2015年12月25日 星期五

Using Wireshark to analysis LTE traffic


Development - The Wireshark Wiki
https://wiki.wireshark.org/Development

Chapter 9. Packet dissection
https://www.wireshark.org/docs/wsdg_html_chunked/ChapterDissection.html
9.2. Adding a basic dissector
https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html

Creating Your Own Custom Wireshark Dissector - CodeProject
http://www.codeproject.com/Articles/19426/Creating-Your-Own-Custom-Wireshark-Dissector

6.2. Overview
https://www.wireshark.org/docs/wsdg_html_chunked/ChWorksOverview.html


6.4. Capture Files
https://www.wireshark.org/docs/wsdg_html_chunked/ChWorksCaptureFiles.html

HowToDissectAnything - The Wireshark Wiki
https://wiki.wireshark.org/HowToDissectAnything
User DLT (147~162)
od -Ax -tx1 -v /tmp/cnnheaders.txt | text2pcap -l 147 - httpresp.pcap
10.20. User DLTs protocol table
https://www.wireshark.org/docs/wsug_html_chunked/ChUserDLTsSection.html

IttiAnalyzer < OpenAirInterface < Institut Eurecom TWiki
https://twiki.eurecom.fr/twiki/bin/view/OpenAirInterface/IttiAnalyzer
An example of LTE packet dissection can be found oai_l2l3.pcap.
https://twiki.eurecom.fr/twiki/pub/OpenAirInterface/IttiAnalyzer/oai_l2l3.pcap

I was able to dissect oai_l2l3.pcap with Wireshark 1.10, but not 2.0.2.

[Edit] -> [Preferences] -> [Protocols] -> [UDP] -> Eanble [Try heuristic sub-dissectors first]
All the other heuristic settings in mac-lte/rlc-lte/pdcp-lte are removed.

But the UDP heuristic protocols are not enabled by default.
[Analyze] -> [Enabled Protocols] -> Enable:
  • MAC-LTE and mac_lte_udp
  • RLC and rlc_udp
  • RLC_LTE and rlc_lte_udp
  • PDCP-LTE and pdcp_lte-udp

Wireshark: Re: How to use lte_rrc in wireshark?http://seclists.org/wireshark/2010/Feb/476

[Wireshark] Contents of /trunk/epan/dissectors/packet-pdcp-lte.c
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-pdcp-lte.c?revision=31661&view=markup

MAC-LTE - The Wireshark Wiki
https://wiki.wireshark.org/MAC-LTE

RLC-LTE - The Wireshark Wiki
https://wiki.wireshark.org/RLC-LTE

RLC - The Wireshark Wiki
https://wiki.wireshark.org/RLC

LTE RRC - The Wireshark Wiki
https://wiki.wireshark.org/LTE%20RRC

Wireshark解析MAC-LTE - 简书
http://www.jianshu.com/p/4f1991302d63


清晨7:12
標籤:

1 則留言:

EnrgTech 提到...

The article is much informative which i was searching for .Nice intro good explanation thanks for sharing.
Enrgtech

2020年3月9日 凌晨1:01

張貼留言

訂閱: 張貼留言 (Atom)