3 * Routines for GTPv2 dissection
4 * Copyright 2009 - 2011, Anders Broman <anders.broman [at] ericcsson.com>
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
25 * Ref: 3GPP TS 29.274 version 8.1.1 Release 8 ETSI TS 129 274 V8.1.1 (2009-04)
36 #include <epan/packet.h>
37 #include <epan/asn1.h>
38 #include <epan/expert.h>
39 #include <epan/sminmpec.h>
41 #include "packet-gsm_a_common.h"
42 #include "packet-gsm_map.h"
43 #include "packet-e164.h"
44 #include "packet-e212.h"
45 #include "packet-s1ap.h"
46 #include "packet-ranap.h"
49 static dissector_handle_t nas_eps_handle;
51 /*GTPv2 Message->GTP Header(SB)*/
52 static int proto_gtpv2 = -1;
54 static int hf_gtpv2_reserved = -1;
55 static int hf_gtpv2_spare_half_octet = -1;
56 static int hf_gtpv2_spare_bits = -1;
57 static int hf_gtpv2_flags = -1;
58 static int hf_gtpv2_version = -1;
59 static int hf_gtpv2_p = -1;
60 static int hf_gtpv2_t = -1;
61 static int hf_gtpv2_message_type = -1;
62 static int hf_gtpv2_msg_length = -1;
63 static int hf_gtpv2_teid = -1;
64 static int hf_gtpv2_seq = -1;
65 static int hf_gtpv2_spare = -1;
68 static int hf_gtpv2_ie = -1;
69 static int hf_gtpv2_ie_len = -1;
70 static int hf_gtpv2_cr = -1;
71 static int hf_gtpv2_instance = -1;
72 static int hf_gtpv2_cause = -1;
73 static int hf_gtpv2_cause_cs = -1;
74 static int hf_gtpv2_cause_bce = -1;
75 static int hf_gtpv2_cause_pce = -1;
76 static int hf_gtpv2_cause_off_ie_t = -1;
77 static int hf_gtpv2_rec = -1;
78 static int hf_gtpv2_apn = -1;
79 static int hf_gtpv2_ebi = -1;
80 static int hf_gtpv2_daf = -1;
81 static int hf_gtpv2_dtf = -1;
82 static int hf_gtpv2_hi = -1;
83 static int hf_gtpv2_dfi = -1;
84 static int hf_gtpv2_oi = -1;
85 static int hf_gtpv2_isrsi = -1;
86 static int hf_gtpv2_israi = -1;
87 static int hf_gtpv2_sgwci = -1;
88 static int hf_gtpv2_sqci = -1;
89 static int hf_gtpv2_uimsi = -1;
90 static int hf_gtpv2_cfsi = -1;
91 static int hf_gtpv2_crsi = -1;
92 static int hf_gtpv2_pt = -1;
93 static int hf_gtpv2_ps = -1;
94 static int hf_gtpv2_si = -1;
95 static int hf_gtpv2_msv = -1;
96 static int hf_gtpv2_ccrsi = -1;
97 static int hf_gtpv2_pdn_type = -1;
98 static int hf_gtpv2_pdn_ipv4 = -1;
99 static int hf_gtpv2_pdn_ipv6_len = -1;
100 static int hf_gtpv2_pdn_ipv6 = -1;
101 static int hf_gtpv2_pdn_numbers_nsapi = -1;
102 static int hf_gtpv2_p_tmsi = -1;
103 static int hf_gtpv2_p_tmsi_sig = -1;
106 static int hf_gtpv2_rat_type = -1;
107 static int hf_gtpv2_uli_ecgi_flg = -1;
108 static int hf_gtpv2_uli_lai_flg = -1;
109 static int hf_gtpv2_uli_tai_flg = -1;
110 static int hf_gtpv2_uli_rai_flg = -1;
111 static int hf_gtpv2_uli_sai_flg = -1;
112 static int hf_gtpv2_uli_cgi_flg = -1;
113 static int hf_gtpv2_cng_rep_act = -1;
115 static int hf_gtpv2_selec_mode = -1;
116 static int hf_gtpv2_source_type = -1;
117 static int hf_gtpv2_f_teid_v4 = -1;
118 static int hf_gtpv2_f_teid_v6 = -1;
119 static int hf_gtpv2_f_teid_interface_type= -1;
120 static int hf_gtpv2_f_teid_gre_key= -1;
121 static int hf_gtpv2_f_teid_ipv4= -1;
122 static int hf_gtpv2_f_teid_ipv6= -1;
123 static int hf_gtpv2_tmsi = -1;
124 static int hf_gtpv2_hsgw_addr_f_len = -1;
125 static int hf_gtpv2_hsgw_addr_ipv4 = -1;
126 static int hf_gtpv2_hsgw_addr_ipv6 = -1;
127 static int hf_gtpv2_gre_key = -1;
128 static int hf_gtpv2_sgw_addr_ipv4 = -1;
129 static int hf_gtpv2_sgw_addr_ipv6 = -1;
130 static int hf_gtpv2_sgw_s1u_teid = -1;
131 static int hf_gtpv2_imsi= -1;
132 static int hf_gtpv2_ipv4_addr = -1;
135 static int hf_gtpv2_ambr_up= -1;
136 static int hf_gtpv2_ambr_down= -1;
137 static int hf_gtpv2_ip_address_ipv4= -1;
138 static int hf_gtpv2_ip_address_ipv6= -1;
139 static int hf_gtpv2_mei= -1;
141 /* Trace Information */
142 static int hf_gtpv2_tra_info = -1;
143 static int hf_gtpv2_tra_info_msc_momt_calls = -1;
144 static int hf_gtpv2_tra_info_msc_momt_sms = -1;
145 static int hf_gtpv2_tra_info_msc_lu_imsi_ad = -1;
146 static int hf_gtpv2_tra_info_msc_handovers = -1;
147 static int hf_gtpv2_tra_info_msc_ss = -1;
148 static int hf_gtpv2_tra_info_mgw_context = -1;
149 static int hf_gtpv2_tra_info_sgsn_pdp_context = -1;
150 static int hf_gtpv2_tra_info_sgsn_momt_sms = -1;
151 static int hf_gtpv2_tra_info_sgsn_rau_gprs_ad = -1;
152 static int hf_gtpv2_tra_info_sgsn_mbms = -1;
153 static int hf_gtpv2_tra_info_sgsn_reserved = -1;
154 static int hf_gtpv2_tra_info_ggsn_pdp = -1;
155 static int hf_gtpv2_tra_info_ggsn_mbms = -1;
156 static int hf_gtpv2_tra_info_bm_sc = -1;
157 static int hf_gtpv2_tra_info_mme_sgw_ss = -1;
158 static int hf_gtpv2_tra_info_mme_sgw_sr = -1;
159 static int hf_gtpv2_tra_info_mme_sgw_iataud = -1;
160 static int hf_gtpv2_tra_info_lne_msc_s = -1;
161 static int hf_gtpv2_tra_info_lne_mgw = -1;
162 static int hf_gtpv2_tra_info_lne_sgsn = -1;
163 static int hf_gtpv2_tra_info_lne_ggsn = -1;
164 static int hf_gtpv2_tra_info_lne_rnc = -1;
165 static int hf_gtpv2_tra_info_lne_bm_sc = -1;
166 static int hf_gtpv2_tra_info_lne_mme = -1;
167 static int hf_gtpv2_tra_info_lne_sgw = -1;
168 static int hf_gtpv2_tra_info_lne_pdn_gw = -1;
169 static int hf_gtpv2_tra_info_lne_enb = -1;
170 static int hf_gtpv2_tra_info_tdl = -1;
171 static int hf_gtpv2_tra_info_lmsc_a = -1;
172 static int hf_gtpv2_tra_info_lmsc_lu = -1;
173 static int hf_gtpv2_tra_info_lmsc_mc = -1;
174 static int hf_gtpv2_tra_info_lmsc_map_g = -1;
175 static int hf_gtpv2_tra_info_lmsc_map_b = -1;
176 static int hf_gtpv2_tra_info_lmsc_map_e = -1;
177 static int hf_gtpv2_tra_info_lmsc_map_f = -1;
178 static int hf_gtpv2_tra_info_lmsc_cap = -1;
179 static int hf_gtpv2_tra_info_lmsc_map_d = -1;
180 static int hf_gtpv2_tra_info_lmsc_map_c = -1;
181 static int hf_gtpv2_tra_info_lmgw_mc = -1;
182 static int hf_gtpv2_tra_info_lmgw_nb_up = -1;
183 static int hf_gtpv2_tra_info_lmgw_lu_up = -1;
184 static int hf_gtpv2_tra_info_lsgsn_gb = -1;
185 static int hf_gtpv2_tra_info_lsgsn_lu = -1;
186 static int hf_gtpv2_tra_info_lsgsn_gn = -1;
187 static int hf_gtpv2_tra_info_lsgsn_map_gr = -1;
188 static int hf_gtpv2_tra_info_lsgsn_map_gd = -1;
189 static int hf_gtpv2_tra_info_lsgsn_map_gf = -1;
190 static int hf_gtpv2_tra_info_lsgsn_gs = -1;
191 static int hf_gtpv2_tra_info_lsgsn_ge = -1;
192 static int hf_gtpv2_tra_info_lggsn_gn = -1;
193 static int hf_gtpv2_tra_info_lggsn_gi = -1;
194 static int hf_gtpv2_tra_info_lggsn_gmb = -1;
195 static int hf_gtpv2_tra_info_lrnc_lu = -1;
196 static int hf_gtpv2_tra_info_lrnc_lur = -1;
197 static int hf_gtpv2_tra_info_lrnc_lub = -1;
198 static int hf_gtpv2_tra_info_lrnc_uu = -1;
199 static int hf_gtpv2_tra_info_lbm_sc_gmb = -1;
200 static int hf_gtpv2_tra_info_lmme_s1_mme = -1;
201 static int hf_gtpv2_tra_info_lmme_s3 = -1;
202 static int hf_gtpv2_tra_info_lmme_s6a = -1;
203 static int hf_gtpv2_tra_info_lmme_s10 = -1;
204 static int hf_gtpv2_tra_info_lmme_s11 = -1;
205 static int hf_gtpv2_tra_info_lsgw_s4 = -1;
206 static int hf_gtpv2_tra_info_lsgw_s5 = -1;
207 static int hf_gtpv2_tra_info_lsgw_s8b = -1;
208 static int hf_gtpv2_tra_info_lsgw_s11 = -1;
209 static int hf_gtpv2_tra_info_lpdn_gw_s2a = -1;
210 static int hf_gtpv2_tra_info_lpdn_gw_s2b = -1;
211 static int hf_gtpv2_tra_info_lpdn_gw_s2c = -1;
212 static int hf_gtpv2_tra_info_lpdn_gw_s5 = -1;
213 static int hf_gtpv2_tra_info_lpdn_gw_s6c = -1;
214 static int hf_gtpv2_tra_info_lpdn_gw_gx = -1;
215 static int hf_gtpv2_tra_info_lpdn_gw_s8b = -1;
216 static int hf_gtpv2_tra_info_lpdn_gw_sgi = -1;
217 static int hf_gtpv2_tra_info_lenb_s1_mme = -1;
218 static int hf_gtpv2_tra_info_lenb_x2 = -1;
219 static int hf_gtpv2_tra_info_lenb_uu = -1;
221 static int hf_gtpv2_address_digits = -1;
222 static int hf_gtpv2_ti = -1;
224 static int hf_gtpv2_bearer_qos_pvi= -1;
225 static int hf_gtpv2_bearer_qos_pl= -1;
226 static int hf_gtpv2_bearer_qos_pci= -1;
227 static int hf_gtpv2_bearer_qos_label_qci = -1;
228 static int hf_gtpv2_bearer_qos_mbr_up = -1;
229 static int hf_gtpv2_bearer_qos_mbr_down = -1;
230 static int hf_gtpv2_bearer_qos_gbr_up = -1;
231 static int hf_gtpv2_bearer_qos_gbr_down = -1;
232 static int hf_gtpv2_flow_qos_label_qci = -1;
233 static int hf_gtpv2_flow_qos_mbr_up = -1;
234 static int hf_gtpv2_flow_qos_mbr_down = -1;
235 static int hf_gtpv2_flow_qos_gbr_up = -1;
236 static int hf_gtpv2_flow_qos_gbr_down = -1;
238 static int hf_gtpv2_delay_value = -1;
239 static int hf_gtpv2_charging_id = -1;
240 static int hf_gtpv2_charging_characteristic = -1;
241 static int hf_gtpv2_bearer_flag_ppc = -1;
242 static int hf_gtpv2_bearer_flag_vb = -1;
243 static int hf_gtpv2_ue_time_zone_dst = -1;
244 static int hf_gtpv2_fq_csid_type = -1;
245 static int hf_gtpv2_fq_csid_nr = -1;
246 static int hf_gtpv2_fq_csid_ipv4 = -1;
247 static int hf_gtpv2_fq_csid_ipv6 = -1;
248 static int hf_gtpv2_fq_csid_id = -1;
249 static int hf_gtpv2_complete_req_msg_type = -1;
250 static int hf_gtpv2_mme_grp_id = -1;
251 static int hf_gtpv2_mme_code = -1;
252 static int hf_gtpv2_m_tmsi = -1;
253 static int hf_gtpv2_container_type = -1;
254 static int hf_gtpv2_cause_type = -1;
255 static int hf_gtpv2_CauseRadioNetwork = -1;
256 static int hf_gtpv2_CauseTransport = -1;
257 static int hf_gtpv2_CauseNas = -1;
258 static int hf_gtpv2_CauseProtocol = -1;
259 static int hf_gtpv2_CauseMisc = -1;
260 static int hf_gtpv2_target_type = -1;
261 static int hf_gtpv2_macro_enodeb_id = -1;
263 static int hf_gtpv2_node_type= -1;
264 static int hf_gtpv2_fqdn = -1;
265 static int hf_gtpv2_enterprise_id = -1;
266 static int hf_gtpv2_apn_rest= -1;
267 static int hf_gtpv2_pti= -1;
268 static int hf_gtpv2_mm_context_sm = -1;
269 static int hf_gtpv2_mm_context_nhi = -1;
270 static int hf_gtpv2_mm_context_drxi = -1;
271 static int hf_gtpv2_mm_context_cksn = -1;
272 static int hf_gtpv2_mm_context_cksn_ksi = -1;
273 static int hf_gtpv2_mm_context_ksi_a= -1;
274 static int hf_gtpv2_mm_context_ksi = -1;
275 static int hf_gtpv2_mm_context_nr_tri = -1;
276 static int hf_gtpv2_mm_context_nr_qui = -1;
277 static int hf_gtpv2_mm_context_nr_qua = -1;
278 static int hf_gtpv2_mm_context_unipa = -1;
279 static int hf_gtpv2_mm_context_unc = -1;
280 static int hf_gtpv2_mm_context_nas_dl_cnt = -1;
281 static int hf_gtpv2_mm_context_nas_ul_cnt = -1;
283 static int hf_gtpv2_uli_cgi_lac= -1;
284 static int hf_gtpv2_uli_cgi_ci= -1;
285 static int hf_gtpv2_uli_sai_lac= -1;
286 static int hf_gtpv2_uli_sai_sac= -1;
287 static int hf_gtpv2_uli_rai_lac= -1;
288 static int hf_gtpv2_uli_rai_rac= -1;
289 static int hf_gtpv2_uli_tai_tac= -1;
290 static int hf_gtpv2_uli_ecgi_eci= -1;
291 static int hf_gtpv2_uli_lai_lac = -1;
292 static int hf_gtpv2_uli_ecgi_eci_spare= -1;
293 static int hf_gtpv2_nsapi = -1;
294 static int hf_gtpv2_bearer_control_mode= -1;
297 static gint ett_gtpv2 = -1;
298 static gint ett_gtpv2_flags = -1;
299 static gint ett_gtpv2_ie = -1;
300 static gint ett_gtpv2_uli_flags = -1;
301 static gint ett_gtpv2_uli_field = -1;
302 static gint ett_gtpv2_bearer_ctx = -1;
303 static gint ett_gtpv2_PDN_conn = -1;
304 static gint ett_gtpv2_mm_context_flag = -1;
305 static gint ett_gtpv2_pdn_numbers_nsapi = -1;
306 static gint ett_gtpv2_tra_info_trigg = -1;
307 static gint ett_gtpv2_tra_info_trigg_msc_server = -1;
308 static gint ett_gtpv2_tra_info_trigg_mgw = -1;
309 static gint ett_gtpv2_tra_info_trigg_sgsn = -1;
310 static gint ett_gtpv2_tra_info_trigg_ggsn = -1;
311 static gint ett_gtpv2_tra_info_trigg_bm_sc = -1;
312 static gint ett_gtpv2_tra_info_trigg_sgw_mme = -1;
313 static gint ett_gtpv2_tra_info_interfaces = -1;
314 static gint ett_gtpv2_tra_info_interfaces_imsc_server = -1;
315 static gint ett_gtpv2_tra_info_interfaces_lmgw = -1;
316 static gint ett_gtpv2_tra_info_interfaces_lsgsn = -1;
317 static gint ett_gtpv2_tra_info_interfaces_lggsn = -1;
318 static gint ett_gtpv2_tra_info_interfaces_lrnc = -1;
319 static gint ett_gtpv2_tra_info_interfaces_lbm_sc = -1;
320 static gint ett_gtpv2_tra_info_interfaces_lmme = -1;
321 static gint ett_gtpv2_tra_info_interfaces_lsgw = -1;
322 static gint ett_gtpv2_tra_info_interfaces_lpdn_gw = -1;
323 static gint ett_gtpv2_tra_info_interfaces_lpdn_lenb = -1;
324 static gint ett_gtpv2_tra_info_ne_types = -1;
327 /* Definition of User Location Info (AVP 22) masks */
328 #define GTPv2_ULI_CGI_MASK 0x01
329 #define GTPv2_ULI_SAI_MASK 0x02
330 #define GTPv2_ULI_RAI_MASK 0x04
331 #define GTPv2_ULI_TAI_MASK 0x08
332 #define GTPv2_ULI_ECGI_MASK 0x10
333 #define GTPv2_ULI_LAI_MASK 0x20
335 #define GTPV2_CREATE_SESSION_REQUEST 32
336 #define GTPV2_CREATE_SESSION_RESPONSE 33
337 #define GTPV2_FORWARD_RELOCATION_REQ 133
338 #define GTPV2_FORWARD_CTX_NOTIFICATION 137
339 static void dissect_gtpv2_ie_common(tvbuff_t * tvb, packet_info * pinfo _U_, proto_tree * tree, gint offset, guint8 message_type);
341 /*Message Types for GTPv2 (Refer Pg19 29.274) (SB)*/
342 static const value_string gtpv2_message_type_vals[] = {
345 {2, "Echo Response"},
346 {3, "Version Not Supported Indication"},
347 /* 4-24 Reserved for S101 interface TS 29.276 */
348 /* 25-31 Reserved for Sv interface TS 29.280 */
349 /* SGSN/MME to PGW (S4/S11, S5/S8) */
350 {32, "Create Session Request"},
351 {33, "Create Session Response"},
352 {34, "Modify Bearer Request"},
353 {35, "Modify Bearer Response"},
354 {36, "Delete Session Request"},
355 {37, "Delete Session Response"},
356 /* SGSN to PGW (S4, S5/S8) */
357 {38, "Change Notification Request"},
