This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Why is TCP protocol used for SUPL (ulp) when the port is decoded as oma-ulp?

0

Wireshark V1.4.7 or v1.6.0 is able to detect the ulp port 7275 in both directions (oma-ulp, Src port or Dst port), but is not able to re-assemble the TCP segments in one ULP message, in other words decode a ulp message. For each segment, TCP protocol is used: Example: Transmission Control Protocol, Src Port:14740 (14740), Dst Port: oma-ulp (7275), Seq..... Our tester has an older version of Wireshark 0.99.6a that is able the decode ulp messages

asked 16 Jun '11, 10:47

pcerf's gravatar image

pcerf
1111
accept rate: 0%

Wireshark 1.6.0 may support SUPL2.0 only (not backwards SUPL1.0 compatible).

(16 Jun '11, 13:53) pcerf

2 Answers:

0

Have you tried turning off reassembly (deselect the "Allow subdissector to reassemble TCP segments" in the TCP protocol preferences)?

When a protocol uses TCP reassembly, only the packet which contains the last segment of the PDU is dissected and the rest of them show up as TCP (with the info field being [TCP segment of a reassembled PDU]).

Maybe something goes wrong in the reassembly that prevents you from seeing the reassembled PDU.

answered 19 Jun '11, 20:24

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

0

Thank you for your help: I have disabled "Allow subdissector to reassemble TCP segments" and I do see ONE ULP message created on the display in the "Protocol" section (there should be a complete message flow decoded in the pcap file I have recorded). Moreover, the decoded message is msSUPLINIT [Unreassembled Packet] and there is no such message in a SET initiated SUPL session; the first message should be SUPL START.

answered 22 Jun '11, 10:24

pcerf's gravatar image

pcerf
1111
accept rate: 0%

Hi, The version Wireshark dissects is http://member.openmobilealliance.org/ftp/Public_documents/LOC/Permanent_documents/OMA-TS-ULP-V2_0-20100816-C.zip

(22 Jun '11, 12:07) Anders ♦

UlpMessage ::= CHOICE { msSUPLINIT SUPLINIT, msSUPLSTART SUPLSTART, msSUPLRESPONSE SUPLRESPONSE, msSUPLPOSINIT SUPLPOSINIT, msSUPLPOS SUPLPOS, msSUPLEND SUPLEND, msSUPLAUTHREQ SUPLAUTHREQ, msSUPLAUTHRESP SUPLAUTHRESP, ..., msSUPLTRIGGEREDSTART Ver2-SUPLTRIGGEREDSTART, msSUPLTRIGGEREDRESPONSE Ver2-SUPLTRIGGEREDRESPONSE, msSUPLTRIGGEREDSTOP Ver2-SUPLTRIGGEREDSTOP, msSUPLNOTIFY Ver2-SUPLNOTIFY, msSUPLNOTIFYRESPONSE Ver2-SUPLNOTIFYRESPONSE, msSUPLSETINIT Ver2-SUPLSETINIT, msSUPLREPORT Ver2-SUPLREPORT}

(22 Jun '11, 12:10) Anders ♦