[关闭]
@natsumi 2015-12-05T00:32:53.000000Z 字数 4640 阅读 2207

阅读笔记:Wireshark-1.99.3/epan/dissectors/packet-mac-lte

Wireshark LTE


1. Heuristic dissector looks for supported framing protocol

————dissect_mac_lte_heur函数

1.1 识别和解析MAC PDU所必须的字段

  1. /* Signature. Rather than try to define a port for this, or make the
  2. port number a preference, frames will start with this string (with no
  3. terminating NULL */
  4. #define MAC_LTE_START_STRING "mac-lte"
  5. /* radioType 1B */
  6. #define FDD_RADIO 1
  7. #define TDD_RADIO 2
  8. /* Direction 1B */
  9. #define DIRECTION_UPLINK 0
  10. #define DIRECTION_DOWNLINK 1
  11. /* rntiType 1B */ /* default p_mac_lte_info->rnti */
  12. /* 解析器根据RNTI类型设定默认的rnti */
  13. #define NO_RNTI 0 /* BCH over BCH 解析函数dissect_bch */
  14. #define P_RNTI 1 /* 0xFFFE
  15. PCH PDU 解析函数dissect_pch */
  16. #define RA_RNTI 2 /* 0x0001 有效取值范围0x0001~0x003C
  17. RAR PDU 解析函数 解析函数dissect_rar */
  18. #define C_RNTI 3 /* 0x0001 有效取值范围0x0001~0xFFF3
  19. UL-SCH or DL-SCH 解析函数dissect_ulsch_or_dlsch */
  20. #define SI_RNTI 4 /* 0xFFFF
  21. BCH over DL-SCH 解析函数dissect_bch */
  22. #define SPS_RNTI 5 /* 0x0001 有效取值范围0x0001~0xFFF3
  23. UL-SCH or DL-SCH 解析函数dissect_ulsch_or_dlsch */
  24. #define M_RNTI 6 /* 0xFFFD
  25. MCH PDU 解析函数dissect_mch */

各种RNTI: http://blog.sina.com.cn/s/blog_4ded56360101b5ta.html

1.2 可选字段

遇到不能是别的TAG时,dissect_mac_lte_context_fields函数返回FALSE~
都是可有可无的标签,dissect_mac_lte_context_fields循环检测这些标签,所以除了MAC_LTE_PAYLOAD_TAG在最后,其他TAG顺序无所谓