358 {39, "Change Notification Response"},
359 /* 40-63 For future use */
360 /* Messages without explicit response */
361 {64, "Modify Bearer Command"}, /* (MME/SGSN to PGW -S11/S4, S5/S8) */
362 {65, "Modify Bearer Failure Indication"}, /*(PGW to MME/SGSN -S5/S8, S11/S4) */
363 {66, "Delete Bearer Command"}, /* (MME to PGW -S11, S5/S8) */
364 {67, "Delete Bearer Failure Indication"}, /* (PGW to MME -S5/S8, S11) */
365 {68, "Bearer Resource Command"}, /* (MME/SGSN to PGW -S11/S4, S5/S8) */
366 {69, "Bearer Resource Failure Indication"}, /* (PGW to MME/SGSN -S5/S8, S11/S4) */
367 {70, "Downlink Data Notification Failure Indication"}, /*(SGSN/MME to SGW -S4/S11) */
368 {71, "Trace Session Activation"},
369 {72, "Trace Session Deactivation"},
370 {73, "Stop Paging Indication"},
371 /* 74-94 For future use */
372 /* PDN-GW to SGSN/MME (S5/S8, S4/S11) */
373 {95, "Create Bearer Request"},
374 {96, "Create Bearer Response"},
375 {97, "Update Bearer Request"},
376 {98, "Update Bearer Response"},
377 {99, "Delete Bearer Request"},
378 {100, "Delete Bearer Response"},
379 /* PGW to MME, MME to PGW, SGW to PGW, SGW to MME (S5/S8, S11) */
380 {101, "Delete PDN Connection Set Request"},
381 {102, "Delete PDN Connection Set Response"},
382 /* 103-127 For future use */
383 /* MME to MME, SGSN to MME, MME to SGSN, SGSN to SGSN (S3/10/S16) */
384 {128, "Identification Request"},
385 {129, "Identification Response"},
386 {130, "Context Request"},
387 {131, "Context Response"},
388 {132, "Context Acknowledge"},
389 {133, "Forward Relocation Request"},
390 {134, "Forward Relocation Response"},
391 {135, "Forward Relocation Complete Notification"},
392 {136, "Forward Relocation Complete Acknowledge"},
393 {137, "Forward Access Context Notification"},
394 {138, "Forward Access Context Acknowledge"},
395 {139, "Relocation Cancel Request"},
396 {140, "Relocation Cancel Response"},
397 {141, "Configuration Transfer Tunnel"},
398 /* 142-148 For future use */
399 /* SGSN to MME, MME to SGSN (S3)*/
400 {149, "Detach Notification"},
401 {150, "Detach Acknowledge"},
402 {151, "CS Paging Indication"},
403 {152, "RAN Information Relay"},
404 {153, "Alert MME Notification"},
405 {154, "Alert MME Acknowledge"},
406 {155, "UE Activity Notification"},
407 {156, "UE Activity Acknowledge"},
408 /* 157 to 159 For future use */
409 /* MME to SGW (S11) */
410 {160, "Create Forwarding Tunnel Request"},
411 {161, "Create Forwarding Tunnel Response"},
412 {162, "Suspend Notification"},
413 {163, "Suspend Acknowledge"},
414 {164, "Resume Notification"},
415 {165, "Resume Acknowledge"},
416 {166, "Create Indirect Data Forwarding Tunnel Request"},
417 {167, "Create Indirect Data Forwarding Tunnel Response"},
418 {168, "Delete Indirect Data Forwarding Tunnel Request"},
419 {169, "Delete Indirect Data Forwarding Tunnel Response"},
420 {170, "Release Access Bearers Request"},
421 {171, "Release Access Bearers Response"},
422 /* 172-175 For future use */
423 /* SGW to SGSN/MME (S4/S11) */
424 {176, "Downlink Data Notification"},
425 {177, "Downlink Data Notification Acknowledgement"},
426 /* SGW to SGSN (S4) */
427 {178, "Update Bearer Complete"},
428 /* 179-191 For future use */
430 {200, "Update PDN Connection Set Request"},
431 {201, "Update PDN Connection Set Response"},
432 /* 202 to 230 For future use */
433 /* MBMS GW to MME/SGSN (Sm/Sn) */
434 {231, "MBMS Session Start Request"},
435 {323, "MBMS Session Start Response"},
436 {233, "MBMS Session Update Request"},
437 {234, "MBMS Session Update Response"},
438 {235, "MBMS Session Stop Request"},
439 {236, "MBMS Session Stop Response"},
440 /* 237 to 239 For future use */
441 /* 240-255 Reserved for GTP-U TS 29.281 [13] */
445 #define GTPV2_IE_RESERVED 0
446 #define GTPV2_IE_IMSI 1
447 #define GTPV2_IE_CAUSE 2
448 #define GTPV2_REC_REST_CNT 3
450 #define GTPV2_AMBR 72
452 #define GTPV2_IP_ADDRESS 74
454 #define GTPV2_IE_MSISDN 76
455 #define GTPV2_INDICATION 77
458 #define GTPV2_BEARER_QOS 80
459 #define GTPV2_IE_FLOW_QOS 81
460 #define GTPV2_IE_RAT_TYPE 82
461 #define GTPV2_IE_SERV_NET 83
462 #define GTPV2_IE_BEARER_TFT 84
463 #define GTPV2_IE_TAD 85
464 #define GTPV2_IE_ULI 86
465 #define GTPV2_IE_F_TEID 87
466 #define GTPV2_IE_TMSI 88
467 #define GTPV2_IE_GLOBAL_CNID 89
468 #define GTPV2_IE_S103PDF 90
469 #define GTPV2_IE_S1UDF 91
470 #define GTPV2_IE_DEL_VAL 92
471 #define GTPV2_IE_BEARER_CTX 93
472 #define GTPV2_IE_CHAR_ID 94
473 #define GTPV2_IE_CHAR_CHAR 95
474 #define GTPV2_IE_TRA_INFO 96
475 #define GTPV2_BEARER_FLAG 97
476 /* define GTPV2_IE_PAGING_CAUSE 98 (void) */
477 #define GTPV2_IE_PDN_TYPE 99
478 #define GTPV2_IE_PTI 100
479 #define GTPV2_IE_DRX_PARAM 101
480 #define GTPV2_IE_UE_NET_CAPABILITY 102
481 #define GTPV2_IE_MM_CONTEXT_GSM_T 103
482 #define GTPV2_IE_MM_CONTEXT_UTMS_CQ 104
483 #define GTPV2_IE_MM_CONTEXT_GSM_CQ 105
484 #define GTPV2_IE_MM_CONTEXT_UTMS_Q 106
485 #define GTPV2_IE_MM_CONTEXT_EPS_QQ 107
486 #define GTPV2_IE_MM_CONTEXT_UTMS_QQ 108
487 #define GTPV2_IE_PDN_CONNECTION 109
488 #define GTPV2_IE_PDN_NUMBERS 110
489 #define GTPV2_IE_P_TMSI 111
490 #define GTPV2_IE_P_TMSI_SIG 112
491 #define GTPV2_IE_HOP_COUNTER 113
492 #define GTPV2_IE_UE_TIME_ZONE 114
493 #define GTPV2_IE_TRACE_REFERENCE 115
494 #define GTPV2_IE_COMPLETE_REQUEST_MSG 116
495 #define GTPV2_IE_GUTI 117
496 #define GTPV2_IE_F_CONTAINER 118
497 #define GTPV2_IE_F_CAUSE 119
498 #define GTPV2_IE_SEL_PLMN_ID 120
499 #define GTPV2_IE_TARGET_ID 121
500 /* GTPV2_IE_NSAPI 122 */
501 #define GTPV2_IE_PKT_FLOW_ID 123
502 #define GTPV2_IE_RAB_CONTEXT 124
503 #define GTPV2_IE_S_RNC_PDCP_CTX_INFO 125
504 #define GTPV2_IE_UDP_S_PORT_NR 126
505 #define GTPV2_IE_APN_RESTRICTION 127
506 #define GTPV2_IE_SEL_MODE 128
507 #define GTPV2_IE_SOURCE_IDENT 129
508 #define GTPV2_IE_BEARER_CONTROL_MODE 130
509 #define GTPV2_IE_CNG_REP_ACT 131
510 #define GTPV2_IE_FQ_CSID 132
511 #define GTPV2_IE_CHANNEL_NEEDED 133
512 #define GTPV2_IE_EMLPP_PRI 134
513 #define GTPV2_IE_NODE_TYPE 135
514 #define GTPV2_IE_FQDN 136
515 #define GTPV2_IE_TI 137
516 #define GTPV2_IE_PRIVATE_EXT 255
519 #define CREATE_NEW_TFT 0X20
520 #define DELETE_TFT 0X40
521 #define ADD_PACKET_FILTERS_TFT 0X60
522 #define REPLACE_PACKET_FILTERS_TFT 0X80
523 #define DELETE_PACKET_FILTERS_TFT 0XA0
524 #define NO_TFT_OPERATION 0XC0
525 #define RESERVED 0XE0
528 /* Table 8.1-1: Information Element types for GTPv2 */
529 static const value_string gtpv2_element_type_vals[] = {
531 {1, "International Mobile Subscriber Identity (IMSI)"}, /* Variable Length / 8.3 */
532 {2, "Cause"}, /* Variable Length / 8.4 */
533 {3, "Recovery (Restart Counter)"}, /* Variable Length / 8.5 */
534 /* 4-50 Reserved for S101 interface Extendable / See 3GPP TS 29.276 [14] */
535 /* 51-70 Reserved for Sv interface Extendable / See 3GPP TS 29.280 [15] */
536 {71, "Access Point Name (APN)"}, /* Variable Length / 8.6 */
537 {72, "Aggregate Maximum Bit Rate (AMBR)"}, /* Fixed Length / 8.7 */
538 {73, "EPS Bearer ID (EBI)"}, /* Extendable / 8.8 */
539 {74, "IP Address"}, /* Extendable / 8.9 */
540 {75, "Mobile Equipment Identity (MEI)"}, /* Variable Length / 8.10 */
541 {76, "MSISDN"}, /* Variable Length / 8.11 */
542 {77, "Indication"}, /* Extendable / 8.12 */
543 {78, "Protocol Configuration Options (PCO)"}, /* Variable Length / 8.13 */
544 {79, "PDN Address Allocation (PAA)"}, /* Variable Length / 8.14 */
545 {80, "Bearer Level Quality of Service (Bearer QoS)"}, /* Variable Length / 8.15 */
546 {81, "Flow Quality of Service (Flow QoS)"}, /* Extendable / 8.16 */
547 {82, "RAT Type"}, /* Extendable / 8.17 */
548 {83, "Serving Network"}, /* Extendable / 8.18 */
549 {84, "EPS Bearer Level Traffic Flow Template (Bearer TFT)"}, /* Variable Length / 8.19 */
550 {85, "Traffic Aggregation Description (TAD)"}, /* Variable Length / 8.20 */
551 {86, "User Location Info (ULI)"}, /* Variable Length / 8.21 */
552 {87, "Fully Qualified Tunnel Endpoint Identifier (F-TEID)"}, /* Extendable / 8.22 */
553 {88, "TMSI"}, /* Variable Length / 8.23 */
554 {89, "Global CN-Id"}, /* Variable Length / 8.24 */
555 {90, "S103 PDN Data Forwarding Info (S103PDF)"}, /* Variable Length / 8.25 */
556 {91, "S1-U Data Forwarding Info (S1UDF)"}, /* Variable Length/ 8.26 */
557 {92, "Delay Value"}, /* Extendable / 8.27 */
558 {93, "Bearer Context"}, /* Extendable / 8.28 */
559 {94, "Charging ID"}, /* Extendable / 8.29 */
560 {95, "Charging Characteristics"}, /* Extendable / 8.30 */
561 {96, "Trace Information"}, /* Extendable / 8.31 */
562 {97, "Bearer Flags"}, /* Extendable / 8.32 */
563 {98, "Paging Cause"}, /* Variable Length / 8.33 */
564 {99, "PDN Type"}, /* Extendable / 8.34 */
565 {100, "Procedure Transaction ID"}, /* Extendable / 8.35 */
566 {101, "DRX Parameter"}, /* Variable Length/ 8.36 */
567 {102, "UE Network Capability"}, /* Variable Length / 8.37 */
568 {103, "MM Context (GSM Key and Triplets)"}, /* Variable Length / 8.38 */
569 {104, "MM Context (UMTS Key, Used Cipher and Quintuplets)"}, /* Variable Length / 8.38 */
570 {105, "MM Context (GSM Key, Used Cipher and Quintuplets)"}, /* Variable Length / 8.38 */
571 {106, "MM Context (UMTS Key and Quintuplets)"}, /* Variable Length / 8.38 */
572 {107, "MM Context (EPS Security Context, Quadruplets and Quintuplets)"}, /* Variable Length / 8.38 */
573 {108, "MM Context (UMTS Key, Quadruplets and Quintuplets)"}, /* Variable Length / 8.38 */
574 {109, "PDN Connection"}, /* Extendable / 8.39 */
575 {110, "PDU Numbers"}, /* Extendable / 8.40 */
576 {111, "P-TMSI"}, /* Variable Length / 8.41 */
577 {112, "P-TMSI Signature"}, /* Variable Length / 8.42 */
578 {113, "Hop Counter"}, /* Extendable / 8.43 */
579 {114, "UE Time Zone"}, /* Variable Length / 8.44 */
580 {115, "Trace Reference"}, /* Fixed Length / 8.45 */
581 {116, "Complete Request Message"}, /* Variable Length / 8.46 */
582 {117, "GUTI"}, /* Variable Length / 8.47 */
583 {118, "F-Container"}, /* Variable Length / 8.48 */
584 {119, "F-Cause"}, /* Variable Length / 8.49 */
585 {120, "Selected PLMN ID"}, /* Variable Length / 8.50 */
586 {121, "Target Identification"}, /* Variable Length / 8.51 */
587 {122, "NSAPI"}, /* Extendable / 8.52 */
588 {123, "Packet Flow ID"}, /* Variable Length / 8.53 */
589 {124, "RAB Context"}, /* Fixed Length / 8.54 */
590 {125, "Source RNC PDCP Context Info"}, /* Variable Length / 8.55 */
591 {126, "UDP Source Port Number"}, /* Extendable / 8.56 */
592 {127, "APN Restriction"}, /* Extendable / 8.57 */
593 {128, "Selection Mode"}, /* Extendable / 8.58 */
594 {129, "Source Identification"}, /* Variable Length / 8.50 */
595 {130, "Bearer Control Mode"}, /* Extendable / 8.60 */
596 {131, "Change Reporting Action"}, /* Variable Length / 8.61 */
597 {132, "Fully Qualified PDN Connection Set Identifier (FQ-CSID)"}, /* Variable Length / 8.62 */
598 {133, "Channel needed"}, /* Extendable / 8.63 */
599 {134, "eMLPP Priority"}, /* Extendable / 8.64 */
600 {135, "Node Type"}, /* Extendable / 8.65 */
601 {136, "Fully Qualified Domain Name (FQDN)"}, /* Variable Length / 8.66 */
602 {137, "Transaction Identifier (TI)"}, /* Variable Length / 8.68 */
603 {138, "MBMS Session"}, /* Duration Extendable / 8.69 */
604 {139, "MBMS Service Area"}, /* Extendable / 8.70 */
605 {140, "MBMS Session Identifier"}, /* Extendable / 8.71 */
606 {141, "MBMS Flow Identifier"}, /* Extendable / 8.72 */
607 {142, "MBMS IP Multicast Distribution"}, /* Extendable / 8.73 */
608 {143, "MBMS Distribution Acknowledge"}, /* Extendable / 8.74 */
609 {144, "RFSP Index"}, /* Fixed Length / 8.77 */
610 {145, "User CSG Information (UCI)"}, /* Extendable / 8.75 */
611 {146, "CSG Information Reporting Action"}, /* Extendable / 8.76 */
612 {147, "CSG ID"}, /* Extendable / 8.78 */
613 {148, "CSG Membership Indication (CMI)"}, /* Extendable / 8.79 */
614 {149, "Service indicator"}, /* Fixed Length / 8.80 */
615 {150, "Detach Type"}, /* Fixed Length / 8.81 */
616 {151, "Local Distiguished Name (LDN)"}, /* Variable / 8.82 */
617 {152, "Node Features"}, /* Extendable / 8.83 */
618 {153, "MBMS Time to Data Transfer"}, /* Extendable / 8.84 */
619 {154, "Throttling"}, /* Extendable / 8.85 */
620 {155, "Allocation/Retention Priority (ARP)"}, /* Extendable / 8.86 */
621 /* 156 to 254 Spare. For future use. */ /* For future use. FFS */
622 {255, "Private"}, /* Extension Extendable / 8.67 */
626 /* Code to dissect IE's */
629 dissect_gtpv2_unknown(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
631 proto_item *expert_item;
633 expert_item = proto_tree_add_text(tree, tvb, 0, length, "IE data not dissected yet");
634 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_NOTE, "IE data not dissected yet");
635 PROTO_ITEM_SET_GENERATED(expert_item);
640 * 8.3 International Mobile Subscriber Identity (IMSI)
642 * IMSI is defined in 3GPP TS 23.003
643 * Editor's note: IMSI coding will be defined in 3GPP TS 24.301
644 * Editor's note: In the first release of GTPv2 spec (TS 29.274v8.0.0) n = 8.
645 * That is, the overall length of the IE is 11 octets.
649 dissect_gtpv2_imsi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
652 const gchar *imsi_str;
654 /* Fetch the BCD encoded digits from tvb low half byte, formating the digits according to
655 * a default digit set of 0-9 returning "?" for overdecadic digits a pointer to the EP
656 * allocated string will be returned.
