This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to make wireshark thinking that 3GPP T-PDU is uplink?

0

I try to decode the following 3GPP SMS-SUBMIT T-PDU, using gsm_sms dissector: 01000B811192979297F2000010ECF71B2E0E8FD7A076793E0F9FCB But wireshark thinks, that it is downlink tpdu, and decodes is as SMS-SUBMIT-REPORT. Of course, there is a way to encapsulate this T-PDU into some higher-level protocol by adding fake header, and that protocol will call gsm_sms dissector with proper parameter. But for me is interesting, is there a way to put some parameter to text2pcap to make it thinking that this is uplink message? I use text2pcap in the following way: echo "000000 01 00 0B 81 11 92 97 92 97 F2 00 00 10 EC F7 1B 2E 0E 8F D7 A0 76 79 3E 0F 9F CB" > tpdu.txt text2pcap -l 151 tpdu.txt tpdu.pcapng wireshark tpdu.pcapng And I see that it is decoded as SMS-SUBMIT REPORT, i.e. in wrong way. What I am asking is some parameter that can be used with text2pcap allowing to make it thinking that direction is uplink.

asked 23 Dec '16, 07:09

Sviat's gravatar image

Sviat
11114
accept rate: 0%

One Answer:

1

Hi Sviat,

use the -D and -n text2pcap options and before the packet dump use:

I for an uplink packet (your case)
O for an downlink packet

It will give the following decoding:

GSM SMS TPDU (GSM 03.40) SMS-SUBMIT
0... .... = TP-RP: TP Reply Path parameter is not set in this SMS SUBMIT/DELIVER
.0.. .... = TP-UDHI: The TP UD field contains only the short message
..0. .... = TP-SRR: A status report is not requested
...0 0... = TP-VPF: TP-VP field not present (0)
.... .0.. = TP-RD: Instruct SC to accept duplicates
.... ..01 = TP-MTI: SMS-SUBMIT (1)
TP-MR: 0
TP-Destination-Address - (11297929792)
    Length: 11 address digits
    1... .... = Extension: No extension
    .000 .... = Type of number: Unknown (0)
    .... 0001 = Numbering plan: ISDN/telephone (E.164/E.163) (1)
    TP-DA Digits: 11297929792
TP-PID: 0
    00.. .... = Defines formatting for subsequent bits: 0x0
    ..0. .... = Telematic interworking: no telematic interworking, but SME-to-SME protocol
    ...0 0000 = The SM-AL protocol being used between the SME and the MS: 0
TP-DCS: 0
    00.. .... = Coding Group Bits: General Data Coding indication (0)
    Special case, GSM 7 bit default alphabet
TP-User-Data-Length: (16) depends on Data-Coding-Scheme
TP-User-Data
    SMS text: loopback message

answered 23 Dec '16, 07:16

Pascal%20Quantin's gravatar image

Pascal Quantin
5.5k1060
accept rate: 30%

Thank you very much, it works perfectly!

(26 Dec '16, 02:46) Sviat

If my answer solved your issue, do not forget to accept it: it will be helpful for anyone searching for an equivalent answer. See the FAQ for details.

(26 Dec '16, 06:11) Pascal Quantin