This is our old Q&A Site. Please post any new questions and answers at


I have below AVP's added in avp.xml

<avp name="Subscriber_Category" code="1003" vendor-id="Comviva" mandatory="must" protected="mustnot" may-encrypt="yes" vendor-bit="must"> <type type-name="Unsigned32"/> </avp>

still i am getting AVP as unknown .

I am using tshark to read pcap and am using -z for diameter protocol . i am unable to get that AVP as it is a unknown AVP .

will tshark supports AVP's of Vendor other than 3GPP?

BR, Ankamma

asked 10 Sep '14, 06:50

ankamma's gravatar image

accept rate: 0%

edited 11 Sep '14, 06:05

JeffMorriss's gravatar image

JeffMorriss ♦

hi ,

i have two files dictionary,vendor_avp.xml .

dictionary file is like below:

# # Vendor-Specific attributes use the SMI Network Management Private # Enterprise Code from the "Assigned Numbers" RFC (currently RFC 1700) # # # You need to activate a VSA mode on your box to get these attributes # in accounting records #

VENDOR          3GPP            10415
ATTRIBUTE       3GPP-IMSI                                          1        string         3GPP
ATTRIBUTE       3GPP-ChargingID                                         2        integer        3GPP
ATTRIBUTE       3GPP-PDPType                                            3        integer        3GPP
ATTRIBUTE       3GPP-Charging-Gateway-Address                           4        string         3GPP
ATTRIBUTE       3GPP-SGSN-Address                                       6        ipaddr         3GPP
ATTRIBUTE       3GPP-GGSN-Address                                       7        ipaddr         3GPP
ATTRIBUTE       3GPP-IMSI-MCC-MNC                                       8        string         3GPP
ATTRIBUTE       3GPP-GGSN-MCC-MNC                                       9        string         3GPP
ATTRIBUTE       3GPP-NSAPI                                                      10       string         3GPP

and vendor_avp.xml is like below:

<base uri="">
    <vendor vendor-id="3gpp" code="10415" name="ietf"/>
    <vendor vendor-id="Comviva" code="40136" name="Comviva"/>
    <vendor vendor-id="Ericsson" code="193" name="Ericsson"/>
<vendor vendor-id="Cisco" code="9" name="Cisco"/>
    <vendor name="Huawei" code="2011" vendor-id="Huawei"/>
<vendor vendor-id="ietf" code="0" name="ietf"/>

<application id="16777238" name="3GPP Gx" uri="">

            <!-- Comviva Starts  -->

            <avp name="Comviva-Package_ID" code="1001" vendor-id="Comviva" mandatory="mustnot" protected="mustnot" may-encrypt="yes" vendor-bit="must">
                    <type type-name="UTF8String"/>

             <avp name="Parent_NAI" code="1002" vendor-id="Comviva" mandatory="mustnot" protected="mustnot" may-encrypt="yes" vendor-bit="must">
             <type type-name="UTF8String"/>

please let me know where to add Entity exactly. please share give me your mail id so that i can mail complete files.

BR, Ankamma

(10 Sep '14, 09:34) ankamma

Look in dictionary.xml at the other files that are loaded into it. For example, these are the lines relevant to loading SKT.xml:

    <!ENTITY SKT            SYSTEM "SKT.xml">
(10 Sep '14, 11:09) JeffMorriss ♦

To add a new .xml file you neeed to update the ENTITY list in dictionaty.xml and also add it at the bottom of the file( Compare with say HP.xml) For the vendor-id You need to add Comviva to the vendor list.

permanent link

answered 10 Sep '14, 07:38

Anders's gravatar image

Anders ♦
accept rate: 17%


by adding below lines it is working fine and am able to get AVP names in wireshark(windows).

but how to achieve the same in tshark(linux)? where to add Entity in Linux?

[[email protected] tmp]# tshark -r /tmp/Gx_dump1.pcap -d 'tcp.port==3870,diameter' -R "diameter.cmd.code==272 and diameter.flags.request==0" -z "diameter,avp,272,CC-Request-Type,CC-Request-Number,Session-Id,Subscription-Id-Data,Rating-Group,Result-Code,Session-Id,Custom_Result_Code" tshark: -R without -2 is deprecated. For single-pass filtering use -Y. tshark: Couldn't register diam,csv tap: Filter "diameter||diameter.CC-Request-Type||diameter.CC-Request-Number||diameter.Session-Id||diameter.Subscription-Id-Data||diameter.Rating-Group||diameter.Result-Code||diameter.Session-Id||diameter.Custom_Result_Code" is invalid - "diameter.Custom_Result_Code" is neither a field nor a protocol name.

BR, Ankamma

(10 Sep '14, 23:06) ankamma


i got it working by adding entity in the same way

(10 Sep '14, 23:16) ankamma

Glad you got it working.

If an Answer answers your question, please Accept the answer by clicking on the little checkbox next to it. See the FAQ for details.

(11 Sep '14, 06:05) JeffMorriss ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 10 Sep '14, 06:50

question was seen: 11,151 times

last updated: 11 Sep '14, 06:05

p​o​w​e​r​e​d by O​S​Q​A