標(biāo)簽: Wireshark LTE
1. 寫(xiě)在前面
PDCP上面是RRC哟旗,http://wiki.wireshark.org/LTE%20RRC 這里說(shuō)鸭廷,
if you are using Wireshark to decode MAC-LTE, RLC-LTE, PDCP-LTE then the RRC dissector will be called appropriately, if enabled by preference settings.
PDCP再往底層就該是RLC和MAC了~
和PDCP一樣,RLC也可以用UDP封裝指煎,也給出了例子仗阅。
所以先放一放RLC,先看看MAC層吧
除了DCT2000重归,有三種方式:
- UDP封裝米愿,這里有例子http://www.wireshark.org/~martinm/mac_lte_logger.c
- the compact format decoded by the mac-lte-framed dissector.
官方給出了如下這些說(shuō)明,也給出了例子鼻吮。
This shares the same framing format as the UDP format described above. This (BSD-licensed) program gives an example of how you might write MAC-LTE frames directly in a file of this format. Currently, this does not have its own registered DLT, so if (as the same program does) you use DLT 147 you will need to edit the preferences of the DLT_USER dissector (add an entry with DLT=147, Payload Protocol=mac-lte-framed) OR
- 第三種大概是私人定制的感覺(jué)育苟,還沒(méi)研究明白
your own framing protocol. The functions get_mac_lte_proto_data() and set_mac_lte_proto_data() are available for querying and setting the necessary context information associated with a frame.
下面對(duì)前兩種方式的做一些嘗試~
2. UDP封裝方式
2.1 修改設(shè)置
將Preferences里面的Try Heuristic LTE-MAC framing over UDP這一行勾上
2.2 編譯運(yùn)行
過(guò)程類(lèi)似Wireshark解析PDCP-LTE,還是用比較笨的方法解決編譯中的問(wèn)題!
- 去掉
#include "../wireshark/epan/dissectors/packet-mac-lte.h" -
gcc -g -o test pdcp_lte_logger.c編譯椎木,根據(jù)報(bào)錯(cuò)信息违柏,加入了如下代碼段
//#include "../wireshark/epan/dissectors/packet-mac-lte.h"
/* radioType */
#define FDD_RADIO 1
#define TDD_RADIO 2
/* Direction */
#define DIRECTION_UPLINK 0
#define DIRECTION_DOWNLINK 1
/* rntiType */
#define NO_RNTI 0
#define P_RNTI 1
#define RA_RNTI 2
#define C_RNTI 3
#define SI_RNTI 4
#define SPS_RNTI 5
#define M_RNTI 6
/* Signature. Rather than try to define a port for this, or make the
port number a preference, frames will start with this string (with no
terminating NULL */
#define MAC_LTE_START_STRING "mac-lte"
/* Fixed fields. This is followed by the following 3 mandatory fields:
- radioType (1 byte)
- direction (1 byte)
- rntiType (1 byte)
(where the allowed values are defined above */
/* Optional fields. Attaching this info to frames will allow you
to show you display/filter/plot/add-custom-columns on these fields, so should
be added if available.
The format is to have the tag, followed by the value (there is no length field,
it's implicit from the tag) */
#define MAC_LTE_RNTI_TAG 0x02
/* 2 bytes, network order */
#define MAC_LTE_UEID_TAG 0x03
/* 2 bytes, network order */
#define MAC_LTE_FRAME_SUBFRAME_TAG 0x04
/* 2 bytes, network order, SFN is stored in 12 MSB and SF in 4 LSB */
#define MAC_LTE_PREDEFINED_DATA_TAG 0x05
/* 1 byte */
#define MAC_LTE_RETX_TAG 0x06
/* 1 byte */
#define MAC_LTE_CRC_STATUS_TAG 0x07
/* 1 byte */
#define MAC_LTE_EXT_BSR_SIZES_TAG 0x08
/* 0 byte */
#define MAC_LTE_SEND_PREAMBLE_TAG 0x09
/* 2 bytes, RAPID value (1 byte) followed by RACH attempt number (1 byte) */
#define MAC_LTE_CARRIER_ID_TAG 0x0A
/* 1 byte */
#define MAC_LTE_PHY_TAG 0x0B
/* variable length, length (1 byte) then depending on direction
in UL: modulation type (1 byte), TBS index (1 byte), RB length (1 byte),
RB start (1 byte), HARQ id (1 byte), NDI (1 byte)
in DL: DCI format (1 byte), resource allocation type (1 byte), aggregation level (1 byte),
MCS index (1 byte), redundancy version (1 byte), resource block length (1 byte),
HARQ id (1 byte), NDI (1 byte), TB (1 byte), DL reTx (1 byte) */
#define MAC_LTE_SIMULT_PUCCH_PUSCH_PCELL 0x0C
/* 0 byte */
#define MAC_LTE_SIMULT_PUCCH_PUSCH_PSCELL 0x0D
/* 0 byte */
/* MAC PDU. Following this tag comes the actual MAC PDU (there is no length, the PDU
continues until the end of the frame) */
#define MAC_LTE_PAYLOAD_TAG 0x01
- 加完這些代碼還有些小錯(cuò)誤~應(yīng)該將原來(lái)的
mac_lte_logger.c里的
MAC_LTE_SUBFRAME_TAG改為MAC_LTE_FRAME_SUBFRAME_TAG
MAC_LTE_PREDFINED_DATA_TAG改為MAC_LTE_PREDEFINED_DATA_TAG - 再次編譯通過(guò)
-
./test 127.0.0.1 10000運(yùn)行,這里127.0.0.1和10000分別是UDP報(bào)文的目的IP和PORT香椎,可以根據(jù)需求設(shè)定漱竖。
運(yùn)行截圖
3. 說(shuō)不清的方式——the compact format decoded by the mac-lte-framed dissector.
3.1 設(shè)置
edit the preferences of the DLT_USER dissector (add an entry with DLT=147, Payload Protocol=mac-lte-framed)
工具欄edit-->prefrences-->protocol-->DLT_USER
點(diǎn)擊edit,然后按照下圖添加一個(gè)條目~
這樣就OK啦~
3.2 編譯運(yùn)行
還是先看例子mac_pcap_sample_code.c~嘛~下面圖中這幾句話看得我也是醉了畜伐。馍惹。和我一樣把定義從packet-mac-lte.h中粘貼出來(lái)~
在31行左右的位置開(kāi)始,以注釋的方式給出了一個(gè)makefile玛界,直接按照這個(gè)樣式建一個(gè)makefile用著就好了
run: mac_pcap_sample_code
@ ./$?
mac_pcap_sample_code: mac_pcap_sample_code.c
gcc -Wall $? -o $@
clean:
rm -f mac_pcap_sample_code test1.pcap
終端輸入命令make即可編譯運(yùn)行万矾,運(yùn)行后回生成test1.pcap
用wireshark打開(kāi)test1.pcap