658 imsi_str = tvb_bcd_dig_to_ep_str( tvb, offset, length, NULL, FALSE);
660 proto_tree_add_string(tree, hf_gtpv2_imsi, tvb, offset, length, imsi_str);
661 proto_item_append_text(item, "%s", imsi_str);
669 /* Table 8.4-1: Cause values */
670 static const value_string gtpv2_cause_vals[] = {
675 {3, "Complete Detach"},
676 {4, "RAT changed from 3GPP to Non-3GPP"},
677 {5, "ISR is activated"},
678 {6, "Error Indication received from RNC/eNodeB"},
679 {7, "IMSI Detach Only"},
680 {8, "Reactivation Requested"},
681 {9, "PDN reconnection to this APN disallowed"},
682 {10, "Access changed from Non-3GPP to 3GPP"},
683 /* 11-15 Spare. This value range is reserved for Cause values in a request message */
689 /* Acceptance Response */
690 {16, "Request accepted"},
691 {17, "Request accepted partially"},
692 {18, "New PDN type due to network preference"},
693 {19, "New PDN type due to single address bearer only"},
694 /* 20-63 Spare. This value range is reserved for Cause values in acceptance response message */
695 /* Rejection Response */
741 {64, "Context Not Found"},
742 {65, "Invalid Message Format"},
743 {66, "Version not supported by next peer"},
744 {67, "Invalid length"},
745 {68, "Service not supported"},
746 {69, "Mandatory IE incorrect"},
747 {70, "Mandatory IE missing"},
748 {71, "Optional IE incorrect"},
749 {72, "System failure"},
750 {73, "No resources available"},
751 {74, "Semantic error in the TFT operation"},
752 {75, "Syntactic error in the TFT operation"},
753 {76, "Semantic errors in packet filter(s)"},
754 {77, "Syntactic errors in packet filter(s)"},
755 {78, "Missing or unknown APN"},
756 {79, "Unexpected repeated IE"},
757 {80, "GRE key not found"},
758 {81, "Reallocation failure"},
759 {82, "Denied in RAT"},
760 {83, "Preferred PDN type not supported"},
761 {84, "All dynamic addresses are occupied"},
762 {85, "UE context without TFT already activated"},
763 {86, "Protocol type not supported"},
764 {87, "UE not responding"},
766 {89, "Service denied"},
767 {90, "Unable to page UE"},
768 {91, "No memory available"},
769 {92, "User authentication failed"},
770 {93, "APN access denied - no subscription"},
771 {94, "Request rejected"},
772 {95, "P-TMSI Signature mismatch"},
773 {96, "IMSI not known"},
774 {97, "Semantic error in the TAD operation"},
775 {98, "Syntactic error in the TAD operation"},
776 {99, "Reserved Message Value Received"},
777 {100, "PGW not responding"},
778 {101, "Collision with network initiated request"},
779 {102, "Unable to page UE due to Suspension"},
780 {103, "Conditional IE missing"},
781 {104, "APN Restriction type Incompatible with currently active PDN connection"},
782 {105, "Invalid overall length of the triggered response message and a piggybacked initial message"},
783 {106, "Data forwarding not supported"},
784 {107, "Invalid reply from remote peer"},
785 {108, "Fallback to GTPv1"},
786 {109, "Invalid peer"},
787 {110, "Temporarily rejected due to handover procedure in progress"},
788 {111, "Modifications not limited to S1-U bearers"},
789 {112, "Request rejected for a PMIPv6 reason "},
790 /* 113-239 Spare. For future use in a triggered/response message */
791 /* 240-255 Spare. For future use in an initial/request message */
795 static value_string_ext gtpv2_cause_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_cause_vals);
797 /* Table 8.4-1: CS (Cause Source) */
798 static const true_false_string gtpv2_cause_cs = {
799 "Originated by remote node",
800 "Originated by node sending the message",
804 dissect_gtpv2_cause(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
809 /* Cause value octet 5 */
810 tmp = tvb_get_guint8(tvb, offset);
811 proto_tree_add_item(tree, hf_gtpv2_cause, tvb, offset, 1, FALSE);
813 /* Add Cause to ie_tree */
814 proto_item_append_text(item, "%s (%u)", val_to_str_ext_const(tmp, >pv2_cause_vals_ext, "Unknown"),tmp);
817 /* Octet 6 Spare PCE BCE CS */
818 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
819 proto_tree_add_item(tree, hf_gtpv2_cause_pce, tvb, offset, 1, FALSE);
820 proto_tree_add_item(tree, hf_gtpv2_cause_bce, tvb, offset, 1, FALSE);
821 proto_tree_add_item(tree, hf_gtpv2_cause_cs, tvb, offset, 1, FALSE);
824 /* If n = 2, a = 0 and the Cause IE shall be 6 octets long.
825 * Therefore, octets "a(n+1) to a(n+4)" will not be present.
826 * If n = 6, a = 1 and the Cause IE will be 10 octets long.
832 * If the rejection is due to a mandatory IE or a verifiable conditional IE is faulty
833 * or missing, the offending IE shall be included within an additional field "a(n+1)
834 * to a(n+4)". Only Type and Instance fields of the offending IE that caused the
835 * rejection have a meaning. The length in the Octet 8-9 and spare bits in the Octet 10
836 * shall be set to "0". In this case, the value of "n" shall be "6".
837 * Otherwise, the value of "n" is equal to "2".
840 /* Type of the offending IE */
841 proto_tree_add_item(tree, hf_gtpv2_cause_off_ie_t, tvb, offset, 1, FALSE);
845 proto_tree_add_item(tree, hf_gtpv2_ie_len, tvb, offset, 2, FALSE);
847 /* a(n+4) Spare Instance */
848 proto_tree_add_bits_item(tree, hf_gtpv2_spare_half_octet, tvb, offset>>3, 4, FALSE);
849 proto_tree_add_item(tree, hf_gtpv2_instance, tvb, offset, 1, FALSE);
855 * 8.5 Recovery (Restart Counter)
858 dissect_gtpv2_recovery(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
863 recovery = tvb_get_guint8(tvb, offset);
864 proto_tree_add_item(tree, hf_gtpv2_rec, tvb, offset, 1, FALSE);
865 proto_item_append_text(item, "%u", recovery);
870 * 8.6 Access Point Name (APN)
871 * The encoding the APN field follows 3GPP TS 23.003 [2] subclause 9.1.
872 * The content of the APN field shall be the full APN with both the APN Network Identifier
873 * and APN Operator Identifier being present as specified in 3GPP TS 23.003 [2]
874 * subclauses 9.1.1 and 9.1.2, 3GPP TS 23.060 [35] Annex A and 3GPP TS 23.401 [3] subclauses 4.3.8.1.
877 dissect_gtpv2_apn(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
884 name_len = tvb_get_guint8(tvb, offset);
886 if (name_len < 0x20) {
887 apn = tvb_get_ephemeral_string(tvb, offset + 1, length - 1);
889 if (name_len >= length - 1)
892 name_len = name_len + apn[tmp] + 1;
896 apn = tvb_get_ephemeral_string(tvb, offset, length);
898 proto_tree_add_string(tree, hf_gtpv2_apn, tvb, offset, length, apn);
901 proto_item_append_text(item, "%s", apn);
906 * 8.7 Aggregate Maximum Bit Rate (AMBR)
910 dissect_gtpv2_ambr(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
914 proto_tree_add_item(tree, hf_gtpv2_ambr_up, tvb, offset, 4, FALSE);
916 proto_tree_add_item(tree, hf_gtpv2_ambr_down, tvb, offset, 4, FALSE);
920 * 8.8 EPS Bearer ID (EBI)
923 dissect_gtpv2_ebi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
929 /* Spare (all bits set to 0) B8 - B5*/
930 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset, 4, FALSE);
931 /* EPS Bearer ID (EBI) B4 - B1 */
932 ebi = tvb_get_guint8(tvb, offset);
933 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 1, FALSE);
934 proto_item_append_text(item, "%u", ebi);
941 dissect_gtpv2_ip_address(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
944 struct e_in6_addr ipv6_addr;
948 proto_tree_add_item(tree, hf_gtpv2_ip_address_ipv4, tvb, offset, length, FALSE);
949 proto_item_append_text(item, "IPv4 %s", tvb_ip_to_str(tvb, offset));
953 proto_tree_add_item(tree, hf_gtpv2_ip_address_ipv6, tvb, offset, length, FALSE);
954 tvb_get_ipv6(tvb, offset, &ipv6_addr);
955 proto_item_append_text(item, "IPv6 %s", ip6_to_str(&ipv6_addr));
959 * 8.10 Mobile Equipment Identity (MEI)
960 * The ME Identity field contains either the IMEI or the IMEISV
961 * as defined in clause 6.2 of 3GPP TS 23.003 [2]. It is encoded
962 * as specified in clause 7.7.53 of 3GPP TS 29.060 [4], beginning
963 * with octet 4 of Figure 7.7.53.1. The IMEI(SV) digits are encoded
964 * using BCD coding where IMEI is 15 BCD digits and IMEISV is 16 BCD
965 * digits. For IMEI, bits 5 to 8 of the last octet shall be filled
966 * with an end mark coded as '1111'.
970 dissect_gtpv2_mei(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
973 const gchar *mei_str;
975 /* Fetch the BCD encoded digits from tvb low half byte, formating the digits according to
976 * a default digit set of 0-9 returning "?" for overdecadic digits a pointer to the EP
977 * allocated string will be returned.
979 mei_str = tvb_bcd_dig_to_ep_str( tvb, 0, length, NULL, FALSE);
981 proto_tree_add_string(tree, hf_gtpv2_mei, tvb, offset, length, mei_str);
982 proto_item_append_text(item, "%s", mei_str);
988 * MSISDN is defined in 3GPP TS 23.003
989 * Editor's note: MSISDN coding will be defined in TS 24.301.
992 dissect_gtpv2_msisdn(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
994 const char *digit_str;
996 /* Octets 5 to (n+4) represent the MSISDN value is in international number format
997 * as described in ITU-T Rec E.164 [25] and 3GPP TS 29.002 [41].
998 * MSISDN value contains only the actual MSISDN number (does not contain the "nature of
999 * address indicator" octet, which indicates "international number"
1000 * as in 3GPP TS 29.002 [41]) and is encoded as TBCD digits, i.e.
1001 * digits from 0 through 9 are encoded "0000" to "1001".
1002 * When there is an odd number of digits, bits 8 to 5 of the last octet are encoded with
1003 * the filler "1111".
1005 dissect_e164_cc(tvb, tree, 0, TRUE);
1006 /* Fetch the BCD encoded digits from tvb low half byte, formating the digits according to
1007 * a default digit set of 0-9 returning "?" for overdecadic digits a pointer to the EP
1008 * allocated string will be returned.
1010 digit_str = tvb_bcd_dig_to_ep_str( tvb, 0, length, NULL, FALSE);
1012 proto_tree_add_string(tree, hf_gtpv2_address_digits, tvb, 0, length, digit_str);
1013 proto_item_append_text(item, "%s", digit_str);
1020 dissect_gtpv2_ind(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1023 /* Octet 5 DAF DTF HI DFI OI ISRSI ISRAI SGWCI */
1024 proto_tree_add_item(tree, hf_gtpv2_daf, tvb, offset, 1, FALSE);
1025 proto_tree_add_item(tree, hf_gtpv2_dtf, tvb, offset, 1, FALSE);
1026 proto_tree_add_item(tree, hf_gtpv2_hi, tvb, offset, 1, FALSE);
1027 proto_tree_add_item(tree, hf_gtpv2_dfi, tvb, offset, 1, FALSE);
1028 proto_tree_add_item(tree, hf_gtpv2_oi, tvb, offset, 1, FALSE);
1029 proto_tree_add_item(tree, hf_gtpv2_isrsi, tvb, offset, 1, FALSE);
1030 proto_tree_add_item(tree, hf_gtpv2_israi, tvb, offset, 1, FALSE);
1031 proto_tree_add_item(tree, hf_gtpv2_sgwci, tvb, offset, 1, FALSE);
1034 proto_tree_add_text(tree, tvb, 0, length, "Older version?, should be 2 octets in 8.0.0");
1038 /* Octet 6 SQCI UIMSI CFSI CRSI P PT SI MSV
1039 * 3GPP TS 29.274 version 9.4.0 Release 9
1041 proto_tree_add_item(tree, hf_gtpv2_sqci, tvb, offset, 1, FALSE);
1042 proto_tree_add_item(tree, hf_gtpv2_uimsi, tvb, offset, 1, FALSE);
1043 proto_tree_add_item(tree, hf_gtpv2_cfsi, tvb, offset, 1, FALSE);
1044 proto_tree_add_item(tree, hf_gtpv2_crsi, tvb, offset, 1, FALSE);
1046 proto_tree_add_item(tree, hf_gtpv2_ps, tvb, offset, 1, FALSE);
1047 proto_tree_add_item(tree, hf_gtpv2_pt, tvb, offset, 1, FALSE);
1048 proto_tree_add_item(tree, hf_gtpv2_si, tvb, offset, 1, FALSE);
1049 proto_tree_add_item(tree, hf_gtpv2_msv, tvb, offset, 1, FALSE);
1051 /* Octet 7 Spare Spare Spare Spare Spare Spare Spare CCRSI */
1052 proto_tree_add_item(tree, hf_gtpv2_ccrsi, tvb, offset, 1, FALSE);
1057 * 8.13 Protocol Configuration Options (PCO)
1058 * Protocol Configuration Options (PCO) is transferred via GTP tunnels. The sending entity copies the value part of the
1059 * PCO into the Value field of the PCO IE. The detailed coding of the PCO field from octets 5 to (n+4) shall be specified
1060 * as per clause 10.5.6.3 of 3GPP TS 24.008 [5], starting with octet 3.
1061 * Dissected in packet-gsm_a_gm.c
1064 dissect_gtpv2_pco(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1066 switch(message_type){
1067 case GTPV2_CREATE_SESSION_REQUEST:
1068 /* PCO options as MS to network direction */
1069 pinfo->link_dir = P2P_DIR_UL;
1071 case GTPV2_CREATE_SESSION_RESPONSE:
1072 /* PCO options as Network to MS direction: */
1073 pinfo->link_dir = P2P_DIR_DL;
1078 de_sm_pco(tvb, tree, pinfo, 0, length, NULL, 0);
1082 * 8.14 PDN Address Allocation (PAA)
1085 static const value_string gtpv2_pdn_type_vals[] = {
1093 dissect_gtpv2_paa(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1097 pdn_type = tvb_get_guint8(tvb, offset);
1098 proto_tree_add_item(tree, hf_gtpv2_pdn_type, tvb, offset, 1, FALSE);
1104 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv4, tvb, offset, 4, FALSE);
1109 /* If PDN type value indicates IPv6, octet 6 contains the IPv6 Prefix Length.
1110 * Octets 7 through 22 contain an IPv6 Prefix and Interface Identifier.
1111 * Bit 8 of octet 7 represents the most significant bit of the IPv6 Prefix
1112 * and Interface Identifier and bit 1 of octet 22 the least significant bit.
1114 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6_len, tvb, offset, 1, FALSE);
1116 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6, tvb, offset, 16, FALSE);
1121 /* If PDN type value indicates IPv4v6, octet 6 contains the IPv6 Prefix Length.
1122 * Octets 7 through 22 contain an IPv6 Prefix and Interface Identifier.
1123 * Bit 8 of octet 7 represents the most significant bit of the IPv6 Prefix
1124 * and Interface Identifier and bit 1 of octet 22 the least significant bit.
1125 * Octets 23 through 26 contain an IPv4 address. Bit 8 of octet 23 represents
1126 * the most significant bit of the IPv4 address and bit 1 of octet 26 the least
1129 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6_len, tvb, offset, 1, FALSE);
1131 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6, tvb, offset, 16, FALSE);
1133 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv4, tvb, offset, 4, FALSE);
1141 * 8.15 Bearer Quality of Service (Bearer QoS)
1145 dissect_gtpv2_bearer_qos(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1148 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_pvi, tvb, offset, 1, FALSE);
1149 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_pl, tvb, offset, 1, FALSE);
1150 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_pci, tvb, offset, 1, FALSE);
1152 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_label_qci, tvb, offset, 1, FALSE);
1154 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_mbr_up, tvb, offset, 5, FALSE);
1156 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_mbr_down, tvb, offset, 5, FALSE);
1158 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_gbr_up, tvb, offset, 5, FALSE);
1160 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_gbr_down, tvb, offset, 5, FALSE);
1165 * 8.16 Flow Quality of Service (Flow QoS)
1169 dissect_gtpv2_flow_qos(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1172 proto_tree_add_item(tree, hf_gtpv2_flow_qos_label_qci, tvb, offset, 1, FALSE);
1174 proto_tree_add_item(tree, hf_gtpv2_flow_qos_mbr_up, tvb, offset, 5, FALSE);
1176 proto_tree_add_item(tree, hf_gtpv2_flow_qos_mbr_down, tvb, offset, 5, FALSE);
1178 proto_tree_add_item(tree, hf_gtpv2_flow_qos_gbr_up, tvb, offset, 5, FALSE);
1180 proto_tree_add_item(tree, hf_gtpv2_flow_qos_gbr_down, tvb, offset, 5, FALSE);
1187 static const value_string gtpv2_rat_type_vals[] = {
1193 {5, "HSPA Evolution"},
1199 static value_string_ext gtpv2_rat_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_rat_type_vals);
1203 dissect_gtpv2_rat_type(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1207 rat_type = tvb_get_guint8(tvb, 0);
1208 proto_tree_add_item(tree, hf_gtpv2_rat_type, tvb, 0, 1, FALSE);
1209 proto_item_append_text(tree, "%s (%u)", val_to_str_ext_const(rat_type, >pv2_rat_type_vals_ext, "Unknown"),rat_type);
1214 * 8.18 Serving Network
1217 dissect_gtpv2_serv_net(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1221 mcc_mnc_str = dissect_e212_mcc_mnc_ep_str(tvb, pinfo, tree, 0, TRUE);
1222 proto_item_append_text(tree,"%s", mcc_mnc_str);
1226 * 8.19 EPS Bearer Level Traffic Flow Template (Bearer TFT)
1230 dissect_gtpv2_bearer_tft(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1232 /* The detailed coding of Traffic Aggregate
1233 * Description is specified in 3GPP TS 24.008 [5] ,
1234 * clause 10.5.6.12, beginning with octet 3..
1235 * Use the decoding in packet-gsm_a_gm.c
1237 de_sm_tflow_temp(tvb, tree, pinfo, 0, length, NULL, 0);
1240 /* 8.20 Traffic Aggregate Description (TAD)
1243 dissect_gtpv2_tad(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1245 /* The detailed coding of Traffic Aggregate
1246 * Description is specified in 3GPP TS 24.008 [5] ,
1247 * clause 10.5.6.12, beginning with octet 3..
1248 * Use the decoding in packet-gsm_a_gm.c
1250 de_sm_tflow_temp(tvb, tree, pinfo, 0, length, NULL, 0);
1254 * 8.21 User Location Info (ULI)
1256 * The flags ECGI, TAI, RAI, SAI and CGI in octed 5 indicate if the corresponding
1257 * fields are present in the IE or not. If one of these flags is set to "0",
1258 * the corresponding field is not present at all. The respective identities are defined in 3GPP
1260 * Editor's Note: The definition of ECGI is missing in 3GPP TS 23.003 v8.1.0.
1261 * It can be found in 3GPP TS 36.413 v8.3.0, but it is expected that it will be moved
1262 * to 23.003 in a future version.
1266 decode_gtpv2_uli(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 instance _U_, guint flags)
1270 proto_tree *part_tree;
1272 /* 8.21.1 CGI field */
1273 if (flags & GTPv2_ULI_CGI_MASK)
1275 proto_item_append_text(item, "CGI ");
1276 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Cell Global Identity (CGI)");
1277 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1278 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1280 proto_tree_add_item(part_tree, hf_gtpv2_uli_cgi_lac, tvb, offset, 2, FALSE);
1281 proto_tree_add_item(part_tree, hf_gtpv2_uli_cgi_ci, tvb, offset, 2, FALSE);
1287 /* 8.21.2 SAI field */
1288 if (flags & GTPv2_ULI_SAI_MASK)
1290 proto_item_append_text(item, "SAI ");
1291 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Service Area Identity (SAI)");
1292 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1293 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1295 proto_tree_add_item(part_tree, hf_gtpv2_uli_sai_lac, tvb, offset, 2, FALSE);
1296 proto_tree_add_item(part_tree, hf_gtpv2_uli_sai_sac, tvb, offset, 2, FALSE);
1301 /* 8.21.3 RAI field */
1302 if (flags & GTPv2_ULI_RAI_MASK)
1304 proto_item_append_text(item, "RAI ");
1305 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Routeing Area Identity (RAI)");
1306 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1307 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1309 proto_tree_add_item(part_tree, hf_gtpv2_uli_rai_lac, tvb, offset, 2, FALSE);
1310 proto_tree_add_item(part_tree, hf_gtpv2_uli_rai_rac, tvb, offset, 2, FALSE);
1315 /* 8.21.4 TAI field */
1316 if (flags & GTPv2_ULI_TAI_MASK)
1318 proto_item_append_text(item, "TAI ");
1319 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Tracking Area Identity (TAI)");
1320 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1321 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1323 proto_tree_add_item(part_tree, hf_gtpv2_uli_tai_tac, tvb, offset, 2, FALSE);
1328 /* 8.21.5 ECGI field */
1329 if (flags & GTPv2_ULI_ECGI_MASK)
1336 proto_item_append_text(item, "ECGI ");
1337 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "E-UTRAN Cell Global Identifier (ECGI)");
1338 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1339 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1341 /* The bits 8 through 5, of octet e+3 (Fig 8.21.5-1 in TS 29.274 V8.2.0) are spare
1342 * and hence they would not make any difference to the hex string following it,
1343 * thus we directly read 4 bytes from the tvb
1346 octet = tvb_get_guint8(tvb,offset);
1347 spare = octet & 0xF0;
1348 octet4 = tvb_get_ntohl(tvb,offset);
1349 ECGI = octet4 & 0x0FFFFFFF;
1350 proto_tree_add_uint(part_tree, hf_gtpv2_uli_ecgi_eci_spare, tvb, offset, 1, spare);
1351 /* The coding of the E-UTRAN cell identifier is the responsibility of each administration.
