Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: R13 S1AP message "Reroute NAS Request" is not decoding completely using 2.3.0

From: Sabyasachi Samal <sabyasachisamal () gmail com>
Date: Mon, 17 Apr 2017 18:04:05 +0530
Thanks a lot Pascal for the quick response. I will check at my end.

Regards,
Sabyasachi

On Mon, Apr 17, 2017 at 4:30 PM, Pascal Quantin <pascal.quantin () gmail com>
wrote:


Hi Sabyasachi,

2017-04-17 12:03 GMT+02:00 Sabyasachi Samal <sabyasachisamal () gmail com>:


Dear Pascal,
It decodes upto S1-Message using the fix. But the mandatory parameter
"MME Group ID" is not decoded. Please have a look.
[image: Inline image 1]



This is because of a PER encoding error. The RerouteNASRequest IE
indicates only 3 sub IEs instead of 4 (value 0x03 at offset 6 since the
beginning of the S1AP message). If you replace it with 4 (as seen in the
attached pcap), you get the MME Group IE.
So it must be fixed on your side.

Best regards,
Pascal.



Regards,
Sabyasachi

On Fri, Mar 17, 2017 at 10:46 PM, Pascal Quantin <
pascal.quantin () gmail com> wrote:




2017-03-17 17:48 GMT+01:00 Pascal Quantin <pascal.quantin () gmail com>:


Hi Sabyasachi,

2017-03-17 17:36 GMT+01:00 Sabyasachi Samal <sabyasachisamal () gmail com>
:


Hi Anders,
Thanks for the response. I am using the message structure of TS 36.413
v13.3.0 and wireshark development version Version 2.3.0-2658-gfe285c6
(v2.3.0rc0-2658-gfe285c6). I do not know the process of filling a ticket
for wireshark. Attaching the trace here so that you guys can help.[image:
Inline image 1]



Wireshark tries to decode the S1-Message element as a UE Initial
Message PDU, and not as a S1AP message PDU. It means that the decoding is
shifted by a few bits, leading to a wrong decoding. I'm gonna fix this.



Fix under review here: https://code.wireshark.org/review/#/c/20595/

Regards,
Pascal.





On Thu, Mar 16, 2017 at 2:49 PM, Anders Broman <
anders.broman () ericsson com> wrote:


Hi,

The S1AP dissector in trunk is based on TS 36.413 V13.5.0 (2016-12)
so I guess it should decode the message.

The best is to raise a bug attaching a trace with the RerouteNASRequest
message and describe what is not dissected correctly.

Regards

Anders



*From:* wireshark-users-bounces () wireshark org [mailto:
wireshark-users-bounces () wireshark org] *On Behalf Of *Sabyasachi
Samal
*Sent:* den 16 mars 2017 10:11
*To:* Community support list for Wireshark <
wireshark-users () wireshark org>
*Subject:* [Wireshark-users] R13 S1AP message "Reroute NAS Request"
is not decoding completely using 2.3.0



Hi,

R13 baseline S1AP message "RerouteNASRequest" is not decoding
completely using 2.3.0. Can anyone suggest how to proceed on this or is
there any plan supporting this.



--

Regards,
Sabyasachi

____________________________________________________________
_______________
Sent via:    Wireshark-users mailing list <
wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mail
man/options/wireshark-users
             mailto:wireshark-users-request () wireshark org
?subject=unsubscribe





--
Regards,
Sabyasachi

____________________________________________________________
_______________
Sent via:    Wireshark-users mailing list <
wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org
?subject=unsubscribe






____________________________________________________________
_______________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org



Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubs
cribe





--
Regards,
Sabyasachi

____________________________________________________________
_______________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubs
cribe




____________________________________________________________
_______________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=
unsubscribe





-- 
Regards,
Sabyasachi


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: