[tcpdump-workers] septel support on libpcap

Thu, 23 Jun 2005 12:49:34 -0700
hi all , i have added two days ago a support for libpcap to be able to capture mtp2 low level protocol ss7 messages over INTEL/Net Structure cards (or Septel cards).this patch was added on 21 of june. Along with this support i added some filtering modules for the mtp3 basic fields:sio,opc,dpc,sls. 
here's some examples on how to use these filtring modules:
sio=3
opc 1234
sio=0 and opc!=1234 and dpc>2345 and sls<10
sls (1 or 2 or 3 or 4)
and others...... these filtering modules can also be combined.
Note: dissectors for ss7 protocols do not exist in tcpdump , so anyone who would use it with tcpdump must add these dissectors.Instead they do exsit in Ethereal. 

So try it if you need it and if there was any bug please report it.
configure your software as you wish but be carefull you should first edit the system.txt file to change the user part example (UPE) module id to 0xdd instead of 0x2d for technical reason. So this change in system.txt is crutial and things will go wrong if it's not done. System.txt along with config.txt are configuration files that are edited by the user before running the gctload program that uses these files for initialising modules 
and configuring parameters.
the software for the  card can be found on Intel's website.

so all you have to do is:
1) Install and build the SEPTEL software distribution by following the
instructions supplied with that package.

2) Configure libcap. To allow the 'configure' script to locate the SEPTEL
software distribution use the '--with-septel' option:

       ./configure --with-septel=DIR

Where DIR is the root of the SEPTEL software distribution.

For further information check README.septel


To do this support the following files were modified :
configure.in
gencode.c
gencode.h
grammar.y
inet.c
pcap-bpf.h
pcap-linux.c
savefile.c
scanner.l

plus these three added files for septel:
pcap-septel.c
pcap-septel.h
README.septel

-------------------------------------
for more information please contact me : [EMAIL PROTECTED]

Gilbert

_________________________________________________________________
Don't just search. Find. Check out the new MSN Search! http://search.msn.com/ 

-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

Reply via email to