1352 * Coding using full hexadecimal representation shall be used.
1354 proto_tree_add_uint(part_tree, hf_gtpv2_uli_ecgi_eci, tvb, offset, 4, ECGI);
1355 /*proto_tree_add_item(tree, hf_gtpv2_uli_ecgi_eci, tvb, offset, 4, FALSE);*/
1361 /* 8.21.6 LAI field */
1362 if (flags & GTPv2_ULI_LAI_MASK)
1364 proto_item_append_text(item, "LAI ");
1365 fi = proto_tree_add_text(tree, tvb, offset + 1, 5, "LAI (Location Area Identifier)");
1366 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1367 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1370 /* The Location Area Code (LAC) consists of 2 octets. Bit 8 of Octet f+3 is the most significant bit
1371 * and bit 1 of Octet f+4 the least significant bit. The coding of the location area code is the
1372 * responsibility of each administration. Coding using full hexadecimal representation shall be used.
1374 proto_tree_add_item(part_tree, hf_gtpv2_uli_lai_lac, tvb, offset, 2, FALSE);
1382 dissect_gtpv2_uli(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1384 proto_item *flags_item;
1385 proto_tree *flag_tree;
1389 flags_item = proto_tree_add_text(tree, tvb, offset, 1, "Flags");
1390 flag_tree = proto_item_add_subtree(flags_item, ett_gtpv2_uli_flags);
1391 flags = tvb_get_guint8(tvb,offset)&0x3f;
1392 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset>>3, 2, FALSE);
1395 proto_tree_add_item(flag_tree, hf_gtpv2_uli_lai_flg, tvb, offset, 1, FALSE);
1397 proto_tree_add_item(flag_tree, hf_gtpv2_uli_ecgi_flg, tvb, offset, 1, FALSE);
1399 proto_tree_add_item(flag_tree, hf_gtpv2_uli_tai_flg, tvb, offset, 1, FALSE);
1401 proto_tree_add_item(flag_tree, hf_gtpv2_uli_rai_flg, tvb, offset, 1, FALSE);
1403 proto_tree_add_item(flag_tree, hf_gtpv2_uli_sai_flg, tvb, offset, 1, FALSE);
1405 proto_tree_add_item(flag_tree, hf_gtpv2_uli_cgi_flg, tvb, offset, 1, FALSE);
1407 decode_gtpv2_uli(tvb, pinfo, tree, item, length, instance, flags);
1412 /* Diameter 3GPP AVP Code: 22 3GPP-User-Location-Info */
1415 * 16.4.7.2 Coding 3GPP Vendor-Specific RADIUS attributes
1417 * For P-GW, the Geographic Location Type values and coding are defined as follows:
1422 * 3-127 Spare for future use
1426 * 131-255 Spare for future use
1430 dissect_diameter_3gpp_uli(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_)
1436 length = tvb_length(tvb);
1437 flags_3gpp = tvb_get_guint8(tvb,offset);
1443 flags = GTPv2_ULI_TAI_MASK;
1447 flags = GTPv2_ULI_ECGI_MASK;
1451 flags = GTPv2_ULI_TAI_MASK + GTPv2_ULI_ECGI_MASK;
1458 decode_gtpv2_uli(tvb, pinfo, tree, NULL, length, 0, flags);
1463 * 8.22 Fully Qualified TEID (F-TEID)
1465 static const value_string gtpv2_f_teid_interface_type_vals[] = {
1466 {0, "S1-U eNodeB GTP-U interface"},
1467 {1, "S1-U SGW GTP-U interface"},
1468 {2, "S12 RNC GTP-U interface"},
1469 {3, "S12 SGW GTP-U interface"},
1470 {4, "S5/S8 SGW GTP-U interface"},
1471 {5, "S5/S8 PGW GTP-U interface"},
1472 {6, "S5/S8 SGW GTP-C interface"},
1473 {7, "S5/S8 PGW GTP-C interface"},
1474 {8, "S5/S8 SGW PMIPv6 interface"},/* (the 32 bit GRE key is encoded in 32 bit TEID field "
1475 "and since alternate CoA is not used the control plane and user plane addresses are the same for PMIPv6)"}, */
1476 {9, "S5/S8 PGW PMIPv6 interface"},/* (the 32 bit GRE key is encoded in 32 bit TEID field "
1477 "and the control plane and user plane addresses are the same for PMIPv6)"}, */
1478 {10, "S11 MME GTP-C interface"},
1479 {11, "S11/S4 SGW GTP-C interface"},
1480 {12, "S10 MME GTP-C interface"},
1481 {13, "S3 MME GTP-C interface"},
1482 {14, "S3 SGSN GTP-C interface"},
1483 {15, "S4 SGSN GTP-U interface"},
1484 {16, "S4 SGW GTP-U interface"},
1485 {17, "S4 SGSN GTP-C interface"},
1486 {18, "S16 SGSN GTP-C interface"},
1487 {19, "eNodeB GTP-U interface for DL data forwarding"},
1488 {20, "eNodeB GTP-U interface for UL data forwarding"},
1489 {21, "RNC GTP-U interface for data forwarding"},
1490 {22, "SGSN GTP-U interface for data forwarding"},
1491 {23, "SGW GTP-U interface for data forwarding"},
1492 {24, "Sm MBMS GW GTP-C interface"},
1493 {25, "Sn MBMS GW GTP-C interface"},
1494 {26, "Sm MME GTP-C interface"},
1495 {27, "Sn SGSN GTP-C interface"},
1496 {28, "SGW GTP-U interface for UL data forwarding"},
1497 {29, "Sn SGSN GTP-U interface"},
1498 {30, "S2b ePDG GTP-C interface"},
1499 {31, "S2b-U ePDG GTP-U interface"},
1500 {32, "S2b PGW GTP-C interface"},
1501 {33, "S2b-U PGW GTP-U interface"},
1504 static value_string_ext gtpv2_f_teid_interface_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_f_teid_interface_type_vals);
1506 static const true_false_string gtpv2_f_teid_v4_vals = {
1507 "IPv4 address present",
1508 "IPv4 address not present",
1511 static const true_false_string gtpv2_f_teid_v6_vals = {
1512 "IPv6 address present",
1513 "IPv6 address not present",
1517 dissect_gtpv2_f_teid(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1522 flags = tvb_get_guint8(tvb, offset);
1523 proto_tree_add_item(tree, hf_gtpv2_f_teid_v4, tvb, offset, 1, FALSE);
1524 proto_tree_add_item(tree, hf_gtpv2_f_teid_v6, tvb, offset, 1, FALSE);
1525 proto_tree_add_item(tree, hf_gtpv2_f_teid_interface_type, tvb, offset, 1, FALSE);
1528 proto_tree_add_item(tree, hf_gtpv2_f_teid_gre_key, tvb, offset, 4, FALSE);
1529 proto_item_append_text(tree, "%s, TEID/GRE Key: 0x%s", val_to_str_ext_const((flags & 0x1f), >pv2_f_teid_interface_type_vals_ext, "Unknown"),
1530 tvb_bytes_to_str(tvb, offset, 4));
1535 proto_tree_add_item(tree, hf_gtpv2_f_teid_ipv4, tvb, offset, 4, FALSE);
1536 proto_item_append_text(item, ", IPv4 %s", tvb_ip_to_str(tvb, offset));
1541 proto_tree_add_item(tree, hf_gtpv2_f_teid_ipv6, tvb, offset, 16, FALSE);
1542 proto_item_append_text(item, ", IPv6 %s", tvb_ip6_to_str(tvb, offset));
1550 dissect_gtpv2_tmsi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1552 proto_tree_add_item(tree, hf_gtpv2_tmsi, tvb, 0, 4, FALSE);
1553 proto_tree_add_text(item, tvb, 0, length, "TMSI: %s", tvb_bytes_to_str(tvb, 0, 4));
1558 * 12.3 CN Identifier
1560 * A CN node is uniquely identified within a PLMN by its CN Identifier (CN-Id). The CN-Id together with the PLMN
1561 * identifier globally identifies the CN node. The CN-Id together with the PLMN-Id is used as the CN node identifier in
1562 * RANAP signalling over the Iu interface.
1563 * Global CN-Id = PLMN-Id || CN-Id
1564 * The CN-Id is defined by the operator, and set in the nodes via O&M.
1565 * For the syntax description and the use of this identifier in RANAP signalling, see 3GPP TS 25.413 [17].
1569 dissect_gtpv2_g_cn_id(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1573 dissect_e212_mcc_mnc(tvb, pinfo, tree, 0, TRUE);
1576 /* >CN-ID M INTEGER (0..4095) */
1577 proto_tree_add_text(tree, tvb, offset, 2, "CN-Id: %s",
1578 tvb_bytes_to_str(tvb, offset, 2));
1581 * 8.25 S103 PDN Data Forwarding Info (S103PDF)
1584 dissect_gtpv2_s103pdf(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1586 proto_item *expert_item;
1590 /* The HSGW Address and GRE Key identify a GRE Tunnel towards a HSGW over S103 interface for a specific PDN
1591 * connection of the UE. The EPS Bearer IDs specify the EPS Bearers which require data forwarding that belonging to this
1592 * PDN connection. The number of EPS bearer Ids included is specified by the value of EPS Bearer ID Number.
1594 /* Octet 5 HSGW Address for forwarding Length = m */
1595 m = tvb_get_guint8(tvb, offset);
1596 proto_tree_add_item(tree, hf_gtpv2_hsgw_addr_f_len, tvb, offset, 1, FALSE);
1599 /* 6 to (m+5) HSGW Address for forwarding [4..16] */
1603 proto_tree_add_item(tree, hf_gtpv2_hsgw_addr_ipv4, tvb, offset, 1, FALSE);
1608 proto_tree_add_item(tree, hf_gtpv2_hsgw_addr_ipv6, tvb, offset, 1, FALSE);
1614 expert_item = proto_tree_add_text(tree, tvb, 0, length, "Wrong length %u, should be 4 or 16",m);
1615 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Wrong length %u, should be 4 or 16",m);
1616 PROTO_ITEM_SET_GENERATED(expert_item);
1620 /* (m+6)- to (m+9) GRE Key */
1621 proto_tree_add_item(tree, hf_gtpv2_gre_key, tvb, offset, 4, FALSE);
1624 /* (m+10) EPS Bearer ID Number = k */
1625 k = tvb_get_guint8(tvb, offset);
1626 proto_tree_add_text(tree, tvb, offset, 1, "EPS Bearer ID Number = %d", k);
1629 /* (m+11) to (m+10+k)
1630 * Spare EPS Bearer ID
1632 for ( i = 0; i < k; i++ ){
1633 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
1634 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 1, FALSE);
1641 * 8.26 S1-U Data Forwarding (S1UDF)
1644 dissect_gtpv2_s1udf(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1646 proto_item *expert_item;
1650 /* 5 Spare EPS Bearer ID */
1651 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
1652 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 1, FALSE);
1654 /* 6 Serving GW Address Length = m */
1655 m = tvb_get_guint8(tvb, offset);
1656 proto_tree_add_text(tree, tvb, offset, 1, "Serving GW Address Length = %u", m);
1658 /* 7 to (m+6) Serving GW Address [4..16] */
1662 proto_tree_add_item(tree, hf_gtpv2_sgw_addr_ipv4, tvb, offset, 1, FALSE);
1667 proto_tree_add_item(tree, hf_gtpv2_sgw_addr_ipv6, tvb, offset, 1, FALSE);
1673 expert_item = proto_tree_add_text(tree, tvb, 0, length, "Wrong length %u, should be 4 or 16",m);
1674 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Wrong length %u, should be 4 or 16",m);
1675 PROTO_ITEM_SET_GENERATED(expert_item);
1679 * Serving GW S1-U TEID
1681 proto_tree_add_item(tree, hf_gtpv2_sgw_s1u_teid, tvb, offset, 4, FALSE);
1689 dissect_gtpv2_delay_value(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1694 proto_tree_add_item(tree, hf_gtpv2_delay_value, tvb, offset, 1, FALSE);
1699 * 8.28 Bearer Context (grouped IE)
1703 dissect_gtpv2_bearer_ctx(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree _U_, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1707 proto_tree *grouped_tree;
1709 proto_item_append_text(item, "[Grouped IE]");
1710 grouped_tree = proto_item_add_subtree(item, ett_gtpv2_bearer_ctx);
1712 new_tvb = tvb_new_subset(tvb, offset, length, length );
1713 dissect_gtpv2_ie_common(new_tvb, pinfo, grouped_tree, 0, message_type);
1716 /* 8.29 Charging ID */
1718 dissect_gtpv2_charging_id(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1723 proto_tree_add_item(tree, hf_gtpv2_charging_id, tvb, offset, length, FALSE);
1729 /* 8.30 Charging Characteristics
1730 * The charging characteristics information element is defined in 3GPP TS 32.251 [8]
1731 * and is a way of informing both the SGW and PGW of the rules for producing charging
1732 * information based on operator configured triggers. For the encoding of this
1733 * information element see 3GPP TS 32.298 [9].
