Wireshark-bugs: [Wireshark-bugs] [Bug 7188] New: RUDP Cisco SM v.1 dissector problem
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Tue, 24 Apr 2012 00:24:34 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7188

           Summary: RUDP Cisco SM v.1 dissector problem
           Product: Wireshark
           Version: 1.6.7
          Platform: x86-64
        OS/Version: Windows 7
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: ars_m12@xxxxxxx


Created attachment 8307
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=8307
RUDP CiscoSM (BSM V1: ISDN PRI)

Build Information:
Version 1.6.7 (SVN Rev 41973 from /trunk-1.6)
--
Hello, team! I use Wireshark for viewing Cisco's SLT RUDP/BSMV0 (Backhaul
session Manager Version 0) used for SS7 ISUP/MTP3 management backhaul. But
Cisco also uses another flavor of RUDP/SM stack called BSM V1 (version 1 versus
Version 0 used for SS7). It used at place where IUA should be used namely for
backhauling ISDN PRI from Media Gateway to Media Gateway Controller.


My changes in dissector "packet-cisco-sm.c":

#define SM_PROTOCOL_X004 0x0004


        /* start case RUDP BSM v.1
---------------------------------------------------------- */
        case SM_PROTOCOL_X004:
            if (!tree)
                return;

            proto_tree_add_item(sm_tree, hf_sm_msg_id, tvb, offset, 2, FALSE);
            offset = offset +2;
            msg_type = tvb_get_ntohs(tvb,offset);
            proto_tree_add_uint_format(sm_tree, hf_sm_msg_type, tvb, offset, 2,
msg_type,
                "Message type: %s (0x%0x)", val_to_str(msg_type,
sm_pdu_type_value, "reserved"),
                msg_type);
            msg_type = tvb_get_ntohs(tvb,offset);
            offset = offset + 2;
            proto_tree_add_item(sm_tree, hf_sm_channel, tvb, offset, 2, FALSE);
            offset = offset + 2;
            proto_tree_add_item(sm_tree, hf_sm_bearer, tvb, offset, 2, FALSE);
            offset = offset +2;
            proto_tree_add_item(sm_tree, hf_sm_len, tvb, offset, 2, FALSE);
            length = tvb_get_ntohs(tvb,offset);
            offset = offset +2;
            proto_item_set_len(ti, 16);

            if (length > 0) {
                next_tvb = tvb_new_subset(tvb, offset, length, length);

                if ((msg_type == PDU_MTP3_TO_SLT || msg_type ==
PDU_MTP3_FROM_SLT)) {
                    call_dissector(q931_handle, next_tvb, pinfo, tree);
                } else {
                    call_dissector(data_handle, next_tvb, pinfo, tree);
                }
            }

            break;
        /* end case RUDP BSM v.1
---------------------------------------------------------- */


void
proto_reg_handoff_sm(void)
{
    sdp_handle  = find_dissector("sdp");
    mtp3_handle = find_dissector("mtp3");
    q931_handle = find_dissector("q931");
    data_handle = find_dissector("data");
}


Now i see Q.931 messages in wireshark window.

When click at Telephony/VoIP Calls i see nothing.
Wneh click at Statistics/Flow_Graph i see "Cisco SM Packet..."
How can i see Q.931 Flow?

tcpdump in attachment.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.