Wireshark mailing list archives
Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE)
From: Pascal Quantin <pascal.quantin () gmail com>
Date: Fri, 18 Feb 2011 13:24:49 +0100
Hi, 2011/2/18 Anders Broman <anders.broman () ericsson com>
Hi, WS does not crash for me Version 1.5.1 (SVN Rev 35978 from /trunk) it's malformed. I can see that the packet is ony byte short compared with the text version. Probably a fault in text2pcap. You can try the new feature to import text imput from the GUI File->import. text2pacap might work better if you have the trailing ... there , like 0000 07 41 71 08 29 26 08 30 00 00 00 04 05 80 c0 00 .Aq.)&.0........ 0010 00 00 00 04 02 01 d0 .......
The crash is due to the capital letters (NAS-EPS instead of nas-eps) in the DLT_USER configuration (at least it is how it behaves on my linux machine). Regards, Pascal.
Or add an extra 00 I've included the fixed .pcap Regards Anders ------------------------------ *From:* Karl-Heinz ECKSTEIN [mailto:karl-heinz.eckstein () stericsson com] *Sent:* den 18 februari 2011 11:17 *To:* Developer support list for Wireshark *Cc:* Vincent HELFRE ; Anders Broman; Fatih ARDIC ; Karl-Heinz ECKSTEIN *Subject:* RE: [Wireshark-dev] Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Hello Vincent, Hello Anders, It looks like we all have a common mother! J Interesting! Many thanks for your hints! Right now have the problem, that we receive a crash on wireshark, when we open the pcap file including one NAS-EPS(LTE) message. The error message tells us: “Runtime Error! – Program: C:\Program Files\Wireshark\wireshark.exe – This application has requested the Runtime to terminate it in an unusual way. Please contact the application support team for more information.” What we have done before? We “captured” a NAS (LTE) message outside of wireshark. This message was just extracted from a trace line, we receive from LTE platform (UE). This NAS message is expected to be correct. Then we translated this text line (adding a ‘000000’ in front of the NAS message) to pcap format. We use the command: "c:\Program Files\Wireshark\text2pcap.exe" -l 147 NAS_message_test_6.txt NAS_message_test_6.pcap We use a preference setup for the User 0 (DLT-147) and reference to protocol NAS-EPS in wireshark. (User 0 (DLT=147), NAS-EPS,0,””’,0,”” When we start wireshark, we crash. Do we something wrong, or could it be an error? Many thanks! Best regards *Karl Heinz Eckstein* *From:* wireshark-dev-bounces () wireshark org [mailto: wireshark-dev-bounces () wireshark org] *On Behalf Of *Anders Broman *Sent:* Donnerstag, 17. Februar 2011 18:45 *To:* Developer support list for Wireshark *Subject:* Re: [Wireshark-dev] Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Hi, Both the NAS-EPS dissector and the LTE-RRC dissector are fairly well updated however you need to call them by using a User DLT or something like that. Regards Anders ------------------------------ *From:* wireshark-dev-bounces () wireshark org [mailto: wireshark-dev-bounces () wireshark org] *On Behalf Of *Karl-Heinz ECKSTEIN *Sent:* den 17 februari 2011 18:00 *To:* wireshark-dev () wireshark org *Subject:* [Wireshark-dev] Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Hello, May I ask, which status is applicable on ASN.1, especially dissector of RRC and NAS-EPS. I’m asking, because I’m trying to dissector a pcap file, which I had generated via text2pcap from a LTE NAS message. The NAS message is not “decoded”/dissectored by wireshark in my example. But NAS-EPS is available in Filters but not in preferences. I’m using latest 1.5.1 build. Many thanks for any help about this. Best regards *Karl Heinz Eckstein* ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Karl-Heinz ECKSTEIN (Feb 17)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Anders Broman (Feb 17)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Karl-Heinz ECKSTEIN (Feb 18)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Pascal Quantin (Feb 18)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Anders Broman (Feb 18)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Pascal Quantin (Feb 18)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Karl-Heinz ECKSTEIN (Feb 18)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Guy Harris (Feb 18)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Karl-Heinz ECKSTEIN (Feb 18)
- Re: Staus of ASN.1 dissectors - RRC and NAS-EPS (for LTE) Anders Broman (Feb 17)