1737 dissect_gtpv2_char_char(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1742 proto_tree_add_item(tree, hf_gtpv2_charging_characteristic, tvb, offset, 2, FALSE);
1745 /* These octet(s) is/are present only if explicitly specified */
1746 proto_tree_add_text(tree, tvb, offset, length-2, "Remaining octets");
1754 dissect_gtpv2_bearer_flag(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1759 /* Octet 5 Spare VB PPC */
1760 proto_tree_add_item(tree, hf_gtpv2_bearer_flag_ppc, tvb, offset, length, FALSE);
1761 proto_tree_add_item(tree, hf_gtpv2_bearer_flag_vb, tvb, offset, length, FALSE);
1768 dissect_gtpv2_pdn_type(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
1775 proto_item *expert_item;
1776 expert_item = proto_tree_add_text(tree, tvb, 0, length, "Wrong length indicated. Expected 1, got %u", length);
1777 expert_add_info_format(pinfo, expert_item, PI_MALFORMED, PI_ERROR, "Wrong length indicated. Expected 1, got %u", length);
1778 PROTO_ITEM_SET_GENERATED(expert_item);
1782 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
1783 pdn = tvb_get_guint8(tvb, offset)& 0x7;
1784 proto_tree_add_item(tree, hf_gtpv2_pdn_type, tvb, offset, length, FALSE);
1785 proto_item_append_text(tree, "%s", val_to_str(pdn, gtpv2_pdn_type_vals, "Unknown"));
1790 * 8.31 Trace Information
1793 dissect_gtpv2_tra_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1795 proto_item *trigg, *msc_server, *mgw, *sgsn, *ggsn, *bm_sc, *sgw_mme, *ne_types;
1796 proto_tree *trigg_tree, *msc_server_tree, *mgw_tree, *sgsn_tree, *ggsn_tree, *bm_sc_tree, *sgw_mme_tree, *ne_types_tree;
1797 proto_item *interfaces, *imsc_server, *lmgw, *lsgsn, *lggsn, *lrnc, *lbm_sc, *lmme, *lsgw, *lpdn_gw, *lenb;
1798 proto_tree *interfaces_tree, *imsc_server_tree, *lmgw_tree, *lsgsn_tree, *lggsn_tree, *lrnc_tree, *lbm_sc_tree, *lmme_tree, *lsgw_tree, *lpdn_gw_tree, *lenb_tree;
1801 /*--------------------------------------------------
1802 * guint8 *trace_id = NULL;
1803 *--------------------------------------------------*/
1808 dissect_e212_mcc_mnc(tvb, pinfo, tree, 0, TRUE);
1811 /* Append Trace ID to main tree */
1812 tid = tvb_get_ntohs(tvb, offset);
1813 proto_item_append_text(tree, "Trace ID: %d ", tid);
1816 /*--------------------------------------------------
1817 * trace_id = tvb_format_text(tvb, offset, 2);
1818 * proto_tree_add_string(tree, hf_gtpv2_tra_info, tvb, offset, length, trace_id);
1819 *--------------------------------------------------*/
1820 proto_tree_add_text(tree, tvb, offset, 3, "Trace ID: %d", tid);
1823 /* Triggering Events, put all into a new tree called trigging_tree */
1824 trigg = proto_tree_add_text(tree, tvb, offset, 8, "Trigging Events");
1825 trigg_tree = proto_item_add_subtree(trigg, ett_gtpv2_tra_info_trigg);
1827 /* Create all subtrees */
1828 msc_server = proto_tree_add_text(trigg_tree, tvb, offset, 2, "MSC Server");
1829 msc_server_tree = proto_item_add_subtree(msc_server, ett_gtpv2_tra_info_trigg_msc_server);
1831 mgw = proto_tree_add_text(trigg_tree, tvb, offset + 2, 1, "MGW");
1832 mgw_tree = proto_item_add_subtree(mgw, ett_gtpv2_tra_info_trigg_mgw);
1834 sgsn = proto_tree_add_text(trigg_tree, tvb, offset + 3, 2, "SGSN");
1835 sgsn_tree = proto_item_add_subtree(sgsn, ett_gtpv2_tra_info_trigg_sgsn);
1837 ggsn = proto_tree_add_text(trigg_tree, tvb, offset + 5, 1, "GGSN");
1838 ggsn_tree = proto_item_add_subtree(ggsn, ett_gtpv2_tra_info_trigg_ggsn);
1840 bm_sc = proto_tree_add_text(trigg_tree, tvb, offset + 6, 1, "BM-SC");
1841 bm_sc_tree = proto_item_add_subtree(bm_sc, ett_gtpv2_tra_info_trigg_bm_sc);
1843 sgw_mme = proto_tree_add_text(trigg_tree, tvb, offset + 7, 1, "SGW MME");
1844 sgw_mme_tree = proto_item_add_subtree(sgw_mme, ett_gtpv2_tra_info_trigg_sgw_mme);
1846 /* MSC Server - 2 octets */
1847 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_momt_calls, tvb, offset, 1, FALSE);
1848 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_momt_sms, tvb, offset, 1, FALSE);
1849 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_lu_imsi_ad, tvb, offset, 1, FALSE);
1850 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_handovers, tvb, offset, 1, FALSE);
1851 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_ss, tvb, offset, 1, FALSE);
1852 bit_offset = offset<<3;
1853 proto_tree_add_bits_item(msc_server_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 3, FALSE);
1855 bit_offset = offset<<3;
1856 proto_tree_add_bits_item(msc_server_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 8, FALSE);
1860 proto_tree_add_item(mgw_tree, hf_gtpv2_tra_info_mgw_context, tvb, offset, 1, FALSE);
1861 bit_offset = offset<<3;
1862 proto_tree_add_bits_item(mgw_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 7, FALSE);
1864 /* SGSN - 2 octets */
1865 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_pdp_context, tvb, offset, 1, FALSE);
1866 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_momt_sms, tvb, offset, 1, FALSE);
1867 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_rau_gprs_ad, tvb, offset, 1, FALSE);
1868 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_mbms, tvb, offset, 1, FALSE);
1869 bit_offset = offset<<3;
1870 proto_tree_add_bits_item(sgsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 4, FALSE);
1872 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_reserved, tvb, offset, 1, FALSE);
1873 bit_offset = offset<<3;
1874 proto_tree_add_bits_item(sgsn_tree, hf_gtpv2_reserved, tvb, bit_offset, 8, FALSE);
1876 /* GGSN - 1 octet */
1877 proto_tree_add_item(ggsn_tree, hf_gtpv2_tra_info_ggsn_pdp, tvb, offset, 1, FALSE);
1878 proto_tree_add_item(ggsn_tree, hf_gtpv2_tra_info_ggsn_mbms, tvb, offset, 1, FALSE);
1879 bit_offset = offset<<3;
1880 proto_tree_add_bits_item(ggsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 6, FALSE);
1882 /* BM-SC - 1 octet */
1883 proto_tree_add_item(bm_sc_tree, hf_gtpv2_tra_info_bm_sc, tvb, offset, 1, FALSE);
1884 bit_offset = offset<<3;
1885 proto_tree_add_bits_item(bm_sc_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 7, FALSE);
1887 /* MME/SGW - 1 octet */
1888 proto_tree_add_item(sgw_mme_tree, hf_gtpv2_tra_info_mme_sgw_ss, tvb, offset, 1, FALSE);
1889 proto_tree_add_item(sgw_mme_tree, hf_gtpv2_tra_info_mme_sgw_sr, tvb, offset, 1, FALSE);
1890 proto_tree_add_item(sgw_mme_tree, hf_gtpv2_tra_info_mme_sgw_iataud, tvb, offset, 1, FALSE);
1891 bit_offset = offset<<3;
1892 proto_tree_add_bits_item(sgw_mme_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
1895 /* Create NE Types subtree */
1896 ne_types = proto_tree_add_text(tree, tvb, offset, 2, "List of NE Types");
1897 ne_types_tree = proto_item_add_subtree(ne_types, ett_gtpv2_tra_info_ne_types);
1900 /* List of NE Types */
1901 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_msc_s, tvb, offset, 1, FALSE);
1902 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_mgw, tvb, offset, 1, FALSE);
1903 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_sgsn, tvb, offset, 1, FALSE);
1904 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_ggsn, tvb, offset, 1, FALSE);
1905 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_rnc, tvb, offset, 1, FALSE);
1906 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_bm_sc, tvb, offset, 1, FALSE);
1907 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_mme, tvb, offset, 1, FALSE);
1908 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_sgw, tvb, offset, 1, FALSE);
1910 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_pdn_gw, tvb, offset, 1, FALSE);
1911 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_enb, tvb, offset, 1, FALSE);
1912 bit_offset = offset<<3;
1913 proto_tree_add_bits_item(ne_types_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 6, FALSE);
1916 /* Trace Depth Length */
1917 tdl = tvb_get_guint8(tvb, offset);
1918 proto_tree_add_item(tree, hf_gtpv2_tra_info_tdl, tvb, offset, 1, FALSE);
1922 Will be displayed if length of Trace Depth Length is > 0
1923 The list will only contains UTF8String, RAW DATA */
1925 proto_tree_add_text(tree, tvb, offset, tdl, "Trace Depth List: %s", tvb_bytes_to_str(tvb, offset, tdl));
1928 /* Set up subtree interfaces and put all interfaces under it */
1929 interfaces = proto_tree_add_text(tree, tvb, offset, 12, "List of Interfaces");
1930 interfaces_tree = proto_item_add_subtree(interfaces, ett_gtpv2_tra_info_interfaces);
1932 /* Create all subtrees */
1933 imsc_server = proto_tree_add_text(interfaces_tree, tvb, offset, 2, "MSC Server");
1934 imsc_server_tree = proto_item_add_subtree(imsc_server, ett_gtpv2_tra_info_interfaces_imsc_server);
1936 lmgw = proto_tree_add_text(interfaces_tree, tvb, offset + 2, 1, "MGW");
1937 lmgw_tree = proto_item_add_subtree(lmgw, ett_gtpv2_tra_info_interfaces_lmgw);
1939 lsgsn = proto_tree_add_text(interfaces_tree, tvb, offset + 3, 2, "SGSN");
1940 lsgsn_tree = proto_item_add_subtree(lsgsn, ett_gtpv2_tra_info_interfaces_lsgsn);
1942 lggsn = proto_tree_add_text(interfaces_tree, tvb, offset + 5, 1, "GGSN");
1943 lggsn_tree = proto_item_add_subtree(lggsn, ett_gtpv2_tra_info_interfaces_lggsn);
1945 lrnc = proto_tree_add_text(interfaces_tree, tvb, offset + 6, 1, "RNC");
1946 lrnc_tree = proto_item_add_subtree(lrnc, ett_gtpv2_tra_info_interfaces_lrnc);
1948 lbm_sc = proto_tree_add_text(interfaces_tree, tvb, offset + 7, 1, "BM-SC");
1949 lbm_sc_tree = proto_item_add_subtree(lbm_sc, ett_gtpv2_tra_info_interfaces_lbm_sc);
1951 lmme = proto_tree_add_text(interfaces_tree, tvb, offset + 8, 1, "MME");
1952 lmme_tree = proto_item_add_subtree(lmme, ett_gtpv2_tra_info_interfaces_lmme);
1954 lsgw = proto_tree_add_text(interfaces_tree, tvb, offset + 9, 1, "SGW");
1955 lsgw_tree = proto_item_add_subtree(lsgw, ett_gtpv2_tra_info_interfaces_lsgw);
1957 lpdn_gw = proto_tree_add_text(interfaces_tree, tvb, offset + 10, 1, "PDN GW");
1958 lpdn_gw_tree = proto_item_add_subtree(lpdn_gw, ett_gtpv2_tra_info_interfaces_lpdn_gw);
1960 lenb = proto_tree_add_text(interfaces_tree, tvb, offset + 11, 1, "eNB");
1961 lenb_tree = proto_item_add_subtree(lenb, ett_gtpv2_tra_info_interfaces_lpdn_lenb);
1963 /* MSC Server - 2 octests */
1964 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_a, tvb, offset, 1, FALSE);
1965 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_lu, tvb, offset, 1, FALSE);
1966 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_mc, tvb, offset, 1, FALSE);
1967 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_g, tvb, offset, 1, FALSE);
1968 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_b, tvb, offset, 1, FALSE);
1969 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_e, tvb, offset, 1, FALSE);
1970 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_f, tvb, offset, 1, FALSE);
1971 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_cap, tvb, offset, 1, FALSE);
1973 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_d, tvb, offset, 1, FALSE);
1974 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_c, tvb, offset, 1, FALSE);
1975 bit_offset = offset<<3;
1976 proto_tree_add_bits_item(imsc_server_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 6, FALSE);
1979 proto_tree_add_item(lmgw_tree, hf_gtpv2_tra_info_lmgw_mc, tvb, offset, 1, FALSE);
1980 proto_tree_add_item(lmgw_tree, hf_gtpv2_tra_info_lmgw_nb_up, tvb, offset, 1, FALSE);
1981 proto_tree_add_item(lmgw_tree, hf_gtpv2_tra_info_lmgw_lu_up, tvb, offset, 1, FALSE);
1982 bit_offset = offset<<3;
1983 proto_tree_add_bits_item(lmgw_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
1985 /* SGSN - 2 octets */
1986 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_gb, tvb, offset, 1, FALSE);
1987 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_lu, tvb, offset, 1, FALSE);
1988 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_gn, tvb, offset, 1, FALSE);
1989 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_map_gr, tvb, offset, 1, FALSE);
1990 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_map_gd, tvb, offset, 1, FALSE);
1991 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_map_gf, tvb, offset, 1, FALSE);
1992 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_gs, tvb, offset, 1, FALSE);
1993 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_ge, tvb, offset, 1, FALSE);
1995 bit_offset = offset<<3;
1996 proto_tree_add_bits_item(lsgsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 8, FALSE);
1999 /* GGSN - 1 octet */
2000 proto_tree_add_item(lggsn_tree, hf_gtpv2_tra_info_lggsn_gn, tvb, offset, 1, FALSE);
2001 proto_tree_add_item(lggsn_tree, hf_gtpv2_tra_info_lggsn_gi, tvb, offset, 1, FALSE);
2002 proto_tree_add_item(lggsn_tree, hf_gtpv2_tra_info_lggsn_gmb, tvb, offset, 1, FALSE);
2003 bit_offset = offset<<3;
2004 proto_tree_add_bits_item(lggsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
2007 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_lu, tvb, offset, 1, FALSE);
2008 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_lur, tvb, offset, 1, FALSE);
2009 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_lub, tvb, offset, 1, FALSE);
2010 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_uu, tvb, offset, 1, FALSE);
2011 bit_offset = offset<<3;
2012 proto_tree_add_bits_item(lrnc_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 4, FALSE);
2014 /* BM_SC - 1 octet */
2015 proto_tree_add_item(lbm_sc_tree, hf_gtpv2_tra_info_lbm_sc_gmb, tvb, offset, 1, FALSE);
2016 bit_offset = offset<<3;
2017 proto_tree_add_bits_item(lbm_sc_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 7, FALSE);
2020 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s1_mme, tvb, offset, 1, FALSE);
2021 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s3, tvb, offset, 1, FALSE);
2022 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s6a, tvb, offset, 1, FALSE);
2023 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s10, tvb, offset, 1, FALSE);
2024 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s11, tvb, offset, 1, FALSE);
2025 bit_offset = offset<<3;
2026 proto_tree_add_bits_item(lmme_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 3, FALSE);
2029 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s4, tvb, offset, 1, FALSE);
2030 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s5, tvb, offset, 1, FALSE);
2031 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s8b, tvb, offset, 1, FALSE);
2032 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s11, tvb, offset, 1, FALSE);
2033 bit_offset = offset<<3;
2034 proto_tree_add_bits_item(lsgw_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 4, FALSE);
2036 /* PDN GW - 1 octet */
2037 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s2a, tvb, offset, 1, FALSE);
2038 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s2b, tvb, offset, 1, FALSE);
2039 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s2c, tvb, offset, 1, FALSE);
2040 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s5, tvb, offset, 1, FALSE);
2041 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s6c, tvb, offset, 1, FALSE);
2042 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_gx, tvb, offset, 1, FALSE);
2043 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s8b, tvb, offset, 1, FALSE);
2044 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_sgi, tvb, offset, 1, FALSE);
2047 proto_tree_add_item(lenb_tree, hf_gtpv2_tra_info_lenb_s1_mme, tvb, offset, 1, FALSE);
2048 proto_tree_add_item(lenb_tree, hf_gtpv2_tra_info_lenb_x2, tvb, offset, 1, FALSE);
2049 proto_tree_add_item(lenb_tree, hf_gtpv2_tra_info_lenb_uu, tvb, offset, 1, FALSE);
2050 bit_offset = offset<<3;
2051 proto_tree_add_bits_item(lenb_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
2053 /*--------------------------------------------------
2055 *--------------------------------------------------*/
2057 /* IP Address of Trace Collection Entity */
2058 while ( (offset + 4) <= length ) {
2060 proto_tree_add_item(tree, hf_gtpv2_ipv4_addr, tvb, offset, 4, FALSE);
2066 * 8.33 Void (TS 129 274 V9.4.0 (2010-10))
2069 /* 8.35 Procedure Transaction ID (PTI) */
2071 dissect_gtpv2_pti(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2073 proto_tree_add_item(tree, hf_gtpv2_pti, tvb, 0, 1, FALSE);
2076 * 8.36 DRX Parameter
2079 dissect_gtpv2_drx_param(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2083 /* 36.413 : 9.2.1.17 Paging Cause, void */
2084 proto_tree_add_text(tree, tvb, offset, length, "DRX parameter: %s", tvb_bytes_to_str(tvb, offset, (length )));
2088 * 8.37 UE Network Capability
2089 * UE Network Capability is coded as depicted in Figure 8.37-1. Actual coding of the UE Network Capability field is
2090 * defined in 3GPP TS 24.301
2093 dissect_gtpv2_ue_net_capability(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2095 de_emm_ue_net_cap(tvb, tree, pinfo, 0, length, NULL, 0);
2101 static const value_string gtpv2_mm_context_security_mode[] = {
2102 {0, "GSM Key and Triplets"},
2103 {1, "UMTS Key, Used Cipher and Quintuplets"},
2104 {2, "GSM Key, Used Cipher and Quintuplets"},
2105 {3, "UMTS Key and Quintuplets"},
2106 {4, "EPS Security Context, Quadruplets and Quintuplets" },
2107 {5, "UMTS Key, Quadruplets and Quintuplets"},
2111 static const true_false_string gtpv2_nhi_vals = {
2112 "NH (Next Hop) and NCC (Next Hop Chaining Count) are both present",
2113 "NH (Next Hop) and NCC (Next Hop Chaining Count) not present",
2116 /* Table 8.38-2: Used NAS Cipher Values */
2118 static const value_string gtpv2_mm_context_unc_vals[] = {
2119 {0, "No ciphering"},
2130 /* Table 8.38-4: Used NAS integrity protection algorithm Values */
2131 static const value_string gtpv2_mm_context_unipa_vals[] = {
2132 {0, "No ciphering"},
2145 dissect_gtpv2_mm_context_gsm_t(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree _U_, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2148 proto_tree *flag_tree;
2152 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2153 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2155 /* Security Mode | Spare | DRXI | CKSN */
2156 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2158 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 1, FALSE);
2159 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2160 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_cksn, tvb, offset, 1, FALSE);
2162 /* Number of Triplet | Spare | UAMB RI | SAMB RI */
2163 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_tri, tvb, offset, 1, FALSE);
2164 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2167 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2172 dissect_gtpv2_mm_context_utms_cq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2175 proto_tree *flag_tree;
2179 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2180 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2182 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2184 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2185 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2186 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_cksn_ksi, tvb, offset, 1, FALSE);
2188 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2189 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2192 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2196 dissect_gtpv2_mm_context_gsm_cq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2199 proto_tree *flag_tree;
2204 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2205 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2207 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2209 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2210 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2211 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_cksn_ksi, tvb, offset, 1, FALSE);
2213 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2214 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2217 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2222 dissect_gtpv2_mm_context_utms_q(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2225 proto_tree *flag_tree;
2229 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2230 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2233 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2235 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2236 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2237 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_ksi, tvb, offset, 1, FALSE);
2239 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2240 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2243 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2247 /* EPS Security Context and Quadruplets */
2249 dissect_gtpv2_mm_context_eps_qq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2251 proto_item *flag/*, *auth_qua, *net_cap*/;
2252 proto_tree *flag_tree/*, *auth_qua_tree, *net_cap_tree*/;
2253 guint32 offset/*, nas_dc, nas_uc, i*/;
2254 /*guint8 nhi, drxi, nr_qui, nr_qua, tmp;*/
2258 /*nhi = (tvb_get_guint8(tvb, offset) & 0x10);*/
2259 /*drxi = (tvb_get_guint8(tvb, offset) & 0x08);*/
2261 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2262 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2267 * Security Mode | NHI | DRXI | KSIASME
2269 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2270 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nhi, tvb, offset, 1, FALSE);
2271 /* If NHI (Next Hop Indicator), bit 5 of octet 5, is set to "1",
2272 * then the optional parameters NH (Next Hop) and NCC (Next
2273 * Hop Chaining Count) are both present, otherwise their octets are not present.
2275 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2276 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_ksi_a, tvb, offset, 1, FALSE);
2282 * Number of | Number of | UAMB | OSCI
2283 * Quintuplets | Quadruplet | RI |
2285 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2286 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qua, tvb, offset, 1, FALSE);
2289 /* Used NAS integrity protection algorithm */
2290 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_unipa, tvb, offset, 1, FALSE);
2291 /* Used NAS Cipher */
2292 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_unc, tvb, offset, 1, FALSE);
2295 /* Octet 8-10 NAS Downlink Count*/
2296 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nas_dl_cnt, tvb, offset, 1, FALSE);
2299 /* Octet 11-13 NAS Uplink Count */
2300 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nas_ul_cnt, tvb, offset, 1, FALSE);
2303 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2307 dissect_gtpv2_mm_context_utms_qq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2310 proto_tree *flag_tree;
2314 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2315 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2317 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2319 proto_tree_add_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2320 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2321 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_ksi_a, tvb, offset, 1, FALSE);
2323 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2324 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qua, tvb, offset, 1, FALSE);
2325 proto_tree_add_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 2, FALSE);
2330 * 8.39 PDN Connection (grouped IE)
2333 dissect_gtpv2_PDN_conn(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree _U_, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2336 proto_tree *grouped_tree;
2339 proto_item_append_text(item, "[Grouped IE]");
2340 grouped_tree = proto_item_add_subtree(item, ett_gtpv2_PDN_conn);
2341 new_tvb = tvb_new_subset(tvb, offset, length, length );
2343 dissect_gtpv2_ie_common(tvb, pinfo, grouped_tree, offset, message_type);
2349 dissect_gtpv2_pdn_numbers(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2351 proto_item *nsapi_ti;
2352 proto_tree *nsapi_tree;
2354 guint16 dlgtpu_seq, ulgtpu_seq, send_npdu_nr, rec_npdu_nr;
2357 nsapi = (tvb_get_guint8(tvb, offset) & 0x08);
2358 nsapi_ti = proto_tree_add_text(tree, tvb, offset, 1, "NSAPI: %d", nsapi);
2359 nsapi_tree = proto_item_add_subtree(nsapi_ti, ett_gtpv2_pdn_numbers_nsapi);
2360 proto_tree_add_item(nsapi_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
2361 proto_tree_add_item(nsapi_tree, hf_gtpv2_pdn_numbers_nsapi, tvb, offset, 1, FALSE);
2362 proto_item_append_text(tree, "NSAPI: %u", nsapi);
2365 dlgtpu_seq = tvb_get_ntohs(tvb, offset);
2366 proto_tree_add_text(tree, tvb, offset, 2, "DL GTP-U Sequence Number: %d", dlgtpu_seq);
2369 ulgtpu_seq = tvb_get_ntohs(tvb, offset);
2370 proto_tree_add_text(tree, tvb, offset, 2, "UL GTP-U Sequence Number: %d", ulgtpu_seq);
2373 send_npdu_nr = tvb_get_ntohs(tvb, offset);
2374 proto_tree_add_text(tree, tvb, offset, 2, "Send N-PDU Number: %d", send_npdu_nr);
2377 rec_npdu_nr = tvb_get_ntohs(tvb, offset);
2378 proto_tree_add_text(tree, tvb, offset, 2, "Receive N-PDU Number: %d", rec_npdu_nr);
2381 * 8.41 Packet TMSI (P-TMSI)
2384 dissect_gtpv2_p_tmsi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2389 /* The TMSI consists of 4 octets. It can be coded using a full hexadecimal representation. */
2390 proto_tree_add_item(tree, hf_gtpv2_p_tmsi, tvb, offset, 4, FALSE);
2391 proto_item_append_text(tree, "%s", tvb_bytes_to_str(tvb, offset, 4));
2394 * 8.42 P-TMSI Signature
2397 dissect_gtpv2_p_tmsi_sig(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2401 /* The P-TMSI Signature consists of 3 octets and may be allocated by the SGSN. */
2402 proto_tree_add_item(tree, hf_gtpv2_p_tmsi_sig, tvb, offset, 3, FALSE);
2403 proto_item_append_text(tree, "%s", tvb_bytes_to_str(tvb, offset, 3));
2410 dissect_gtpv2_hop_counter(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2415 hop_counter = tvb_get_guint8(tvb, offset);
2417 proto_tree_add_text(tree, tvb, offset, 1, "Hop Counter: %d", hop_counter);
2418 proto_item_append_text(tree, "%d", hop_counter);
2425 static const value_string gtpv2_ue_time_zone_dst_vals[] = {
2426 {0, "No Adjustments for Daylight Saving Time"},
2427 {1, "+1 Hour Adjustments for Daylight Saving Time"},
2428 {2, "+2 Hour Adjustments for Daylight Saving Time"},
2433 dissect_gtpv2_ue_time_zone(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2438 * UE Time Zone is used to indicate the offset between universal time and local time in steps of 15 minutes of where the
2439 * UE currently resides. The "Time Zone" field uses the same format as the "Time Zone" IE in 3GPP TS 24.008 [5].
