Hi, All:
I try to use libwireshark (version is 2.0.2) to parsed 61850 MMS data packet,
but get the message " Dissector is not available", below is the output:
======================================
itemname: tpkt, TPKT, Version: 3, Length: 66
itemname: tpkt.version, Version: 3
itemname: tpkt.reserved, Reserved: 0
itemname: tpkt.length, Length: 66
itemname: cotp, ISO 8073/X.224 COTP Connection-Oriented Transport Protocol
itemname: cotp.li, Length: 2
itemname: cotp.type, PDU Type: DT Data (0x0f)
itemname: cotp.destref, Destination reference: 0x0000
itemname: cotp.tpdu-number, .000 0000 = TPDU number: 0x00
itemname: cotp.eot, 1... .... = Last data unit: Yes
itemname: ses, ISO 8327-1 OSI Session Protocol
itemname: ses.type, SPDU Type: Give tokens PDU (1)
itemname: ses.length, Length: 0
itemname: ses, ISO 8327-1 OSI Session Protocol
itemname: ses.type, SPDU Type: DATA TRANSFER (DT) SPDU (1)
itemname: ses.length, Length: 0
itemname: pres, ISO 8823 OSI Presentation Protocol
itemname: pres.user_data, user-data: fully-encoded-data (1)
itemname: pres.fully_encoded_data, fully-encoded-data: 1 item
itemname: pres.PDV_list_element, PDV-list
itemname: pres.presentation_context_identifier,
presentation-context-identifier: 3
itemname: pres.presentation_data_values,
presentation-data-values: single-ASN1-type (0)
itemname: text, Dissector is not available
itemname: _ws.expert, Expert Info (Warn/Undecoded):
Dissector is not available
itemname: pres.dissector_not_available, Dissector
is not available
itemname:
_ws.expert.severity, Severity level: Warn
itemname: _ws.expert.group, Group: Undecoded
====================
here is my code:
static void try_dissect(epan_t *session, const char *raw_data, int data_len,
int frame_number) {
struct wtap_pkthdr phdr;
frame_data fdata;
memset(&phdr, 0, sizeof(struct wtap_pkthdr));
frame_data_init(&fdata, frame_number, &phdr, 0, 0);
fdata.pkt_len = data_len;
fdata.cap_len = data_len;
fdata.lnk_t = WTAP_ENCAP_ETHERNET;
epan_dissect_t *edt = epan_dissect_new(session, TRUE, TRUE);
epan_dissect_run(edt, 0, &phdr, tvb_new_real_data((const guint8 *)raw_data,
data_len, data_len), &fdata, NULL);
print_tree(edt->tree->first_child->next->next->next->next, 0);
epan_dissect_free(edt);
frame_data_destroy(&fdata);
wtap_phdr_cleanup(&phdr);
}
int main(int argc, char** argv) {
init_process_policies();
epan_init(register_all_protocols, register_all_protocol_handoffs, NULL,
NULL);
epan_t *session = epan_new();
try_dissect(session, mms_data, sizeof(mms_data), 1);
epan_free(session);
epan_cleanup();
return 0;
}
My question is how to fully parsed MMS package with libwireshark?
Thank you!
---------------------------------------------------
Yumm
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
