Ask Your Question

Anders's profile - activity

2021-02-28 13:19:23 +0000 edited answer Add vsa defination for pfcp packet without compiling wireshark?

No, C code must be added. The development version should be very up to date.

2021-02-28 13:18:50 +0000 edited answer Add vsa defination for pfcp packet without compiling wireshark?

No, code must be added. The development version should be very up to date.

2021-02-27 21:24:19 +0000 commented answer Add vsa defination for pfcp packet without compiling wireshark?

Read the answer

2021-02-26 22:01:23 +0000 received badge  Rapid Responder (source)
2021-02-26 22:01:23 +0000 answered a question Add vsa defination for pfcp packet without compiling wireshark?

No code must be added. The development version should be very up to date.

2021-02-26 22:01:19 +0000 answered a question Add vsa defination for pfcp packet without compiling wireshark?

No code must be added. The development version should be very up to date.

2021-02-26 22:01:19 +0000 received badge  Rapid Responder (source)
2021-02-21 20:53:07 +0000 commented question what is padding?

Padding often refers to the number of bits or bytes added to make up an even number of bits or bytes normally set to zer

2021-02-21 17:50:50 +0000 commented question wireshark is not showing http nor https for a specific IP

When you browse locally the packets are probably routed to the application before seen by the capturing mechanism.

2021-02-19 16:00:22 +0000 commented question MAP Global Operation Code doesn't decoded in wireshark

In frame 3 it is correct.

2021-02-19 15:59:03 +0000 commented question MAP Global Operation Code doesn't decoded in wireshark

Hi, I think this has been up before, the application is sending it as an global value when it should be a local value. S

2021-02-19 15:55:40 +0000 commented question How to understand "DPNSS/DASS2-User Adaptation Layer"

https://www.iana.org/assignments/sctp-parameters/sctp-parameters.xhtml#sctp-parameters-25 see value 10

2021-02-18 13:11:15 +0000 commented question MAP Global Operation Code doesn't decoded in wireshark

There is not enough information here to do any thing. Can you post a link to a pcap or at least state whic OP code.

2021-02-18 12:08:33 +0000 commented question How to understand "DPNSS/DASS2-User Adaptation Layer"

Are you sure it's DUA over SCTP? Not something else using that ppid?

2021-02-15 09:07:37 +0000 commented question AllJoyn TCP traffic not being dissected

Looks like the dissector has preferences to set the TCP Message and Server port if that helps.

2021-02-09 20:35:55 +0000 commented answer Incoherence between ASN.1 and BER on gsm_map

I think that if you run asn2wrs.py -b -c ./gsm_map.cnf -s ./packet-gsm_map-template -D . -O ../.. ../ros/Remote-Operati

2021-02-09 20:34:55 +0000 commented answer Incoherence between ASN.1 and BER on gsm_map

I think that if you run asn2wrs.py -b -c ./gsm_map.cnf -s ./packet-gsm_map-template -D . -O ../.. ../ros/Remote-Operatio

2021-02-06 20:33:35 +0000 commented answer Incoherence between ASN.1 and BER on gsm_map

I'm not sure how to do it on Linux, will have to look it up. But at the top of the generated file is the command used to

2021-02-06 07:33:52 +0000 commented answer Incoherence between ASN.1 and BER on gsm_map

Hi, On what os is this? You are a where your map implementation are not standard compliant? Regards Anders

2021-01-29 12:11:04 +0000 commented answer Incoherence between ASN.1 and BER on gsm_map

Hi, You need the wireshark sources and set up a build environment then modify the asn1 files here the regenerate the gsm

2021-01-29 09:55:56 +0000 received badge  Rapid Responder (source)
2021-01-29 09:55:56 +0000 answered a question Incoherence between ASN.1 and BER on gsm_map

Hi, That looks like propritarry changes not following the 3GPP standard. You would have to recomple packet-gsm_a.c using

2021-01-28 13:47:52 +0000 commented answer how to find 3GPP spec version that Wireshark compliant?

As an example 3GPP TS 38.413 V16.3.0 (2020-09) https://gitlab.com/wireshark/wireshark/-/blob/v3.4.0/epan/dissectors/asn

2021-01-28 07:47:31 +0000 received badge  Rapid Responder (source)
2021-01-28 07:47:31 +0000 answered a question how to find 3GPP spec version that Wireshark compliant?

