[关闭]
@natsumi 2015-02-17T17:14:19.000000Z 字数 3741 阅读 2889

Wireshark解析PDCP-LTE

LTE Wireshark pdcp


老师说,做一点儿就得写一点儿,嗯。“基于开源软件的LTE信令解析”就从比较高层的PDCP做起吧~

1. 基本信息get√


2 pdcp_lte_logger.c编译

  1. //#include "../wireshark-1.99.2/epan/dissectors/packet-pdcp-lte.h"
  2. /* Direction */
  3. #define DIRECTION_UPLINK 0
  4. #define DIRECTION_DOWNLINK 1
  5. /* Signature. Rather than try to define a port for this, or make the port number a preference,
  6. frames will start with this string (with no terminating NULL */
  7. #define PDCP_LTE_START_STRING "pdcp-lte"
  8. /* Fixed fields. This is followed by the following 3 mandatory fields:
  9. - no_header_pdu (1 byte)
  10. - plane (1 byte)
  11. - rohc_compression ( byte)
  12. (where the allowed values are defined above) */
  13. /* Conditional field. This field is mandatory in case of User Plane PDCP PDU.
  14. The format is to have the tag, followed by the value (there is no length field,
  15. it's implicit from the tag).
  16. The allowed values are defined above. */
  17. #define PDCP_LTE_SEQNUM_LENGTH_TAG 0x02
  18. /* 1 byte */
  19. /* Optional fields. Attaching this info to frames will allow you to show you display/filter/plot/add-custom-columns on these fields, so should be added if available.
  20. The format is to have the tag, followed by the value (there is no length field, it's implicit from the tag) */
  21. #define PDCP_LTE_DIRECTION_TAG 0x03
  22. /* 1 byte */
  23. #define PDCP_LTE_LOG_CHAN_TYPE_TAG 0x04
  24. /* 1 byte */
  25. #define PDCP_LTE_BCCH_TRANSPORT_TYPE_TAG 0x05
  26. /* 1 byte */
  27. #define PDCP_LTE_ROHC_IP_VERSION_TAG 0x06
  28. /* 2 bytes, network order */
  29. #define PDCP_LTE_ROHC_CID_INC_INFO_TAG 0x07
  30. /* 1 byte */
  31. #define PDCP_LTE_ROHC_LARGE_CID_PRES_TAG 0x08
  32. /* 1 byte */
  33. #define PDCP_LTE_ROHC_MODE_TAG 0x09
  34. /* 1 byte */
  35. #define PDCP_LTE_ROHC_RND_TAG 0x0A
  36. /* 1 byte */
  37. #define PDCP_LTE_ROHC_UDP_CHECKSUM_PRES_TAG 0x0B
  38. /* 1 byte */
  39. #define PDCP_LTE_ROHC_PROFILE_TAG 0x0C
  40. /* 2 bytes, network order */
  41. #define PDCP_LTE_CHANNEL_ID_TAG 0x0D
  42. /* 2 bytes, network order */
  43. #define PDCP_LTE_UEID_TAG 0x0E
  44. /* 2 bytes, network order */
  45. /* PDCP PDU. Following this tag comes the actual PDCP PDU (there is no length, the PDU
  46. continues until the end of the frame) */
  47. #define PDCP_LTE_PAYLOAD_TAG 0x01
  48. enum rohc_mode
  49. {
  50. MODE_NOT_SET = 0,
  51. UNIDIRECTIONAL = 1,
  52. OPTIMISTIC_BIDIRECTIONAL = 2,
  53. RELIABLE_BIDIRECTIONAL = 3
  54. };
  55. enum pdcp_plane
  56. {
  57. SIGNALING_PLANE = 1,
  58. USER_PLANE = 2
  59. };
  60. typedef enum LogicalChannelType
  61. {
  62. Channel_DCCH=1,
  63. Channel_BCCH=2,
  64. Channel_CCCH=3,
  65. Channel_PCCH=4
  66. } LogicalChannelType;
  67. typedef enum
  68. {
  69. BCH_TRANSPORT=1,
  70. DLSCH_TRANSPORT=2
  71. } BCCHTransportType;
  72. #define PDCP_SN_LENGTH_5_BITS 5
  73. #define PDCP_SN_LENGTH_7_BITS 7
  74. #define PDCP_SN_LENGTH_12_BITS 12
  75. #define PDCP_SN_LENGTH_15_BITS 15

3. 运行小有成果

./test 127.0.0.1 10000运行,这里127.0.0.1和10000分别是UDP报文的目的IP和PORT,可以根据需求设定。
最后总算是出来了一些PDCP解析的样子~
capture

具体代码过完年再研究吧~
记下这些东西不知不觉都已经除夕了~新年快乐~

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注