标签: Wireshark LTE
1. 写在前面
PDCP上面是RRC,http://wiki.wireshark.org/LTE%20RRC 这里说,
if you are using Wireshark to decode MAC-LTE, RLC-LTE, PDCP-LTE then the RRC dissector will be called appropriately, if enabled by preference settings.
PDCP再往底层就该是RLC和MAC了~
和PDCP一样,RLC也可以用UDP封装,也给出了例子。
所以先放一放RLC,先看看MAC层吧
除了DCT2000,有三种方式:
- UDP封装,这里有例子http://www.wireshark.org/~martinm/mac_lte_logger.c
- the compact format decoded by the mac-lte-framed dissector.
官方给出了如下这些说明,也给出了例子。
This shares the same framing format as the UDP format described above. This (BSD-licensed) program gives an example of how you might write MAC-LTE frames directly in a file of this format. Currently, this does not have its own registered DLT, so if (as the same program does) you use DLT 147 you will need to edit the preferences of the DLT_USER dissector (add an entry with DLT=147, Payload Protocol=mac-lte-framed) OR
- 第三种大概是私人定制的感觉,还没研究明白
your own framing protocol. The functions get_mac_lte_proto_data() and set_mac_lte_proto_data() are available for querying and setting the necessary context information associated with a frame.
下面对前两种方式的做一些尝试~
2. UDP封装方式
2.1 修改设置
将Preferences里面的Try Heuristic LTE-MAC framing over UDP这一行勾上
2.2 编译运行
过程类似Wireshark解析PDCP-LTE,还是用比较笨的方法解决编译中的问题!
- 去掉
#include "../wireshark/epan/dissectors/packet-mac-lte.h" -
gcc -g -o test pdcp_lte_logger.c编译,根据报错信息,加入了如下代码段
//#include "../wireshark/epan/dissectors/packet-mac-lte.h"
/* radioType */
#define FDD_RADIO 1
#define TDD_RADIO 2
/* Direction */
#define DIRECTION_UPLINK 0
#define DIRECTION_DOWNLINK 1
/* rntiType */
#define NO_RNTI 0
#define P_RNTI 1
#define RA_RNTI 2
#define C_RNTI 3
#define SI_RNTI 4
#define SPS_RNTI 5
#define M_RNTI 6
/* Signature. Rather than try to define a port for this, or make the
port number a preference, frames will start with this string (with no
terminating NULL */
#define MAC_LTE_START_STRING "mac-lte"
/* Fixed fields. This is followed by the following 3 mandatory fields:
- radioType (1 byte)
- direction (1 byte)
- rntiType (1 byte)
(where the allowed values are defined above */
/* Optional fields. Attaching this info to frames will allow you
to show you display/filter/plot/add-custom-columns on these fields, so should
be added if available.
The format is to have the tag, followed by the value (there is no length field,
it's implicit from the tag) */
#define MAC_LTE_RNTI_TAG 0x02
/* 2 bytes, network order */
#define MAC_LTE_UEID_TAG 0x03
/* 2 bytes, network order */
#define MAC_LTE_FRAME_SUBFRAME_TAG 0x04
/* 2 bytes, network order, SFN is stored in 12 MSB and SF in 4 LSB */
#define MAC_LTE_PREDEFINED_DATA_TAG 0x05
/* 1 byte */
#define MAC_LTE_RETX_TAG 0x06
/* 1 byte */
#define MAC_LTE_CRC_STATUS_TAG 0x07
/* 1 byte */
#define MAC_LTE_EXT_BSR_SIZES_TAG 0x08
/* 0 byte */
#define MAC_LTE_SEND_PREAMBLE_TAG 0x09
/* 2 bytes, RAPID value (1 byte) followed by RACH attempt number (1 byte) */
#define MAC_LTE_CARRIER_ID_TAG 0x0A
/* 1 byte */
#define MAC_LTE_PHY_TAG 0x0B
/* variable length, length (1 byte) then depending on direction
in UL: modulation type (1 byte), TBS index (1 byte), RB length (1 byte),
RB start (1 byte), HARQ id (1 byte), NDI (1 byte)
in DL: DCI format (1 byte), resource allocation type (1 byte), aggregation level (1 byte),
MCS index (1 byte), redundancy version (1 byte), resource block length (1 byte),
HARQ id (1 byte), NDI (1 byte), TB (1 byte), DL reTx (1 byte) */
#define MAC_LTE_SIMULT_PUCCH_PUSCH_PCELL 0x0C
/* 0 byte */
#define MAC_LTE_SIMULT_PUCCH_PUSCH_PSCELL 0x0D
/* 0 byte */
/* MAC PDU. Following this tag comes the actual MAC PDU (there is no length, the PDU
continues until the end of the frame) */
#define MAC_LTE_PAYLOAD_TAG 0x01
- 加完这些代码还有些小错误~应该将原来的
mac_lte_logger.c里的
MAC_LTE_SUBFRAME_TAG改为MAC_LTE_FRAME_SUBFRAME_TAG
MAC_LTE_PREDFINED_DATA_TAG改为MAC_LTE_PREDEFINED_DATA_TAG - 再次编译通过
-
./test 127.0.0.1 10000运行,这里127.0.0.1和10000分别是UDP报文的目的IP和PORT,可以根据需求设定。
运行截图
3. 说不清的方式——the compact format decoded by the mac-lte-framed dissector.
3.1 设置
edit the preferences of the DLT_USER dissector (add an entry with DLT=147, Payload Protocol=mac-lte-framed)
工具栏edit-->prefrences-->protocol-->DLT_USER
点击edit,然后按照下图添加一个条目~
这样就OK啦~
3.2 编译运行
还是先看例子mac_pcap_sample_code.c~嘛~下面图中这几句话看得我也是醉了。。和我一样把定义从packet-mac-lte.h中粘贴出来~
在31行左右的位置开始,以注释的方式给出了一个makefile,直接按照这个样式建一个makefile用着就好了
run: mac_pcap_sample_code
@ ./$?
mac_pcap_sample_code: mac_pcap_sample_code.c
gcc -Wall $? -o $@
clean:
rm -f mac_pcap_sample_code test1.pcap
终端输入命令make即可编译运行,运行后回生成test1.pcap
用wireshark打开test1.pcap