Unfortunately you will have to look in the sources to find out and for the hand written disectors that information may n

2021-01-28 07:47:26 +0000 received badge  Rapid Responder (source)
2021-01-28 07:47:26 +0000 answered a question how to find 3GPP spec version that Wireshark compliant?

Unfortunately you will have to look in the sources to find out and for the hand written disectors that information may n

2021-01-26 12:33:31 +0000 commented question RTP - Display Lost Packets IO Graph + Sort question

If you are trying to look a packet loss on a hevy loaded interface handling media traffic chanses are that it's the capt

2020-12-18 10:18:38 +0000 commented question is it possible to decrypt the BT mesh packets that device key encrypted

What version of Wireshark are you running? I think 3.4 has some improved decryption support.

2020-12-15 14:21:42 +0000 commented answer How to change hosts file address mappings?

I have the hosts file under C:\Users\"myuser"\AppData\Roaming\Wireshark

2020-12-10 08:22:32 +0000 received badge  Rapid Responder (source)
2020-12-10 08:22:32 +0000 answered a question H323 Message Parse

Hi, I'm not sure I understand, if you look at Setup-UUIE ::= SEQUENCE { protocolIdentifier ProtocolIdent

2020-12-04 14:48:45 +0000 received badge  Rapid Responder (source)
2020-12-04 14:48:45 +0000 answered a question Decoding NAS-5GS with 5G-EA0

Hi, Works for me on a development version, have you checked the protocol preferences, there is setting there for EA0 alg

2020-12-03 13:39:03 +0000 commented answer which qt rpms to install for building wireshark 3.2.6

You can get a list of the rpms from this script tools/rpm-setup.sh Note that you may get problems with cmake and other p

2020-11-23 12:06:58 +0000 answered a question How wireshark decodes RTP packets from UDP

TCP and UDP protocols are dissected based on port or heuristics. In your case you can do "Decode as" and select RTP to d

2020-11-23 12:06:58 +0000 received badge  Rapid Responder (source)
2020-11-10 16:38:16 +0000 commented question TShark command to decode WSMP?

What version of Wireshark and what version of Tshark are you using? I suspect https://code.wireshark.org/review/29982 i

2020-11-05 08:23:59 +0000 commented question how to define hf_register_info in dissector

Hi, If the var are used to store integers of various sizes add 2 hfs 16 and 32 bits then use proto_tree_add_bits_item()

2020-10-30 22:12:45 +0000 commented answer How to deprecate a dissector

Consider the two extremes no protocols ensbled vs all protocols enabled. In the first case you would have to have enogh

2020-10-06 07:45:49 +0000 commented answer tshark crashes: reading large packet captures via lua_script

Hi, I'm no user of LUA but in folder wslua/wslua_listener.c and epan/tap.c perhaps.

2020-09-10 09:08:18 +0000 commented question MCPTT SDP doesn't decoded

Hi, You can try a developers build from this location https://www.wireshark.org/download/automated/win64/ In an hours t

2020-09-09 19:57:03 +0000 commented question MCPTT SDP doesn't decoded

I think it's a wireshark bug, 3gpp ts 24.581 has an fmtp example. A nug should be raised with the packet as an enclosure

2020-09-09 14:42:53 +0000 commented question MCPTT SDP doesn't decoded

Hi, Without looking at the SDP RFC or Wireshark code I think Wireshark expects a numeral (Dynamic payload) as the first

2020-08-28 12:32:52 +0000 commented answer Decoding Dynamic Payloads.

H.264 is a video codec, not playable with audio players.

2020-08-26 13:23:27 +0000 commented question How to decode RTPtype 96 and RTPtype 97 Payload in Wireshark??

Hi, RTPtype 96 and Payloadtype 96 are the same thing. Payload types < 96 has a fixed meaning(codec) attached to them

2020-08-26 08:08:48 +0000 commented question What is the meaning of final data frame

Hi, You are not giving enough context but I'm guessing you are reading a tutorial. Put put it very brief if and simple;

2020-08-24 12:48:05 +0000 answered a question supressing Configuring-wireshark-common in ubuntu

From here sudo apt-get install wireshark -y

2020-08-24 12:48:05 +0000 received badge  Rapid Responder (source)
2020-08-13 15:57:48 +0000 commented question HTTP2 stream and data not decoded

Hi, The development version of wireshsark has a solution implemented which fixes most problems.