Wireshark-users: Re: [Wireshark-users] Wish to Decode MTP2 message encapsulated inside UDP header
Hi,
if you have a hexdump you can use text2pcap and convert it
to a pcap file which is readable by Wireshark. It will show
the MTP2 packets...
Best regards
Michael
On Dec 26, 2008, at 9:15 PM, Satish Chandra wrote:
Hi,
I have got a mtp2 hex dump. I have written a trivial client/server
program and running both on my system. I am passing this mtp2 hex
dump on the udp socket using the client program. I use wireshark to
capture the packet on my ethernet card. So, in this way, complete
mtp2 message gets encapsulated inside an UDP packet. Wireshark is
able to capture the UDP packet but not able to decode it. It shows
the complete mtp2 packet as Data. I tried the same for SCTP packets
and it was successfully decoded.
I also tried adding the following code to packet-mtp2.c file:
dissector_add("udp.port", 2906, mtp2_handle); /* 2906 is
an arbitrary port */
compiled again, but still no success.
Although dissectors of both the protocols are present, I think, I
just need to some how invoke mtp2 dissector after UDP dissector.
Can anyone help me please.
Thanks Regards,
Satish Chandra
On Fri, Dec 26, 2008 at 9:24 PM, Abhik Sarkar
<sarkar.abhik@xxxxxxxxx> wrote:
Hi Satish,
Is the entire MTP2 packet encapsulated in a UDP datagram as it is?
What is the source of this UDP data stream? Just in case you are using
the Cisco paklog functionality, you need to Decode As syslog and try.
HTH
Abhik.
On Fri, Dec 26, 2008 at 7:34 PM, Satish Chandra
<satishchandra.lko@xxxxxxxxx> wrote:
> Hi,
>
> I wish to decode a MTP2 message which is encapsulated with UDP
header, but
> wireshark shows the complete message as Data and doesn't decodes it.
>
> I tried to use the "Decode As" option but was surprised to see
that MTP2 was
> missing from the list for UDP message.
>
> Can anyone help me with this. If it is not possible via
configuration, can I
> modify the dissector code of UDP or MTP2 so that MTP2 packets
inside UDP
> header are dissected. Where can I find the source code of UDP and
MTP2
> protocol dissectors for wireshark?
>
> --
> Thanks Regards,
> Satish Chandra
>
>
___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx
>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx
>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
--
Thanks Regards,
Satish Chandra
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx
>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