2440 * (packet-gsm_a_dtap.c)
2442 de_time_zone(tvb, tree, pinfo, offset, 1, NULL, 0);
2444 proto_tree_add_item(tree, hf_gtpv2_ue_time_zone_dst, tvb, offset, 1, FALSE);
2449 * 8.45 Trace Reference
2452 dissect_gtpv2_trace_reference(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2458 mcc_mnc_str = dissect_e212_mcc_mnc_ep_str(tvb, pinfo, tree, 0, TRUE);
2461 trace_id = tvb_get_ntohs(tvb, offset);
2462 proto_tree_add_text(tree, tvb, offset, 3, "Trace ID: %d", trace_id);
2464 proto_item_append_text(tree,"%s,Trace ID %u", mcc_mnc_str, trace_id);
2467 * 8.46 Complete Request Message
2469 static const value_string gtpv2_complete_req_msg_type_vals[] = {
2470 {0, "Complete Attach Request Message" },
2471 {1, "Complete TAU Request Message" },
2475 dissect_complete_request_msg(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2482 proto_tree_add_item(tree, hf_gtpv2_complete_req_msg_type, tvb, offset, 1, FALSE);
2486 /* Add the Complete Request Message */
2487 new_tvb = tvb_new_subset_remaining(tvb, offset);
2488 call_dissector(nas_eps_handle, new_tvb, pinfo, tree);
2496 dissect_gtpv2_guti(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2502 dissect_e212_mcc_mnc(tvb, pinfo, tree, 0, TRUE);
2505 proto_tree_add_item(tree, hf_gtpv2_mme_grp_id, tvb, offset, 2, FALSE);
2508 proto_tree_add_item(tree, hf_gtpv2_mme_code, tvb, offset, 1, FALSE);
2511 proto_tree_add_item(tree, hf_gtpv2_m_tmsi, tvb, offset,4, FALSE);
2515 * 8.48 Fully Qualified Container (F-Container)
2518 static const value_string gtpv2_container_type_vals[] = {
2519 {1, "UTRAN transparent container"},
2520 {2, "BSS container"},
2521 {3, "E-UTRAN transparent container"},
2527 dissect_gtpv2_F_container(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length,guint8 message_type, guint8 instance _U_)
2531 guint8 container_type;
2533 /* Octets 8 7 6 5 4 3 2 1
2534 * 5 Spare | Container Type
2536 proto_tree_add_item(tree, hf_gtpv2_container_type, tvb, offset, 1, FALSE);
2537 container_type = tvb_get_guint8(tvb,offset);
2539 if(message_type == GTPV2_FORWARD_CTX_NOTIFICATION){
2540 switch(container_type){
2542 /* E-UTRAN transparent container */
2543 tvb_new = tvb_new_subset_remaining(tvb, offset);
2544 dissect_s1ap_ENB_StatusTransfer_TransparentContainer_PDU(tvb_new, pinfo, tree);
2550 /* 7.3.2 Forward Relocation Response
2551 * E-UTRAN Transparent Container
2552 * This IE is conditionally included only during a handover to
2553 * E-UTRAN and contains the radio-related and core network
2554 * information. If the Cause IE contains the value "Request
2555 * accepted", this IE shall be included.
2557 proto_tree_add_text(tree, tvb, offset, length-offset, "Not dissected yet");
2562 * 8.49 Fully Qualified Cause (F-Cause)
2565 static const value_string gtpv2_cause_type_vals[] = {
2566 {0, "Radio Network Layer"},
2567 {1, "Transport Layer"},
2570 {4, "Miscellaneous"},
2584 static value_string_ext gtpv2_cause_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_cause_type_vals);
2587 dissect_gtpv2_F_cause(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2593 /* The value of Instance field of the F-Cause IE in a GTPv2 message shall indicate
2594 * whether the F-Cause field contains RANAP Cause, BSSGP Cause or RAN Cause.
2595 * If the F-Cause field contains RAN Cause, the Cause Type field shall contain
2596 * the RAN cause subcategory as specified in 3GPP TS 36.413 [10] and it shall be
2597 * encoded as in Table 8.49-1.
2598 * If the F-Cause field contains BSSGP Cause or RANAP Cause,
2599 * the Cause Type field shall be ignored by the receiver.
2601 if(message_type == GTPV2_FORWARD_RELOCATION_REQ){
2604 proto_item_append_text(item, "[RAN Cause]");
2605 proto_tree_add_item(tree, hf_gtpv2_cause_type, tvb, offset, 1, FALSE);
2606 cause_type = tvb_get_guint8(tvb,offset);
2610 /* CauseRadioNetwork */
2611 proto_tree_add_item(tree, hf_gtpv2_CauseRadioNetwork, tvb, offset, 1, FALSE);
2614 /* CauseTransport */
2615 proto_tree_add_item(tree, hf_gtpv2_CauseTransport, tvb, offset, 1, FALSE);
2619 proto_tree_add_item(tree, hf_gtpv2_CauseNas, tvb, offset, 1, FALSE);
2623 proto_tree_add_item(tree, hf_gtpv2_CauseProtocol, tvb, offset, 1, FALSE);
2627 proto_tree_add_item(tree, hf_gtpv2_CauseMisc, tvb, offset, 1, FALSE);
2635 proto_item_append_text(item, "[RANAP Cause]");
2638 proto_item_append_text(item, "[BSSGP Cause]");
2644 proto_tree_add_text(tree, tvb, offset, length-offset, "Not dissected yet");
2648 * 8.50 Selected PLMN ID
2651 * The Selected PLMN ID IE contains the core network operator selected for tne UE
2652 * in a shared network. Octets 5-7 shall be encoded as the content part of the
2653 * "Selected PLMN Identity" parameter in 3GPP TS 36.413 [10].
2654 * -The Selected PLMN identity consists of 3 digits from MCC followed by
2655 * either -a filler digit plus 2 digits from MNC (in case of 2 digit MNC) or
2656 * -3 digits from MNC (in case of a 3 digit MNC).
2659 dissect_gtpv2_sel_plmn_id(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2663 mcc_mnc_str = dissect_e212_mcc_mnc_ep_str(tvb, pinfo, tree, 0, TRUE);
2664 proto_item_append_text(tree,"%s", mcc_mnc_str);
2668 * 8.51 Target Identification
2671 static const value_string gtpv2_target_type_vals[] = {
2673 {1, "Macro eNodeB ID"},
2674 {2, "Cell Identifier"},
2675 {3, "Home eNodeB ID"},
2678 static value_string_ext gtpv2_target_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_target_type_vals);
2681 dissect_gtpv2_target_id(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2687 proto_tree_add_item(tree, hf_gtpv2_target_type, tvb, 0, 1, FALSE);
2688 target_type = tvb_get_guint8(tvb,offset);
2690 switch(target_type){
2693 * In this case the Target ID field shall be encoded as the Target
2694 * RNC-ID part of the "Target ID" parameter in 3GPP TS 25.413 [33]. Therefore, the "Choice Target ID" that indicates
2695 * "Target RNC-ID" (numerical value of 0x20) shall not be included (value in octet 5 specifies the target type).
2697 tvb_new = tvb_new_subset_remaining(tvb, offset);
2698 dissect_ranap_TargetRNC_ID_PDU(tvb_new, pinfo, tree);
2702 /* Macro eNodeB ID*/
2703 tvb_new = tvb_new_subset_remaining(tvb, offset);
2704 dissect_e212_mcc_mnc(tvb_new, pinfo, tree, 0, TRUE);
2706 /* The Macro eNodeB ID consists of 20 bits.
2707 * Bit 4 of Octet 4 is the most significant bit and bit 1 of Octet 6 is the least significant bit.
2709 proto_tree_add_item(tree, hf_gtpv2_macro_enodeb_id, tvb, offset, 3, FALSE);
2711 /* Tracking Area Code (TAC) */
2712 proto_tree_add_item(tree, hf_gtpv2_uli_tai_tac, tvb, offset, 2, FALSE);
2716 /* Cell Identifier */
2717 /* Target ID field shall be same as the Octets 3 to 10 of the Cell Identifier IEI
2718 * in 3GPP TS 48.018 [34].
2721 /* Home eNodeB ID */
2722 /* Octet 10 to 12 Home eNodeB ID */
2723 /* Octet 13 to 14 Tracking Area Code (TAC) */
2728 proto_tree_add_text(tree, tvb, offset, length-offset, "Not dissected yet");
2736 * 8.53 Packet Flow ID
2739 dissect_gtpv2_pkt_flow_id(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2743 /* Octet 5 Spare EBI */
2744 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
2745 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 2, FALSE);
2748 /* Packet Flow ID */
2749 proto_tree_add_text(tree, tvb, offset, length, "Packet Flow ID: %s", tvb_bytes_to_str(tvb, offset, length-1));
2756 dissect_gtpv2_rab_context(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2759 guint16 dlgtpu_seq, ulgtpu_seq, dl_pdcp_seq, ul_pdcp_seq;
2762 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
2763 proto_tree_add_item(tree, hf_gtpv2_nsapi, tvb, offset, 1, FALSE);
2765 /* 6 to 7 DL GTP-U Sequence Number */
2766 dlgtpu_seq = tvb_get_ntohs(tvb, offset);
2767 proto_tree_add_text(tree, tvb, offset, 2, "DL GTP-U Sequence Number: %d", dlgtpu_seq);
2770 /* 8 to 9 UL GTP-U Sequence Number */
2771 ulgtpu_seq = tvb_get_ntohs(tvb, offset);
2772 proto_tree_add_text(tree, tvb, offset, 2, "UL GTP-U Sequence Number: %d", ulgtpu_seq);
2775 /* 10 to 11 DL PDCP Sequence Number */
2776 dl_pdcp_seq = tvb_get_ntohs(tvb, offset);
2777 proto_tree_add_text(tree, tvb, offset, 2, "DL PDCP Sequence Number: %d", dl_pdcp_seq);
2780 /* 12 to 13 UL PDCP Sequence Number */
2781 ul_pdcp_seq = tvb_get_ntohs(tvb, offset);
2782 proto_tree_add_text(tree, tvb, offset, 2, "UL PDCP Sequence Number: %d", ul_pdcp_seq);
2787 * 8.55 Source RNC PDCP context info
2790 dissect_gtpv2_s_rnc_pdcp_ctx_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2792 proto_tree_add_text(tree, tvb, 0, length, "RRC Container");
2796 * 8.56 UDP Source Port Number
2799 dissect_udp_s_port_nr(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2801 proto_tree_add_text(tree, tvb, 0, 2, "UPD Source Port Number: %u", tvb_get_ntohs(tvb, 0));
2802 proto_item_append_text(tree, "%u", tvb_get_ntohs(tvb, 0));
2805 * 8.57 APN Restriction
2808 dissect_gtpv2_apn_rest(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2812 type_value = tvb_get_guint8(tvb, 0);
2813 proto_tree_add_item(tree, hf_gtpv2_apn_rest, tvb, 0, 1, FALSE);
2814 proto_item_append_text(item, "value %u", type_value);
2818 * 8.58 Selection Mode
2820 static const value_string gtpv2_selec_mode_vals[] = {
2821 {0, "MS or network provided APN, subscribed verified"},
2822 {1, "MS provided APN, subscription not verified"},
2823 {2, "Network provided APN, subscription not verified"},
2824 {3, "Network provided APN, subscription not verified (Basically for Future use"},
2829 dissect_gtpv2_selec_mode(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2834 ss_mode = tvb_get_guint8(tvb, offset) & 0x03;
2835 proto_tree_add_item(tree, hf_gtpv2_selec_mode, tvb, offset, 1, FALSE);
2836 proto_item_append_text(item, "%s", val_to_str(ss_mode, gtpv2_selec_mode_vals, "Unknown"));
2841 * 8.59 Source Identification
2843 static const value_string gtpv2_source_ident_types[] = {
2846 {2, "eNodeB ID(Reserved, used in erlier v of proto.)"},
2850 dissect_gtpv2_source_ident(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2852 proto_item *expert_item;
2856 /* Octet 5 to 12 Target Cell ID */
2857 de_cell_id(tvb, tree, pinfo, offset, 8, NULL, 0);
2859 /* Octet 13 Source Type */
2860 source_type = tvb_get_guint8(tvb, offset);
2861 proto_tree_add_item(tree, hf_gtpv2_source_type, tvb, offset, 1, FALSE);
2863 /* Octet 14 to (n+4) Source ID */
2864 switch(source_type){
2866 /* The Source Type is Cell ID for PS handover from GERAN A/Gb mode. In this case the coding of the Source ID field
2867 * shall be same as the Octets 3 to 10 of the Cell Identifier IEI in 3GPP TS 48.018 [34].
2869 de_cell_id(tvb, tree, pinfo, offset, 8, NULL, 0);
2873 /* The Source Type is RNC ID for PS handover from GERAN Iu mode or for inter-RAT handover from UTRAN. In this
2874 * case the Source ID field shall be encoded as as the Source RNC-ID part of the "Source ID" parameter in 3GPP TS
2877 /* RNC-ID M INTEGER (0..4095) */
2882 expert_item = proto_tree_add_text(tree, tvb, offset-1, 1, "Unknown source type");
2883 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Unknown source type");
2884 PROTO_ITEM_SET_GENERATED(expert_item);
2890 * 8.60 Bearer Control Mode
2893 static const value_string gtpv2_bearer_control_mode_vals[] = {
2894 {0, "Selected Bearer Control Mode-'MS_only'"},
2895 {1, "Selected Bearer Control Mode-'Network_only'"},
2896 {2, "Selected Bearer Control Mode-'MS/NW'"},
2899 static const value_string gtpv2_bearer_control_mode_short_vals[] = {
2901 {1, "Network_only"},
2907 dissect_gtpv2_bearer_control_mode(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2911 proto_tree_add_item(tree, hf_gtpv2_bearer_control_mode, tvb, 0, 1, FALSE);
2912 /* Add Bearer Control Mode to tree */
2913 bcm = tvb_get_guint8(tvb, 0);
2914 proto_item_append_text(tree, "%s", val_to_str(bcm, gtpv2_bearer_control_mode_short_vals, "Unknown"));
2918 * 8.61 Change Reporting Action
2920 static const value_string gtpv2_cng_rep_act_vals[] = {
2921 {0, "Stop Reporting"},
2922 {1, "Start Reporting CGI/SAI"},
2923 {2, "Start Reporting RAI"},
2924 {3, "Start Reporting TAI"},
2925 {4, "Start Reporting ECGI"},
2926 {5, "Start Reporting CGI/SAI and RAI"},
2927 {6, "Start Reporting TAI and ECGI"},
2932 dissect_gtpv2_cng_rep_act(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
2936 /* Add Action to tree */
2937 action = tvb_get_guint8(tvb, 0);
2938 proto_tree_add_item(tree, hf_gtpv2_cng_rep_act, tvb, 0, 1, FALSE);
2940 proto_item_append_text(tree, "%s", val_to_str(action, gtpv2_cng_rep_act_vals, "Unknown"));
2943 * 8.62 Fully qualified PDN Connection Set Identifier (FQ-CSID)
2945 static const value_string gtpv2_fq_csid_type_vals[] = {
2946 {0, "Global unicast IPv4 address"},
2947 {1, "Global unicast IPv6 address"},
2948 {2, "4 octets long field"},
2954 dissect_gtpv2_fq_csid(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2956 proto_item *expert_item;
2958 guint8 octet,node_id_type, csids;
2959 guint32 node_id, node_id_mcc_mnc;
2961 /* Octet 5 Node-ID Type Number of CSIDs= m */
2963 octet = tvb_get_guint8(tvb, offset);
2964 node_id_type = octet >> 4;
2965 csids = octet & 0x0f;
2966 proto_tree_add_item(tree, hf_gtpv2_fq_csid_type, tvb, offset, 1, FALSE);
2967 proto_tree_add_item(tree, hf_gtpv2_fq_csid_nr, tvb, offset, 1, FALSE);
2970 switch(node_id_type){
2972 /* Indicates that Node-ID is a global unicast IPv4 address and p = 9 */
2973 proto_tree_add_item(tree, hf_gtpv2_fq_csid_ipv4, tvb, offset, 4, FALSE);
2977 /* Indicates that Node-ID is a global unicast IPv6 address and p = 21 */
2978 proto_tree_add_item(tree, hf_gtpv2_fq_csid_ipv6, tvb, offset, 16, FALSE);
2982 /* Node-ID is a 4 octets long field with a 32 bit value stored in network order, and p= 9. The coding
2983 * of the field is specified below:
2984 * - Most significant 20 bits are the binary encoded value of (MCC * 1000 + MNC).
2985 * - Least significant 12 bits is a 12 bit integer assigned by an operator to an MME, SGW or PGW. Other values of
2986 * Node-ID Type are reserved.
2988 node_id = tvb_get_ntohl(tvb, offset);
2989 node_id_mcc_mnc = node_id >> 12;
2990 node_id = node_id & 0xfff;
2991 proto_tree_add_text(tree, tvb, offset, 4, "Node-ID: MCC+MNC %u, Id: %u",node_id_mcc_mnc, node_id);
2995 expert_item = proto_tree_add_text(tree, tvb, offset-1, 1, "Wrong Node-ID Type %u, should be 0-2(Or tis is a newer spec)",node_id_type);
2996 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Wrong Node-ID Type %u, should be 0-2(Or tis is a newer spec)",node_id_type);
2997 PROTO_ITEM_SET_GENERATED(expert_item);
3001 /* First PDN Connection Set Identifier (CSID)
3002 * Second PDN Connection Set Identifier (CSID)
3004 * m-th PDN Connection Set Identifier (CSID)
3008 proto_tree_add_item(tree, hf_gtpv2_fq_csid_id, tvb, offset, 2, FALSE);
3014 * 8.63 Channel needed
3017 dissect_gtpv2_channel_needed(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3020 /* The Channel needed shall be coded as depicted in Figure 8.63-1. Channel needed is coded as the IEI part and the value
3021 * part of the Channel Needed IE defined in 3GPP TS 44.018[28]
3023 de_rr_chnl_needed(tvb, tree, pinfo, 0, length, NULL, 0);
3027 * 8.64 eMLPP Priority
3028 * The eMLPP-Priority shall be coded as depicted in Figure 8.64-1. The eMLPP Priority is coded as the value part of the
3029 * eMLPP-Priority IE defined in 3GPP TS 48.008 [29] (not including 3GPP TS 48.008 IEI and 3GPP TS 48.008 [29]
3030 * length indicator).
