Wireshark mailing list archives

Re: wireshark crashes after adding preferencecodeto my

From: Martin Mathieson <martin.r.mathieson () googlemail com>
Date: Mon, 31 Jan 2011 00:43:37 +0000

On Sun, Jan 30, 2011 at 1:15 PM, Yosi Saggi <yosis () designartnetworks com>wrote:

Hi Martin



I am going over the mac_lte_info struct, and wanted to know if you can help
me with the msain parameters I see I need to input to decode.

Most of the parameters I understand and can fill in the 2 of the top 3 I
don’t understand:

   guint8          radioType;

   guint8          rntiType;

Your follow-up email said you now understand how to fill these fields in.



Direction is obvious.

What does the “radioType” stand for? I looked for some reference in the
standard, but I guess I just don’t know what to look for.

What does “rntiType” stands for? Is it referring to SI-RNTI, RA-RNTI and
C-RNTI?



I am also not sure about the isPredefinedData, reTxcount, dl_retx and
oob_event parameters.


I have just committed a change to packet-mac-lte.h that hopefully gives
clear descriptions of how these fields work.
Basically if the struct is zeroed (as se_alloc0() does) and you only fill in
the parts you want to the rest should be ignored.
See http://anonsvn.wireshark.org/viewvc?view=rev&revision=35715 for my
changes.  Please note that the 1.4 branch is quite far from being up to date
with the LTE protocols so the trunk is much more up-to-date.

Is there a capture sample for the LTE that I can see how the dissector
works?

I will try to dig out a simple test file for you tomorrow.

I do not use catapult-dct-2000. Also the LTE packets I am capturing are not
over UDP.

My dissector is between PHY and MAC. I get Ethernet packets with type FFFF
and dissect them with our proprietary API. I have no problem with my own
API, the problem is when I’m getting to the MAC level (to the PHY data
level). This is why I want to use the MAC, RLC,PDCP dissectors. I just don’t
understand what do those parameters in the struct mean so I could fill them
up.


I'm imagining that your own dissector is registered with ethertype FFFF, and
then you then parse some parameters from the start of each frame before you
come to the MAC payload.  And that those parameters include enough of
mac_lte_info to get useful decodes.  Do let me know if any fields are still
unclear.  Since my company's (test) product has been the first user, the
fields available are probably a bit biased towards the UE side of the link
and the way we happen to log them.  But there are now other users of the UDP
framing method and the more people using the dissectors (and hopefully
helping to improve them) the better (and more generally useful) they'll be.

Thanks for the help



Yosi


Best regards,
Martin



*From:* wireshark-dev-bounces () wireshark org [mailto:
wireshark-dev-bounces () wireshark org] *On Behalf Of *Martin Mathieson
*Sent:* Thursday, January 27, 2011 6:31 PM

*To:* Developer support list for Wireshark
*Subject:* Re: [Wireshark-dev] wireshark crashes after adding
preferencecodeto my



Hi Yosi

On Thu, Jan 27, 2011 at 3:37 PM, Yosi Saggi <yosis () designartnetworks com>
wrote:

When I call the “mac-lte” dissector I get this message:

"Can't dissect LTE MAC frame because no per-frame info was attached!"



You need to create a struct of type mac_lte_info (see packet-mac-lte.h),
fill in at least some of the details, and attach it to the frame using
p_add_proto_data.

There are 2 examples of this:
- attach_mac_lte_info() in packet-catapult-dct2000.c (which I guess you're
not using)
- dissect_mac_lte_heur() in packet-mac-lte.c.  This is enabled by turning
on a preference "Try heurisitc LTE-MAC over UDP framing".  See the wiki page
for a link to an example program that sends these frames


I don’t know what info do I need to add to the “pinfo” so it would work.

If you can help me in this point I will be very grateful.



I tried to send to the “mac-lte” dissector the buffer that contains only
the MAC data (including the headers of course and all that comes with it
(RLC, PDCP and finally IP data).




