Ask Your Question
0

Asterix Dissector not Triggering on data generated by ScanViewer

asked 2023-06-07 16:15:06 +0000

GeorgeZ gravatar image

Hello everyone!

I have a simulator called ScanViewer which generates Asterix CAT240 data for me. Unfortunately, the data packets aren't triggering the Asterix dissector so it's hard for me to analyse the data.

I manually checked a packet and it wasn't much different from a packet found within a stream I downloaded from the web. The packets are registered with a faulty checksum value, so I'm wondering if that could be the source of the issue.

Did anyone else come across this issue?

edit retag flag offensive close merge delete

Comments

Can you share a capture file on a public file share and update the question with a link to it.

Chuckc gravatar imageChuckc ( 2023-06-07 16:57:50 +0000 )edit

What @Chuckc said. Also, does this traffic flow on UDP port 8600? or did you change the preference for that? Do the packets adhere to the format: 1 octet Category, 2 octets Length, followed by n records?

Jaap gravatar imageJaap ( 2023-06-07 17:28:28 +0000 )edit

Morning! Here's is a set of sample packets: Google Drive link Please tell me if you spot something in the way that the packets are getting sent.

GeorgeZ gravatar imageGeorgeZ ( 2023-06-08 09:45:36 +0000 )edit

Can you make the file public?

Chuckc gravatar imageChuckc ( 2023-06-08 09:51:16 +0000 )edit

So sorry! Try now

GeorgeZ gravatar imageGeorgeZ ( 2023-06-08 09:58:26 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2023-06-08 10:36:14 +0000

Chuckc gravatar image

updated 2023-06-08 13:00:49 +0000

What @Jaap said. Add 5800 and 2563 to the Asterix UDP port(s):

Edit->Preferences...->Protocols->Asterix
UDP port(s): 8600,5800,2563

image description

edit flag offensive delete link more

Comments

Thank you both of you! What is the reason behind the solution? Why would the port affect dissection?

GeorgeZ gravatar imageGeorgeZ ( 2023-06-08 12:53:55 +0000 )edit

To let the UDP dissector know that if it sees traffic on one of the Asterix ports, call that dissector.

View -> Internals -> Dissector Tables
Integer Tables -> UDP port

(See the screen shot in answer above)

Chuckc gravatar imageChuckc ( 2023-06-08 13:00:16 +0000 )edit

I see now, thank you!

GeorgeZ gravatar imageGeorgeZ ( 2023-06-08 13:03:46 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2023-06-07 16:15:06 +0000

Seen: 754 times

Last updated: Jun 08 '23