3033 dissect_gtpv2_emlpp_pri(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3036 be_emlpp_prio(tvb, tree, pinfo, 0, length, NULL, 0);
3042 static const value_string gtpv2_node_type_vals[] = {
3049 dissect_gtpv2_node_type(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
3054 proto_tree_add_item(tree, hf_gtpv2_node_type, tvb, 0, 1, FALSE);
3055 /* Append Node Type to tree */
3056 node_type = tvb_get_guint8(tvb, 0);
3057 proto_item_append_text(tree, "%s", val_to_str(node_type, gtpv2_node_type_vals, "Unknown"));
3062 * 8.66 Fully Qualified Domain Name (FQDN)
3065 dissect_gtpv2_fqdn(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
3067 int offset = 0, name_len, tmp;
3068 guint8 *fqdn = NULL;
3069 /* The FQDN field encoding shall be identical to the encoding of
3070 * a FQDN within a DNS message of section 3.1 of IETF
3071 * RFC 1035 [31] but excluding the trailing zero byte.
3074 name_len = tvb_get_guint8(tvb, offset);
3076 if (name_len < 0x20) {
3077 fqdn = tvb_get_ephemeral_string(tvb, offset + 1, length - 1);
3079 if (name_len >= length - 1)
3082 name_len = name_len + fqdn[tmp] + 1;
3086 fqdn = tvb_get_ephemeral_string(tvb, offset, length);
3088 proto_tree_add_string(tree, hf_gtpv2_fqdn, tvb, offset, length, fqdn);
3089 proto_item_append_text(item, "%s", fqdn);
3094 * 8.67 Private Extension
3097 dissect_gtpv2_private_ext(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_,guint8 message_type _U_, guint8 instance _U_)
3101 /* oct 5 -7 Enterprise ID */
3102 proto_tree_add_item(tree, hf_gtpv2_enterprise_id, tvb, offset, 2, FALSE);
3104 proto_tree_add_text(tree, tvb, offset, length-2, "Proprietary value");
3108 * 8.68 Transaction Identifier (TI)
3111 dissect_gtpv2_ti(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3114 /* 5 to (n+4) Transaction Identifier */
3115 proto_tree_add_item(tree, hf_gtpv2_ti, tvb, 0, length, FALSE);
3119 typedef struct _gtpv2_ie {
3121 void (*decode) (tvbuff_t *, packet_info *, proto_tree *, proto_item *, guint16, guint8, guint8);
3124 static const gtpv2_ie_t gtpv2_ies[] = {
3125 {GTPV2_IE_IMSI, dissect_gtpv2_imsi},
3126 {GTPV2_IE_CAUSE, dissect_gtpv2_cause}, /* 2, Cause (without embedded offending IE) 8.4 */
3127 {GTPV2_REC_REST_CNT, dissect_gtpv2_recovery}, /* 3, Recovery (Restart Counter) 8.5 */
3128 /* 4-50 Reserved for S101 interface Extendable / See 3GPP TS 29.276 [14] */
3129 /* 51-70 Reserved for Sv interface Extendable / See 3GPP TS 29.280 [15] */
3130 {GTPV2_APN, dissect_gtpv2_apn}, /* 71, Access Point Name (APN) 8.6 */
3131 {GTPV2_AMBR, dissect_gtpv2_ambr}, /* 72, Aggregate Maximum Bit Rate (AMBR) */
3132 {GTPV2_EBI, dissect_gtpv2_ebi}, /* 73, EPS Bearer ID (EBI) 8.8 */
3133 {GTPV2_IP_ADDRESS, dissect_gtpv2_ip_address}, /* 74, IP Address */
3134 {GTPV2_MEI, dissect_gtpv2_mei}, /* 74, Mobile Equipment Identity */
3135 {GTPV2_IE_MSISDN, dissect_gtpv2_msisdn}, /* 76, MSISDN 8.11 */
3136 {GTPV2_INDICATION, dissect_gtpv2_ind}, /* 77 Indication 8.12 */
3137 {GTPV2_PCO, dissect_gtpv2_pco}, /* 78 Protocol Configuration Options (PCO) 8.13 */
3138 {GTPV2_PAA, dissect_gtpv2_paa}, /* 79 PDN Address Allocation (PAA) 8.14 */
3139 {GTPV2_BEARER_QOS,dissect_gtpv2_bearer_qos}, /* 80 Bearer Level Quality of Service (Bearer QoS) 8.15 */
3140 {GTPV2_IE_FLOW_QOS, dissect_gtpv2_flow_qos}, /* 81 Flow Quality of Service (Flow QoS) 8.16 */
3141 {GTPV2_IE_RAT_TYPE, dissect_gtpv2_rat_type}, /* 82, RAT Type 8.17 */
3142 {GTPV2_IE_SERV_NET, dissect_gtpv2_serv_net}, /* 83, Serving Network 8.18 */
3143 {GTPV2_IE_BEARER_TFT, dissect_gtpv2_bearer_tft}, /* 84, Bearer TFT 8.19 */
3144 {GTPV2_IE_TAD, dissect_gtpv2_tad}, /* 85, Traffic Aggregate Description 8.20 */
3145 {GTPV2_IE_ULI, dissect_gtpv2_uli}, /* 86, User Location Info (ULI) 8.22 */
3146 {GTPV2_IE_F_TEID, dissect_gtpv2_f_teid}, /* 87, Fully Qualified Tunnel Endpoint Identifier (F-TEID) 8.23 */
3147 {GTPV2_IE_TMSI, dissect_gtpv2_tmsi}, /* 88, TMSI 8.23 */
3148 {GTPV2_IE_GLOBAL_CNID, dissect_gtpv2_g_cn_id}, /* 89, Global CN-Id 8.25 */
3149 {GTPV2_IE_S103PDF, dissect_gtpv2_s103pdf}, /* 90, S103 PDN Data Forwarding Info (S103PDF) 8.25 */
3150 {GTPV2_IE_S1UDF, dissect_gtpv2_s1udf}, /* 91, S1-U Data Forwarding (S1UDF) 8.26 */
3151 {GTPV2_IE_DEL_VAL, dissect_gtpv2_delay_value}, /* 92, Delay Value 8.29 */
3152 {GTPV2_IE_BEARER_CTX,dissect_gtpv2_bearer_ctx}, /* 93, Bearer Context 8.31 */
3153 {GTPV2_IE_CHAR_ID, dissect_gtpv2_charging_id}, /* 94, Charging Id */
3154 {GTPV2_IE_CHAR_CHAR, dissect_gtpv2_char_char}, /* 95 Charging Characteristic */
3155 {GTPV2_IE_TRA_INFO, dissect_gtpv2_tra_info}, /* 96, Trace Information 8.31 */
3156 {GTPV2_BEARER_FLAG, dissect_gtpv2_bearer_flag}, /* 97, Bearer Flag */
3158 {GTPV2_IE_PDN_TYPE, dissect_gtpv2_pdn_type}, /* 99, PDN Type */
3159 {GTPV2_IE_PTI, dissect_gtpv2_pti}, /* 100, Procedure Transaction Id */
3160 {GTPV2_IE_DRX_PARAM, dissect_gtpv2_drx_param}, /* 101, DRX Parameter 8.36 */
3161 {GTPV2_IE_UE_NET_CAPABILITY, dissect_gtpv2_ue_net_capability}, /* 102, UE network capability 8.37 */
3162 {GTPV2_IE_MM_CONTEXT_GSM_T, dissect_gtpv2_mm_context_gsm_t}, /* 103, MM Context 8.38 GSM Key and Triplets */
3163 {GTPV2_IE_MM_CONTEXT_UTMS_CQ, dissect_gtpv2_mm_context_utms_cq}, /* 104, MM Context 8.38 */
3164 {GTPV2_IE_MM_CONTEXT_GSM_CQ, dissect_gtpv2_mm_context_gsm_cq}, /* 105, MM Context 8.38 */
3165 {GTPV2_IE_MM_CONTEXT_UTMS_Q, dissect_gtpv2_mm_context_utms_q}, /* 106, MM Context 8.38 */
3166 {GTPV2_IE_MM_CONTEXT_EPS_QQ, dissect_gtpv2_mm_context_eps_qq}, /* 107, MM Context 8.38 */
3167 {GTPV2_IE_MM_CONTEXT_UTMS_QQ, dissect_gtpv2_mm_context_utms_qq}, /* 108, MM Context 8.38 */
3168 {GTPV2_IE_PDN_CONNECTION, dissect_gtpv2_PDN_conn}, /* 109, PDN Connection */
3169 {GTPV2_IE_PDN_NUMBERS, dissect_gtpv2_pdn_numbers}, /* 110, PDN Numbers 8.40 */
3170 {GTPV2_IE_P_TMSI, dissect_gtpv2_p_tmsi}, /* 111, P-TMSI 8.41 */
3171 {GTPV2_IE_P_TMSI_SIG, dissect_gtpv2_p_tmsi_sig}, /* 112, P-TMSI Signature 8.42 */
3172 {GTPV2_IE_HOP_COUNTER, dissect_gtpv2_hop_counter}, /* 113, Hop Counter 8.43 */
3173 {GTPV2_IE_UE_TIME_ZONE, dissect_gtpv2_ue_time_zone}, /* 114, UE Time Zone */
3174 {GTPV2_IE_TRACE_REFERENCE, dissect_gtpv2_trace_reference}, /* 115, Trace Reference 8.45 */
3175 {GTPV2_IE_COMPLETE_REQUEST_MSG, dissect_complete_request_msg}, /* 116, Complete Request message 8.46 */
3176 {GTPV2_IE_GUTI, dissect_gtpv2_guti}, /* 117, GUTI 8.47 */
3177 {GTPV2_IE_F_CONTAINER, dissect_gtpv2_F_container}, /* 118, Fully Qualified Container (F-Container) */
3178 {GTPV2_IE_F_CAUSE, dissect_gtpv2_F_cause}, /* 119, Fully Qualified Cause (F-Cause) */
3179 {GTPV2_IE_SEL_PLMN_ID, dissect_gtpv2_sel_plmn_id}, /* 120, Selected PLMN ID 8.50 */
3180 {GTPV2_IE_TARGET_ID, dissect_gtpv2_target_id}, /* 121, Target Identification */
3181 /* 122, Void 8.52 */
3182 {GTPV2_IE_PKT_FLOW_ID, dissect_gtpv2_pkt_flow_id}, /* 123, Packet Flow ID 8.53 */
3183 {GTPV2_IE_RAB_CONTEXT, dissect_gtpv2_rab_context}, /* 124, RAB Context 8.54 */
3184 {GTPV2_IE_S_RNC_PDCP_CTX_INFO, dissect_gtpv2_s_rnc_pdcp_ctx_info}, /* 125, Source RNC PDCP context info 8.55 */
3185 {GTPV2_IE_UDP_S_PORT_NR, dissect_udp_s_port_nr}, /* 126, UDP Source Port Number 8.56 */
3186 {GTPV2_IE_APN_RESTRICTION, dissect_gtpv2_apn_rest}, /* 127, APN Restriction */
3187 {GTPV2_IE_SEL_MODE,dissect_gtpv2_selec_mode}, /* 128 Selection Mode */
3188 {GTPV2_IE_SOURCE_IDENT, dissect_gtpv2_source_ident}, /* 129, Source Identification 8.59 */
3189 {GTPV2_IE_BEARER_CONTROL_MODE,dissect_gtpv2_bearer_control_mode}, /* 130 Bearer Control Mode*/
3190 {GTPV2_IE_CNG_REP_ACT ,dissect_gtpv2_cng_rep_act}, /* 131 Change Reporting Action 8.61 */
3191 {GTPV2_IE_FQ_CSID, dissect_gtpv2_fq_csid}, /* 132, Fully Qualified PDN Connection Set Identifier (FQ-CSID) 8.62 */
3192 {GTPV2_IE_CHANNEL_NEEDED, dissect_gtpv2_channel_needed}, /* 133, Channel Needed 8.63 */
3193 {GTPV2_IE_EMLPP_PRI, dissect_gtpv2_emlpp_pri}, /* 134, eMLPP Priority 8.64 */
3194 {GTPV2_IE_NODE_TYPE ,dissect_gtpv2_node_type}, /* 135 Node Type 8.65 */
3195 {GTPV2_IE_FQDN, dissect_gtpv2_fqdn}, /* 136 8.66 Fully Qualified Domain Name (FQDN) */
3196 {GTPV2_IE_TI, dissect_gtpv2_ti}, /* 137 8.68 Transaction Identifier (TI) */
3197 /* 137-254 Spare. For future use. FFS */
3198 {GTPV2_IE_PRIVATE_EXT,dissect_gtpv2_private_ext},
3201 {0, dissect_gtpv2_unknown}
3207 dissect_gtpv2_ie_common(tvbuff_t * tvb, packet_info * pinfo _U_, proto_tree * tree, gint offset, guint8 message_type)
3209 proto_tree *ie_tree;
3212 guint8 type, instance;
3216 * Octets 8 7 6 5 4 3 2 1
3219 * 4 CR Spare Instance
3220 * 5-(n+4) IE specific data
3222 while(offset < (gint)tvb_reported_length(tvb)){
3223 /* Get the type and length */
3224 type = tvb_get_guint8(tvb,offset);
3225 length = tvb_get_ntohs(tvb, offset+1);
3226 ti = proto_tree_add_text(tree, tvb, offset, 4 + length, "%s : ", val_to_str(type, gtpv2_element_type_vals, "Unknown"));
3227 ie_tree = proto_item_add_subtree(ti, ett_gtpv2_ie);
3229 proto_tree_add_item(ie_tree, hf_gtpv2_ie, tvb, offset, 1, FALSE);
3233 proto_tree_add_item(ie_tree, hf_gtpv2_ie_len, tvb, offset, 2, FALSE);
3235 /* CR Spare Instance Octet 4*/
3236 proto_tree_add_item(ie_tree, hf_gtpv2_cr, tvb, offset, 1, FALSE);
3238 instance = tvb_get_guint8(tvb,offset)& 0x0f;
3239 proto_tree_add_item(ie_tree, hf_gtpv2_instance, tvb, offset, 1, FALSE);
3242 /* TODO: call IE dissector here */
3243 if(type==GTPV2_IE_RESERVED){
3244 /* Treat IE type zero specal as type zero is used to end the loop in the else branch */
3245 proto_tree_add_text(ie_tree, tvb, offset, length, "IE type Zero is Reserved and should not be used");
3248 /* Loop over the IE dissector list to se if we find an entry, the last entry will have ie_type=0 breaking the loop */
3249 while (gtpv2_ies[++i].ie_type){
3250 if (gtpv2_ies[i].ie_type == type)
3253 /* Just give the IE dissector the IE */
3254 ie_tvb = tvb_new_subset_remaining(tvb, offset);
3255 (*gtpv2_ies[i].decode) (ie_tvb, pinfo , ie_tree, ti, length, message_type, instance);
3258 offset = offset + length;
3263 dissect_gtpv2(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree)
3265 proto_tree *gtpv2_tree, *flags_tree;
3266 proto_item *ti, *tf;
3267 guint8 message_type, t_flag;
3271 /* Currently we get called from the GTP dissector no need to check the version */
3272 col_set_str(pinfo->cinfo, COL_PROTOCOL, "GTPv2");
3273 col_clear(pinfo->cinfo, COL_INFO);
3275 /* message type is in octet 2 */
3276 message_type = tvb_get_guint8(tvb,1);
3277 col_add_str(pinfo->cinfo, COL_INFO, val_to_str(message_type, gtpv2_message_type_vals, "Unknown"));
3280 proto_tree_add_item(tree, proto_gtpv2, tvb, offset, -1, FALSE);
3283 ti = proto_tree_add_text(tree, tvb, offset, -1, "%s", val_to_str(message_type, gtpv2_message_type_vals, "Unknown"));
3284 gtpv2_tree = proto_item_add_subtree(ti, ett_gtpv2);
3286 /* Control Plane GTP uses a variable length header. Control Plane GTP header
3287 * length shall be a multiple of 4 octets.
3288 * Figure 5.1-1 illustrates the format of the GTPv2-C Header.
3289 * Bits 8 7 6 5 4 3 2 1
3290 * Octets 1 Version P T Spare Spare Spare
3292 * 3 Message Length (1st Octet)
3293 * 4 Message Length (2nd Octet)
3294 * m-k(m+3) If T flag is set to 1, then TEID shall be placed into octets 5-8.
3295 * Otherwise, TEID field is not present at all.