The dissector needs the context that comes from the mac_lte_info struct to
decode the frame properly.  Some of the parameters are optional but useful
for troubleshooting.  By setting preferences appropriately you can decode
all the way up to RRC or IP, and there are stats (from the Telephony menu)
for MAC and RLC which I use almost every day.

If you have the fields that go into mac_lte_info in a different format
(from the existing heuristic header), you could write a simple dissector
that just parsed out the header, filled in the struct and called the mac_lte
dissector with the payload.

Best regards,
Martin

Any help will be great.



Yosi



*From:* wireshark-dev-bounces () wireshark org [mailto:
wireshark-dev-bounces () wireshark org] *On Behalf Of *Martin Mathieson
*Sent:* Wednesday, January 26, 2011 12:44 PM


*To:* Developer support list for Wireshark
*Subject:* Re: [Wireshark-dev] wireshark crashes after adding preference
codeto my



I can't see anything immediately wrong with this.  I assume your prefs
variables (global_dan_lte_sdk_dissect_MAC and
global_dan_lte_sdk_dissect_RLC) are gbooleans with file scope?



I'm wondering why the existing LTE MAC dissector isn't suitable, or can't
be made to work with your frames?

Regards,
Martin

On Wed, Jan 26, 2011 at 10:07 AM, Yosi Saggi <yosis () designartnetworks com>
wrote:

Hi

I wanted to add some options in the preference window for my dissector.
This is the code I have added to the “proto_register” function:



module_t *dan_lte_sdk_module;



proto_dan_lte_sdk = proto_register_protocol ("DAN LTE SDK Protocol", "Dan
LTE SDK", "dan_lte_sdk");



register_init_routine(dan_defragment_init);



proto_register_field_array (proto_dan_lte_sdk, hf, array_length (hf));

proto_register_subtree_array (ett, array_length (ett));

register_dissector("dan_lte_sdk", dissect_dan_lte_sdk, proto_dan_lte_sdk);



dan_lte_sdk_module = prefs_register_protocol(proto_dan_lte_sdk, NULL);



prefs_register_bool_preference(dan_lte_sdk_module, "Dissect_MAC_Payload",

                               "Dissect MAC Layer from Data Payload",

                               "In Uplink and Downlink data packets,
dissect MAC heaser layer "

                               "Disabling MAC dissection will disable RLC
dissection automaticly",

                               &global_dan_lte_sdk_dissect_MAC);



prefs_register_bool_preference(dan_lte_sdk_module, "Dissect_RLC_Payload",

                               "Dissect RLC Layer from Data Payload",

                               "In Uplink and Downlink data packets,
dissect RLC heaser layer ",

                               &global_dan_lte_sdk_dissect_RLC);



It works fine until I add those two (even one of them)
 "prefs_register_bool_preference" functions. What did I do wrong?

I get a "Runtime Error!" for wireshark.exe Removing those function fixes
 it back.



Thanks

      Yosi


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe




___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

wireshark crashes after adding preference code to my Yosi Saggi (Jan 26)
- Re: wireshark crashes after adding preference code to my Martin Mathieson (Jan 26)
  - Re: wireshark crashes after adding preference codeto my Yosi Saggi (Jan 27)
    - Re: wireshark crashes after adding preference codeto my Martin Mathieson (Jan 27)
    - Re: wireshark crashes after adding preferencecodeto my Yosi Saggi (Jan 30)
    - Re: wireshark crashes after adding preferencecodeto my Martin Mathieson (Jan 30)
    - Re: wireshark crashes after adding preferencecodeto my Yosi Saggi (Jan 30)
- Re: wireshark crashes after adding preference code to my Jeff Morriss (Jan 26)
  - Re: wireshark crashes after adding preference code to my Yosi Saggi (Jan 26)
    - Re: wireshark crashes after adding preference code to my Jeff Morriss (Jan 27)
  - Re: wireshark crashes after adding preference code to my Jaap Keuter (Jan 26)
    - Re: wireshark crashes after adding preference code to my Jaap Keuter (Jan 26)