Wireshark-users: Re: [Wireshark-users] 5G NR-RRC dissector issue
From: Anders Broman <anders.broman@xxxxxxxxxxxx>
Date: Fri, 25 Oct 2019 07:33:34 +0000

Hi,

The NR-RRC messages has to be dissected by calling dissector by name. Currently “MIB” is not handled but I have amended the code to expose it.

Instead of building a UDP packet with the MIB Octets as data you can create an “Exported PDU” by using text2pcap

text2pcap.exe -l 252 MIB.txt mib.pcapng

 

The code change can be followed here https://code.wireshark.org/review/#/c/34852/

Dissection result:

Regards

Anders

 

 

From: Wireshark-users <wireshark-users-bounces@xxxxxxxxxxxxx> On Behalf Of Keval Malde
Sent: den 25 oktober 2019 04:24
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-users] 5G NR-RRC dissector issue

 

No In wireshark there is no such seperate NR RRC over UDP option. But then if not UDP then how am I supposed to send and receive packet ?

 

On Fri, 25 Oct, 2019, 2:05 AM Guy Harris, <guy@xxxxxxxxxxxx> wrote:

On Oct 24, 2019, at 11:29 AM, Keval Malde <kevalmalde@xxxxxxxxxxxxx> wrote:

> I am trying to dissect 5G NR RRC MIB paket but it is not working, any possible help would be appreciated. Please find the attachment below.

What is the payload of that UDP packet supposed to be?

Is there some "NR RRC over UDP protocol" being used?
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

[

text2pcap.exe -l 252 MIB.txt mib.pcapng
0000   00 0c 00 18 6e 72 2d 72 72 63 2e 6d 69 62 00 00        nr-rrc.mib
0010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0020   6e 72 2d 72 72 63 00 00 00 05 00 01 06 f2 d4

Attachment: mib.pcapng
Description: Binary data

Attachment: smime.p7s
Description: S/MIME cryptographic signature