  1. /* Optional fields ****************************************************/
  2. /* 根据TAG识别TAG后面的内容(直到发现MAC_LTE_PAYLOAD_TAG 返回TRUE),填写p_mac_lte_info*/
  3. #define MAC_LTE_PAYLOAD_TAG 0x01
  4. /* Following this tag comes the actual MAC PDU (there is no length, the PDU
  5. continues until the end of the frame)*/
  6. #define MAC_LTE_RNTI_TAG 0x02
  7. /* 2 bytes, network order
  8. p_mac_lte_info->rnti
  9. Extra info to display */
  10. #define MAC_LTE_UEID_TAG 0x03
  11. /* 2 bytes, network order
  12. p_mac_lte_info->ueid
  13. Extra info to display */
  14. #define MAC_LTE_FRAME_SUBFRAME_TAG 0x04
  15. /* 2 bytes, network order
  16. Timing info
  17. SFN in 12 MSB p_mac_lte_info->sysframeNumber 0~1023
  18. SF in 4 LSB p_mac_lte_info->subframeNumber 0~9 */
  19. #define MAC_LTE_PREDEFINED_DATA_TAG 0x05
  20. /* 1 byte
  21. Flag set only if doing PHY-level data test - i.e. there may not be a
  22. well-formed MAC PDU so just show as raw data
  23. gboolean p_mac_lte_info->isPredefinedData */
  24. #define MAC_LTE_RETX_TAG 0x06
  25. /* 1 byte
  26. 重传计数
  27. 0=newTx, 1=first-retx, etc
  28. p_mac_lte_info->reTxCount */
  29. #define MAC_LTE_CRC_STATUS_TAG 0x07
  30. /* 1 byte
  31. Status of CRC check.
  32. For UE it is DL only. For eNodeB it is UL only.
  33. For an analyzer, it is present for both DL and UL.
  34. p_mac_lte_info->crcStatusValid = TRUE;
  35. mac_lte_crc_status p_mac_lte_info->crcStatus;
  36. crc_fail = 0,
  37. crc_success = 1,
  38. crc_high_code_rate = 2,
  39. crc_pdsch_lost = 3,
  40. crc_duplicate_nonzero_rv = 4,
  41. crc_false_dci = 5 */
  42. #define MAC_LTE_EXT_BSR_SIZES_TAG 0x08
  43. /* 0 byte
  44. p_mac_lte_info->isExtendedBSRSizes = TRUE;
  45. UL only. Indicates if the R10 extendedBSR-Sizes parameter is set */
  46. #define MAC_LTE_SEND_PREAMBLE_TAG 0x09
  47. /* 2 bytes Relating to out-of-band events
  48. N.B. dissector will only look to these fields if length is 0...
  49. p_mac_lte_info->oob_event = ltemac_send_preamble;
  50. typedef enum mac_lte_oob_event {
  51. ltemac_send_preamble,
  52. ltemac_send_sr,
  53. ltemac_sr_failure
  54. }
  55. RAPID value (1 byte)
  56. p_mac_lte_info->rapid
  57. RACH attempt number (1 byte)
  58. p_mac_lte_info->rach_attempt_number */
  59. #define MAC_LTE_CARRIER_ID_TAG 0x0A
  60. /* 1 byte
  61. p_mac_lte_info->carrierId
  62. typedef enum mac_lte_carrier_id {
  63. carrier_id_primary,
  64. carrier_id_secondary_1,
  65. carrier_id_secondary_2,
  66. carrier_id_secondary_3,
  67. carrier_id_secondary_4
  68. } */
  69. #define MAC_LTE_PHY_TAG 0x0B
  70. /* variable length, length (1 byte) then depending on direction
  71. in UL: modulation type (1 byte), TBS index (1 byte), RB length (1 byte),
  72. RB start (1 byte), HARQ id (1 byte), NDI (1 byte)
  73. in DL: DCI format (1 byte), resource allocation type (1 byte), aggregation level (1 byte),
  74. MCS index (1 byte), redundancy version (1 byte), resource block length (1 byte),
  75. HARQ id (1 byte), NDI (1 byte), TB (1 byte), DL reTx (1 byte) */
  76. #define MAC_LTE_SIMULT_PUCCH_PUSCH_PCELL 0x0C
  77. /* 0 byte
  78. UL only. Indicates if the R10 simultaneousPUCCH-PUSCH parameter is set for PCell
  79. p_mac_lte_info->isSimultPUCCHPUSCHPCell = TRUE; */
  80. #define MAC_LTE_SIMULT_PUCCH_PUSCH_PSCELL 0x0D
  81. /* 0 byte
  82. UL only. Indicates if the R10 extendedBSR-Sizes parameter is set for PSCell
  83. p_mac_lte_info->isSimultPUCCHPUSCHPSCell = TRUE; */
  84. /**********************************************************************/

1.3 frame的信息写入

调用p_add_proto_data函数把p_mac_lte_info中的一些相应信息写入dissect_mac_lte_context_fields函数的参数pinfo

1.4 调用dissect_mac_lte函数解析MAC PDU

dissect_mac_lte(mac_tvb, pinfo, tree, NULL);

  1. Show context information:radio_type、direction、ueid
  2. context info中length==0时,处理out-of-band MAC events
  3. 检查并显示sysframe_number和subframe_number,错误时输出提示信息
  4. 显示subframeNumberOfGrant、rnti、rntiType
  5. 根据rntiTYPE检查RNTI取值是否正确,不正确返回0
  6. 处理isPredefinedData(物理层相关)
  7. 显示length(DL PDU or UL grant size in bytes)
  8. Retx count goes in top-level tree to make it more visible
  9. Report if crc non-success
  10. 显示carrierId、extra_phy_parameters
  11. Set tap_info
  12. Add hidden item to filter on
  13. If we know its predefined data, don't try to decode any further
  14. crc不成功时,decode as raw bytes
  15. 根据RNTI type选择调用不同的解析函数解析MACPDU
添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注