This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I have a RHEL 5.8 system installed with wireshark 1.0.15, but it does not supports GTPv2 by default.

I cannot upgrade wireshark with higher version as it has lot of dependencies like glib2, gtk+2.12 etc, and those cannot be installed as they interfere with other application on the system.

So, is there any way by which I can just install gtpv2 dissectors on wireshark 1.0.15, as my only reqyuirement is to support gtpv2 irrespective of wireshark version on RHEL 5.8

asked 03 Aug '13, 11:12

RAVI_TANDON's gravatar image

RAVI_TANDON
10447
accept rate: 0%

edited 03 Aug '13, 13:03


is there any way by which I can just install gtpv2 dissectors on wireshark 1.0.15

You could try getting the source to a version of Wireshark that you can build on your system, getting the source to the dissectors you want, and making whatever changes to the dissectors to get them to build as part of that older version of Wireshark. Those dissectors might depend on features of Wireshark not available in 1.0.15, however, in which case you're out of luck.

permanent link

answered 03 Aug '13, 14:38

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

If it helps at all, the dissectors you'd want are at epan/dissectors/packet-gtpv2.c of the source code of Wireshark 1.10.

Good luck if you're going to attempt this, though I can say at least from my experience if you need to support capture files from a GTPv2/EPC environment you're better off with at least Wireshark 1.8 and RHEL/CentOS 6. Even if you go through all this trouble and get GTPv2 working, I'd be surprised if tomorrow you don't need to correlate those captures with your Diameter or S1AP signaling. The stock Wireshark repos for RHEL 5 won't do S1, nor most mobility Diameter applications and even on the GTPv1 front there were some annoying bugs in older releases, such as three-digit MNCs not being read correctly in the ULI field.

permanent link

answered 06 Aug '13, 21:24

Quadratic's gravatar image

Quadratic
1.9k6928
accept rate: 13%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×637
×5
×3

question asked: 03 Aug '13, 11:12

question was seen: 2,271 times

last updated: 06 Aug '13, 21:24

p​o​w​e​r​e​d by O​S​Q​A