Hi, I'm trying to figure out what's the order in which wireshark looks up for things when dissecting diameter packet. Does it look for Application-Id first? Or AVP? What I ultimately need to do, is add a vendor specific feature to the Feature-List-ID 1. Now, if I understand correctly, I should add a .c file similar to "packet-diameter_3gpp.c" where I can dissect the bits. I shall use this file as a template. I already have my own vendor specific dictionary and it works correctly. But in the vendor spec I found out that "Supported-Features" AVP's vendor-id will be set to 3GPP and my-vendor-id. Does this mean I should redefine this AVP and set my own vendor-id in my own dictionary? Thanks a lot! asked 01 Dec '15, 06:34 Aliniel |
One Answer:
Time to close this one :) I had vendor specific flag values for Feature-List-Id AVP when the vendor-id was set to my vendor. Everything else was the same as defined by 3GPP. All I had to do, was add some code to the existing function which dissected those flags according to my needs when the vendor-id and feature-list-id were set to certain values. There was no need for a whole another source file. answered 12 Jan '16, 00:53 Aliniel |
I'm not sure I get it, the avp is 3gpp feature... And the application Id is the vendors application id? I don't have the code handy right now but I think the avp subdissection is done per vendor and a new table(code changes) is needed to add new vendors tables. If your case is as above the avp will be dissected in the 3gpp subdissector and code will be needed there to handle the application Id of your vendor.