This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to add an xml file to the Diameter dictionary

0

Hi,

I have below AVP's added in avp.xml

<avp name="Subscriber_Category" code="1003" vendor-id="Comviva" mandatory="must" protected="mustnot" may-encrypt="yes" vendor-bit="must"> <type type-name="Unsigned32"/> </avp>

still i am getting AVP as unknown .

I am using tshark to read pcap and am using -z for diameter protocol . i am unable to get that AVP as it is a unknown AVP .

will tshark supports AVP's of Vendor other than 3GPP?

BR, Ankamma

asked 10 Sep '14, 06:50

ankamma's gravatar image

ankamma
1111
accept rate: 0%

edited 11 Sep '14, 06:05

JeffMorriss's gravatar image

JeffMorriss ♦
6.2k572

hi ,

i have two files dictionary,vendor_avp.xml .

dictionary file is like below:

# # Vendor-Specific attributes use the SMI Network Management Private # Enterprise Code from the "Assigned Numbers" RFC (currently RFC 1700) # # # You need to activate a VSA mode on your box to get these attributes # in accounting records #

VENDOR          3GPP            10415
ATTRIBUTE       3GPP-IMSI                                          1        string         3GPP
ATTRIBUTE       3GPP-ChargingID                                         2        integer        3GPP
ATTRIBUTE       3GPP-PDPType                                            3        integer        3GPP
ATTRIBUTE       3GPP-Charging-Gateway-Address                           4        string         3GPP
ATTRIBUTE       3GPP-SGSN-Address                                       6        ipaddr         3GPP
ATTRIBUTE       3GPP-GGSN-Address                                       7        ipaddr         3GPP
ATTRIBUTE       3GPP-IMSI-MCC-MNC                                       8        string         3GPP
ATTRIBUTE       3GPP-GGSN-MCC-MNC                                       9        string         3GPP
ATTRIBUTE       3GPP-NSAPI                                                      10       string         3GPP

and vendor_avp.xml is like below:

<dictionary>
<base uri="http://www.ietf.org/rfc/rfc3588.txt">
    <vendor vendor-id="3gpp" code="10415" name="ietf"/>
    <vendor vendor-id="Comviva" code="40136" name="Comviva"/>
    <vendor vendor-id="Ericsson" code="193" name="Ericsson"/>
<vendor vendor-id="Cisco" code="9" name="Cisco"/>
    <vendor name="Huawei" code="2011" vendor-id="Huawei"/>
<vendor vendor-id="ietf" code="0" name="ietf"/>
</base>

<application id="16777238" name="3GPP Gx" uri="">


        &lt;!-- Comviva Starts  --&gt;

        &lt;avp name=&quot;Comviva-Package_ID&quot; code=&quot;1001&quot; vendor-id=&quot;Comviva&quot; mandatory=&quot;mustnot&quot; protected=&quot;mustnot&quot; may-encrypt=&quot;yes&quot; vendor-bit=&quot;must&quot;&gt;
                &lt;type type-name=&quot;UTF8String&quot;/&gt;
        &lt;/avp&gt;

         &lt;avp name=&quot;Parent_NAI&quot; code=&quot;1002&quot; vendor-id=&quot;Comviva&quot; mandatory=&quot;mustnot&quot; protected=&quot;mustnot&quot; may-encrypt=&quot;yes&quot; vendor-bit=&quot;must&quot;&gt;
         &lt;type type-name=&quot;UTF8String&quot;/&gt;
         &lt;/avp&gt;</code></pre><p>please let me know where to add Entity exactly. please share give me your mail id so that i can mail complete files.</p><p>BR, Ankamma</p></div><div id="comment-36176-info" class="comment-info"><span class="comment-age">(10 Sep '14, 09:34)</span> <span class="comment-user userinfo">ankamma</span></div></div><span id="36179"></span><div id="comment-36179" class="comment"><div id="post-36179-score" class="comment-score">1</div><div class="comment-text"><p>Look in dictionary.xml at the other files that are loaded into it. For example, these are the lines relevant to loading SKT.xml:</p><pre><code>    &lt;!ENTITY SKT            SYSTEM &quot;SKT.xml&quot;&gt;



[…]
&SKT;
(10 Sep ‘14, 11:09) JeffMorriss ♦

One Answer:

1

To add a new .xml file you neeed to update the ENTITY list in dictionaty.xml and also add it at the bottom of the file( Compare with say HP.xml) For the vendor-id You need to add Comviva to the vendor list.

answered 10 Sep '14, 07:38

Anders's gravatar image

Anders ♦
4.6k952
accept rate: 17%

Hi,

by adding below lines it is working fine and am able to get AVP names in wireshark(windows).

but how to achieve the same in tshark(linux)? where to add Entity in Linux?

[[email protected] tmp]# tshark -r /tmp/Gx_dump1.pcap -d 'tcp.port==3870,diameter' -R "diameter.cmd.code==272 and diameter.flags.request==0" -z "diameter,avp,272,CC-Request-Type,CC-Request-Number,Session-Id,Subscription-Id-Data,Rating-Group,Result-Code,Session-Id,Custom_Result_Code" tshark: -R without -2 is deprecated. For single-pass filtering use -Y. tshark: Couldn't register diam,csv tap: Filter "diameter||diameter.CC-Request-Type||diameter.CC-Request-Number||diameter.Session-Id||diameter.Subscription-Id-Data||diameter.Rating-Group||diameter.Result-Code||diameter.Session-Id||diameter.Custom_Result_Code" is invalid - "diameter.Custom_Result_Code" is neither a field nor a protocol name.

BR, Ankamma

(10 Sep '14, 23:06) ankamma

hi,

i got it working by adding entity in the same way

(10 Sep '14, 23:16) ankamma

Glad you got it working.

If an Answer answers your question, please Accept the answer by clicking on the little checkbox next to it. See the FAQ for details.

(11 Sep '14, 06:05) JeffMorriss ♦