broman <anders.broman@xxxxxxxxxxxx> 2011-10-20 11:58:15 PDT ---
> It seems I'm missing a proper conversion from plugin dissector to builtin
> dissector conversion. I tried to find the guidelines for built-in dissector on
> wireshark.org but there is coding guidelines given for plugin dissector but I
> failed to find any detailed guide steps for built-in dissector. Can you please
> share any document guide for coding of built-in dissector. 

There is no difference in how to code the dissection code between a built in
dissector and a plugin, see README.developer for advice on how to code and look
at other dissectors.

> I'm still unable to understand this comments "use the dissector table for CDR:s
> in packet-gtp.c". Please share some guidelines for builtin dissector, it will
> help me to understand the format. 
> 
> Thanks

I'm assuming that Cisco implements the GTP part according to 3GPP Specification
3GPP TS 29.060 and as there allready exists a GTP dissctor (packet-gtp.c) there
s no need to duplicate that part. Using the trace included in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5972
selecting packet 305 and doing "decode as" GTP the packet dissects as

No.     Time                       Source                Destination          
Protocol Info
    305 2011-05-20 04:49:09.275221 10.0.43.18            10.0.43.182          
GTP      Data record transfer request

Frame 305: 437 bytes on wire (3496 bits), 437 bytes captured (3496 bits)
Ethernet II, Src: Cisco_4d:97:ec (00:23:33:4d:97:ec), Dst: D-Link_a7:95:c3
(00:1e:58:a7:95:c3)
Internet Protocol Version 4, Src: 10.0.43.18 (10.0.43.18), Dst: 10.0.43.182
(10.0.43.182)
User Datagram Protocol, Src Port: 6000 (6000), Dst Port: 6666 (6666)
GPRS Tunneling Protocol
    Flags: 0x0f
    Message Type: Data record transfer request (0xf0)
    Length: 389
    Sequence number: 0x04e3
    Packet transfer command: Send data record packet (1)
    Data record packet
        Length: 384
        Number of data records: 4
        Data record format: 49 Proprietary or un documented format

Which looks ok.

Packet-gtp.c register
register_dissector_table("gtp.cdr_fmt", "GTP DATA RECORD TYPE", FT_UINT16,
BASE_DEC);

You coud register in this table for data record type 49(which could be a
preference) by doing
dissector_add_uint("gtp.cdr_fmt", 49, proto_hsndle_foo);
proto_habdle_foo beeing the handle of your dissector.

Hmm looking at the GTP code that might currently not work but should be fixed
in the GTP dissector.
Regards
Anders

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.