Hello community, I'm using tshark to decode on the fly the SMPP protocol, e.g.:
tshark -i any -V -Y smpp
This will show, in real time, every single SMPP packet, e.g.
Short Message Peer to Peer, Command: Submit_sm, Seq: 8475778, Len: 215
Length: 215
Operation: Submit_sm (0x00000004)
Sequence #: 8475778
Service type: (Default)
Type of number (originator): Alphanumeric (0x05)
Numbering plan indicator (originator): Unknown (0x00)
Originator address: \123\110\123\123\123aaa\123
Type of number (recipient): Unknown (0x00)
Numbering plan indicator (recipient): ISDN (E163/E164) (0x01)
Recipient address: 44123456789
.... ..00 = Messaging mode: Default SMSC mode (0x00)
..00 00.. = Message type: Default message type (0x00)
00.. .... = GSM features: No specific features selected (0x00)
Protocol id.: 0x43
Is there a way to grep specific fields and output only these? I tried with:
tshark -i any -V -Y smpp | grep 'Operation|Type of number|Numbering plan indicator|Recipient address'
But it doesn't work. I tried also with:
tshark -i any -V -Y smpp -T fields -e 'smpp.dest_addr_ton' -e 'smpp.destination_addr'
But this will output only the value and I would like to output something like;
Type of number (recipient): Unknown (0x00)
Numbering plan indicator (recipient): ISDN (E163/E164) (0x01)
Recipient address: 44123456789
Could someone advice? Thank you, Lucas