wireshark, viewing Abis communication

[Harald Welte]

On Wed, Jul 15, 2009 at 11:06:48AM +0200, Eric Cathelinaud wrote:
> 2009/7/10 Harald Welte <laforge at gnumonks.org>
> 
> > On Fri, Jul 10, 2009 at 12:29:47PM +0200, Eric Cathelinaud wrote:
> > > Well i still have sometimes this error message. I have it when I attach a
> > > mobile on the network.
> > > I saw 2 "unknow" packets comes from the Remote Network to the Remote User
> > > during the attach process. Their size are quite small.
> > > I join in attached file a screen of my results.
> >
> > it would help if you can put the pcap file (with at least one good and one
> > 'bad' packet) somewhere online or even send it to the list (if its small
> > and you only select a couple of packets, you can attach it).
> >
> > --
> > - Harald Welte <laforge at gnumonks.org>
> > http://laforge.gnumonks.org/
> >
> > ============================================================================
> > "Privacy in residential applications is a desirable marketing option."
> >                                                  (ETSI EN 300 175-7 Ch. A6)
> >
> 
> 
> In the attached file there are 5 malformed packets and 2 unknow packets.

just to make it clear: this pcap was generated using bsc_hack's pcap option,
correct?  it seems like sometimes we write truncated packets to that file.

There is a different method, using mISDN's debug tool (see
http://www.misdn.org/index.php/Debugtool).  I think if somebody can confirm
this method works, i.e. use mISDNdebugtool to write a 'dumpfile' and then open
that with wireshark, then we can actually remove the pcap code from OpenBSC
altogether.

Would you mind trying that method and report if you still see broken/unknown
packets?

Thanks!
-- 
- Harald Welte <laforge at gnumonks.org>           http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
                                                  (ETSI EN 300 175-7 Ch. A6)