3296 * n-(n+2) Sequence Number
3298 * Figure 5.1-1: General format of GTPv2 Header for Control Plane
3300 tf = proto_tree_add_item(gtpv2_tree, hf_gtpv2_flags, tvb, offset, 1, FALSE);
3301 flags_tree = proto_item_add_subtree(tf, ett_gtpv2_flags);
3304 t_flag = (tvb_get_guint8(tvb,offset) & 0x08)>>3;
3305 proto_tree_add_item(flags_tree, hf_gtpv2_version, tvb, offset, 1, FALSE);
3306 proto_tree_add_item(flags_tree, hf_gtpv2_p, tvb, offset, 1, FALSE);
3307 proto_tree_add_item(flags_tree, hf_gtpv2_t, tvb, offset, 1, FALSE);
3311 proto_tree_add_item(gtpv2_tree, hf_gtpv2_message_type, tvb, offset, 1, FALSE);
3314 proto_tree_add_item(gtpv2_tree, hf_gtpv2_msg_length, tvb, offset, 2, FALSE);
3318 /* Tunnel Endpoint Identifier 4 octets */
3319 proto_tree_add_item(gtpv2_tree, hf_gtpv2_teid, tvb, offset, 4, FALSE);
3322 /* Sequence Number 3 octets */
3323 proto_tree_add_item(gtpv2_tree, hf_gtpv2_seq, tvb, offset, 3, FALSE);
3327 proto_tree_add_item(gtpv2_tree, hf_gtpv2_spare, tvb, offset, 1, FALSE);
3330 dissect_gtpv2_ie_common(tvb, pinfo, gtpv2_tree, offset, message_type);
3335 void proto_register_gtpv2(void)
3337 static hf_register_info hf_gtpv2[] = {
3338 { &hf_gtpv2_reserved,
3339 {"Reserved bit(s)", "gtpv2.reserved",
3340 FT_UINT8, BASE_DEC, NULL, 0x0,
3343 { &hf_gtpv2_spare_half_octet,
3344 {"Spare half octet", "gtpv2.spare_half_octet",
3345 FT_UINT8, BASE_DEC, NULL, 0x0,
3348 { &hf_gtpv2_spare_bits,
3349 {"Spare bit(s)", "gtpv2.spare_bits",
3350 FT_UINT8, BASE_DEC, NULL, 0x0,
3354 {"Flags", "gtpv2.flags",
3355 FT_UINT8, BASE_DEC, NULL, 0x0,
3359 {"Version", "gtpv2.version",
3360 FT_UINT8, BASE_DEC, NULL, 0xe0,
3365 FT_UINT8, BASE_DEC, NULL, 0x10,
3366 "If Piggybacked message is present or not", HFILL}
3370 FT_UINT8, BASE_DEC, NULL, 0x08,
3371 "If TEID field is present or not", HFILL}
3373 { &hf_gtpv2_message_type,
3374 {"Message Type", "gtpv2.message_type",
3375 FT_UINT8, BASE_DEC, VALS(gtpv2_message_type_vals), 0x0,
3378 { &hf_gtpv2_msg_length,
3379 {"Message Length", "gtpv2.msg_lengt",
3380 FT_UINT16, BASE_DEC, NULL, 0x0,
3384 {"Tunnel Endpoint Identifier", "gtpv2.teid",
3385 FT_UINT32, BASE_DEC, NULL, 0x0,
3389 {"Sequence Number", "gtpv2.seq",
3390 FT_UINT32, BASE_DEC, NULL, 0x0,
3394 {"Spare", "gtpv2.spare",
3395 FT_UINT16, BASE_DEC, NULL, 0x0,
3399 {"IE Type", "gtpv2.ie_type",
3400 FT_UINT8, BASE_DEC, VALS(gtpv2_element_type_vals), 0x0,
3404 {"IE Length", "gtpv2.ie_len",
3405 FT_UINT16, BASE_DEC, NULL, 0x0,
3406 "length of the information element excluding the first four octets", HFILL}
3409 {"CR flag", "gtpv2.cr",
3410 FT_UINT8, BASE_DEC, NULL, 0xe0,
3413 { &hf_gtpv2_instance,
3414 {"Instance", "gtpv2.instance",
3415 FT_UINT8, BASE_DEC, NULL, 0x0f,
3419 {"IMSI(International Mobile Subscriber Identity number)", "gtpv2.imsi",
3420 FT_STRING, BASE_NONE, NULL, 0,
3423 { &hf_gtpv2_ipv4_addr,
3424 {"IPv4 Address", "gtpv2.ipv4_addr",
3425 FT_IPv4, BASE_NONE, NULL, 0x0,
3429 {"Cause", "gtpv2.cause",
3430 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_cause_vals_ext, 0x0,
3433 {&hf_gtpv2_cause_cs,
3434 {"CS (Cause Source)","gtpv2.cs",
3435 FT_BOOLEAN, 8, TFS(>pv2_cause_cs), 0x01,
3438 { &hf_gtpv2_cause_bce,
3439 {"BCE (Bearer Context IE Error)","gtpv2.bce",
3440 FT_BOOLEAN, 8, NULL, 0x02,
3443 { &hf_gtpv2_cause_pce,
3444 {"PCE (PDN Connection IE Error)","gtpv2.pce",
3445 FT_BOOLEAN, 8, NULL, 0x04,
3448 { &hf_gtpv2_cause_off_ie_t,
3449 {"Type of the offending IE", "gtpv2.cause_off_ie_t",
3450 FT_UINT8, BASE_DEC, VALS(gtpv2_element_type_vals), 0x0,
3454 {"Restart Counter", "gtpv2.rec",
3455 FT_UINT8, BASE_DEC, NULL, 0x0,
3459 {"APN (Access Point Name)", "gtpv2.apn",
3460 FT_STRING, BASE_NONE, NULL, 0x0,
3464 {"AMBR Uplink (Aggregate Maximum Bit Rate for Uplink)", "gtpv2.ambr_up",
3465 FT_UINT32, BASE_DEC, NULL, 0x0,
3468 {&hf_gtpv2_ambr_down,
3469 {"AMBR Downlink(Aggregate Maximum Bit Rate for Downlink)", "gtpv2.ambr_down",
3470 FT_UINT32, BASE_DEC, NULL, 0x0,
3474 {"EPS Bearer ID (EBI)", "gtpv2.ebi",
3475 FT_UINT8, BASE_DEC, NULL, 0x0f,
3478 { &hf_gtpv2_ip_address_ipv4,
3479 {"IP address IPv4", "gtpv2.ip_address_ipv4",
3480 FT_IPv4, BASE_NONE, NULL, 0x0,
3483 { &hf_gtpv2_ip_address_ipv6,
3484 {"IP address IPv6", "gtpv2.ip_address_ipv6",
3485 FT_IPv6, BASE_NONE, NULL, 0x0,
3489 {"MEI(Mobile Equipment Identity)", "gtpv2.mei",
3490 FT_STRING, BASE_NONE, NULL, 0,
3493 { &hf_gtpv2_pdn_numbers_nsapi,
3494 {"NSAPI", "gtpv2.pdn_numbers_nsapi",
3495 FT_UINT8, BASE_DEC, NULL, 0x0f, NULL, HFILL}
3498 {"Packet TMSI (P-TMSI)", "gtpv2.p_tmsi",
3499 FT_UINT32, BASE_HEX, NULL, 0x0, NULL, HFILL}
3501 { &hf_gtpv2_p_tmsi_sig,
3502 {"P-TMSI Signature", "gtpv2.p_tmsi_sig",
3503 FT_UINT24, BASE_HEX, NULL, 0x0, NULL, HFILL}
3506 {"DAF (Dual Address Bearer Flag)", "gtpv2.daf",
3507 FT_BOOLEAN, 8, NULL, 0x80, NULL, HFILL}
3510 {"DTF (Direct Tunnel Flag)","gtpv2.dtf",
3511 FT_BOOLEAN, 8, NULL, 0x40, NULL, HFILL}
3514 {"HI (Handover Indication)", "gtpv2.hi",
3515 FT_BOOLEAN, 8, NULL, 0x20, NULL, HFILL}
3518 {"DFI (Direct Forwarding Indication)", "gtpv2.dfi",
3519 FT_BOOLEAN, 8, NULL, 0x10, NULL, HFILL}
3522 {"OI (Operation Indication)","gtpv2.oi",
3523 FT_BOOLEAN, 8, NULL, 0x08, NULL, HFILL}
3526 {"ISRSI (Idle mode Signalling Reduction Supported Indication)", "gtpv2.isrsi",
3527 FT_BOOLEAN, 8, NULL, 0x04, NULL, HFILL}
3530 {"ISRAI (Idle mode Signalling Reduction Activation Indication)", "gtpv2.israi",
3531 FT_BOOLEAN, 8, NULL, 0x02, NULL, HFILL}
3534 {"SGWCI (SGW Change Indication)", "gtpv2.sgwci",
3535 FT_BOOLEAN, 8, NULL, 0x01, NULL, HFILL}
3538 {"SQCI (Subscribed QoS Change Indication", "gtpv2.sqci",
3539 FT_BOOLEAN, 8, NULL, 0x80, NULL, HFILL}
3542 {"UIMSI (Unauthenticated IMSI)", "gtpv2.uimsi",
3543 FT_BOOLEAN, 8, NULL, 0x40, NULL, HFILL}
3546 {"CFSI (Change F-TEID support indication)", "gtpv2.cfsi",
3547 FT_BOOLEAN, 8, NULL, 0x20, NULL, HFILL}
3550 {"CRSI (Change Reporting support indication):", "gtpv2.crsi",
3551 FT_BOOLEAN, 8, NULL, 0x10, NULL, HFILL}
3554 {"PS (Piggybacking Supported).)", "gtpv2.ps",
3555 FT_BOOLEAN, 8, NULL, 0x08, NULL, HFILL}
3558 {"PT (Protocol Type)", "gtpv2.pt",
3559 FT_BOOLEAN, 8, NULL, 0x04, NULL, HFILL}
3562 {"SI (Scope Indication)", "gtpv2.si",
3563 FT_BOOLEAN, 8, NULL, 0x02, NULL, HFILL}
3566 {"MSV (MS Validated)", "gtpv2.msv",
3567 FT_BOOLEAN, 8, NULL, 0x01, NULL, HFILL}
3570 {"CCRSI (CSG Change Reporting support indication)", "gtpv2.ccrsi",
3571 FT_BOOLEAN, 8, NULL, 0x01, NULL, HFILL}
3573 { &hf_gtpv2_pdn_type,
3574 {"PDN Type", "gtpv2.pdn_type",
3575 FT_UINT8, BASE_DEC, VALS(gtpv2_pdn_type_vals), 0x07,
3578 { &hf_gtpv2_tra_info,
3579 {"Trace ID","gtpv2.tra_info",
3580 FT_STRING, BASE_NONE, NULL, 0x0,
3583 { &hf_gtpv2_tra_info_msc_momt_calls,
3584 {"MO and MT calls","gtpv2.tra_info_msc_momt_calls",
3585 FT_UINT8, BASE_DEC, NULL, 0x01,
3586 "MSC Server", HFILL}
3588 { &hf_gtpv2_tra_info_msc_momt_sms,
3589 {"MO and MT SMS","gtpv2.tra_info_msc_momt_sms",
3590 FT_UINT8, BASE_DEC, NULL, 0x02,
3591 "MSC Server", HFILL}
3593 { &hf_gtpv2_tra_info_msc_lu_imsi_ad,
3594 {"LU, IMSI attach, IMSI detach","gtpv2.tra_info_msc_lu_imsi_ad",
3595 FT_UINT8, BASE_DEC, NULL, 0x04,
3596 "MSC Server", HFILL}
3598 { &hf_gtpv2_tra_info_msc_handovers,
3599 {"Handovers","gtpv2.tra_info_msc_handovers",
3600 FT_UINT8, BASE_DEC, NULL, 0x08,
3601 "MSC Server", HFILL}
3603 { &hf_gtpv2_tra_info_msc_ss,
3604 {"SS","gtpv2.tra_info_msc_ss",
3605 FT_UINT8, BASE_DEC, NULL, 0x10,
3606 "MSC Server", HFILL}
3608 { &hf_gtpv2_tra_info_mgw_context,
3609 {"Context","gtpv2.tra_info_mgw_context",
3610 FT_UINT8, BASE_DEC, NULL, 0x01,
3613 { &hf_gtpv2_tra_info_sgsn_pdp_context,
3614 {"PDP context","gtpv2.tra_info_sgsn_pdp_context",
3615 FT_UINT8, BASE_DEC, NULL, 0x01,
3618 { &hf_gtpv2_tra_info_sgsn_momt_sms,
3619 {"MO and MT SMS","gtpv2.tra_info_sgsn_momt_sms",
3620 FT_UINT8, BASE_DEC, NULL, 0x02,
3623 { &hf_gtpv2_tra_info_sgsn_rau_gprs_ad,
3624 {"RAU, GPRS attach, GPRS detach","gtpv2.tra_info_sgsn_rau_gprs_ad",
3625 FT_UINT8, BASE_DEC, NULL, 0x04,
3628 { &hf_gtpv2_tra_info_sgsn_mbms,
3629 {"MBMS Context","gtpv2.tra_into_sgsn_mbms",
3630 FT_UINT8, BASE_DEC, NULL, 0x08,
3633 { &hf_gtpv2_tra_info_sgsn_reserved,
3634 {"Reserved","gtpv2.",
3635 FT_UINT8, BASE_DEC, NULL, 0x0,
3638 { &hf_gtpv2_tra_info_ggsn_pdp,
3639 {"PDP Cpntext","gtpv2.tra_info_ggsn_pdp",
3640 FT_UINT8, BASE_DEC, NULL, 0x01,
3643 { &hf_gtpv2_tra_info_ggsn_mbms,
3644 {"MBMS Context","gtpv2.tra_info_ggsn_mbms",
3645 FT_UINT8, BASE_DEC, NULL, 0x02,
3648 { &hf_gtpv2_tra_info_bm_sc,
3649 {"MBMS Multicast service activation","gtpv2.tra_info_bm_sc",
3650 FT_UINT8, BASE_DEC, NULL, 0x01,
3653 { &hf_gtpv2_tra_info_mme_sgw_ss,
3654 {"Session setup","gtpv2.tra_info_mme_sgw_ss",
3655 FT_UINT8, BASE_DEC, NULL, 0x01,
3658 { &hf_gtpv2_tra_info_mme_sgw_sr,
3659 {"Service Request","gtpv2.tra_info_mme_sgw_sr",
3660 FT_UINT8, BASE_DEC, NULL, 0x02,
3663 { &hf_gtpv2_tra_info_mme_sgw_iataud,
3664 {"Initial Attach, Tracking area update, Detach","gtpv2.tra_info_mme_sgw_iataud",
3665 FT_UINT8, BASE_DEC, NULL, 0x04,
3668 { &hf_gtpv2_tra_info_lne_msc_s,
3669 {"MSC-S","gtpv2.tra_info_lne_msc_s",
3670 FT_UINT8, BASE_DEC, NULL, 0x01,
3671 "List of NE Types", HFILL}
3673 { &hf_gtpv2_tra_info_lne_mgw,
3674 {"MGW","gtpv2.tra_info_lne_mgw",
3675 FT_UINT8, BASE_DEC, NULL, 0x02,
3676 "List of NE Types", HFILL}
3678 { &hf_gtpv2_tra_info_lne_sgsn,
3679 {"SGSN","gtpv2.tra_info_lne_sgsn",
3680 FT_UINT8, BASE_DEC, NULL, 0x04,
3681 "List of NE Types", HFILL}
3683 { &hf_gtpv2_tra_info_lne_ggsn,
3684 {"GGSN","gtpv2.tra_info_lne_ggsn",
3685 FT_UINT8, BASE_DEC, NULL, 0x08,
3686 "List of NE Types", HFILL}
3688 { &hf_gtpv2_tra_info_lne_rnc,
3689 {"RNC","gtpv2.tra_info_lne_rnc",
3690 FT_UINT8, BASE_DEC, NULL, 0x10,
3691 "List of NE Types", HFILL}
3693 { &hf_gtpv2_tra_info_lne_bm_sc,
3694 {"BM-SC","gtpv2.tra_info_lne_bm_sc",
3695 FT_UINT8, BASE_DEC, NULL, 0x20,
3696 "List of NE Types", HFILL}
3698 { &hf_gtpv2_tra_info_lne_mme,
3699 {"MME","gtpv2.tra_info_lne_mme",
3700 FT_UINT8, BASE_DEC, NULL, 0x40,
3701 "List of NE Types", HFILL}
3703 { &hf_gtpv2_tra_info_lne_sgw,
3704 {"SGW","gtpv2.tra_info_lne_sgw",
3705 FT_UINT8, BASE_DEC, NULL, 0x80,
3706 "List of NE Types", HFILL}
3708 { &hf_gtpv2_tra_info_lne_pdn_gw,
3709 {"PDN GW","gtpv2.tra_info_lne_pdn_gw",
3710 FT_UINT8, BASE_DEC, NULL, 0x01,
3711 "List of NE Types", HFILL}
3713 { &hf_gtpv2_tra_info_lne_enb,
3714 {"eNB","gtpv2.tra_info_lne_enb",
3715 FT_UINT8, BASE_DEC, NULL, 0x02,
3716 "List of NE Types", HFILL}
3718 { &hf_gtpv2_tra_info_tdl,
3719 {"Trace Depth Length","gtpv2.tra_info_tdl",
3720 FT_UINT8, BASE_DEC, NULL, 0x0,
3723 { &hf_gtpv2_tra_info_lmsc_a,
3724 {"A","gtpv2.tra_info_lmsc_a",
3725 FT_UINT8, BASE_DEC, NULL, 0x01,
3726 "MSC Server", HFILL}
3728 { &hf_gtpv2_tra_info_lmsc_lu,
3729 {"Iu","gtpv2.tra_info_lmsc_lu",
3730 FT_UINT8, BASE_DEC, NULL, 0x02,
3731 "MSC Server", HFILL}
3733 { &hf_gtpv2_tra_info_lmsc_mc,
3734 {"Mc","gtpv2.tra_info_lmsc_mc",
3735 FT_UINT8, BASE_DEC, NULL, 0x04,
3736 "MSC Server", HFILL}
3738 { &hf_gtpv2_tra_info_lmsc_map_g,
3739 {"MAP-G","gtpv2.tra_info_lmsc_map_g",
3740 FT_UINT8, BASE_DEC, NULL, 0x08,
3741 "MSC Server", HFILL}
3743 { &hf_gtpv2_tra_info_lmsc_map_b,
3744 {"MAP-B","gtpv2.tra_info_lmsc_map_b",
3745 FT_UINT8, BASE_DEC, NULL, 0x10,
3746 "MSC Server", HFILL}
3748 { &hf_gtpv2_tra_info_lmsc_map_e,
3749 {"MAP-E","gtpv2.tra_info_lmsc_map_e",
3750 FT_UINT8, BASE_DEC, NULL, 0x20,
3751 "MSC Server", HFILL}
3753 { &hf_gtpv2_tra_info_lmsc_map_f,
3754 {"MAP-F","gtpv2.tra_info_lmsc_map_f",
3755 FT_UINT8, BASE_DEC, NULL, 0x40,
3756 "MSC Server", HFILL}
3758 { &hf_gtpv2_tra_info_lmsc_cap,
3759 {"CAP","gtpv2.tra_info_lmsc_cap",
3760 FT_UINT8, BASE_DEC, NULL, 0x80,
3761 "MSC Server", HFILL}
3763 { &hf_gtpv2_tra_info_lmsc_map_d,
3764 {"MAP-D","gtpv2.tra_info_lmsc_map_d",
3765 FT_UINT8, BASE_DEC, NULL, 0x01,
3766 "MSC Server", HFILL}
3768 { &hf_gtpv2_tra_info_lmsc_map_c,
3769 {"MAP-C","gtpv2.tra_info_lmsc_map_c",
3770 FT_UINT8, BASE_DEC, NULL, 0x02,
3771 "MSC Server", HFILL}
3773 { &hf_gtpv2_tra_info_lmgw_mc,
3774 {"Mc","gtpv2.tra_info_lmgw_mc",
3775 FT_UINT8, BASE_DEC, NULL, 0x01,
3778 { &hf_gtpv2_tra_info_lmgw_nb_up,
3779 {"Nb-UP","gtpv2.tra_info_lmgw_nb_up",
3780 FT_UINT8, BASE_DEC, NULL, 0x2,
3783 { &hf_gtpv2_tra_info_lmgw_lu_up,
3784 {"Iu-UP","gtpv2.tra_info_lmgw_lu_up",
3785 FT_UINT8, BASE_DEC, NULL, 0x04,
3788 { &hf_gtpv2_tra_info_lsgsn_gb,
3789 {"Gb","gtpv2.tra_info_lsgsn_gb",
3790 FT_UINT8, BASE_DEC, NULL, 0x01,
3793 { &hf_gtpv2_tra_info_lsgsn_lu,
3794 {"Iu","gtpv2.tra_info_lsgsn_lu",
3795 FT_UINT8, BASE_DEC, NULL, 0x02,
3798 { &hf_gtpv2_tra_info_lsgsn_gn,
3799 {"Gn","gtpv2.tra_info_lsgsn_gn",
3800 FT_UINT8, BASE_DEC, NULL, 0x04,
3803 { &hf_gtpv2_tra_info_lsgsn_map_gr,
3804 {"MAP-Gr","gtpv2.tra_info_lsgsn_map_gr",
3805 FT_UINT8, BASE_DEC, NULL, 0x08,
3808 { &hf_gtpv2_tra_info_lsgsn_map_gd,
3809 {"MAP-Gd","gtpv2.tra_info_lsgsn_map_gd",
3810 FT_UINT8, BASE_DEC, NULL, 0x10,
3813 { &hf_gtpv2_tra_info_lsgsn_map_gf,
3814 {"MAP-Gf","gtpv2.tra_info_lsgsn_map_gf",
3815 FT_UINT8, BASE_DEC, NULL, 0x20,
3818 { &hf_gtpv2_tra_info_lsgsn_gs,
3819 {"Gs","gtpv2.tra_info_lsgsn_gs",
3820 FT_UINT8, BASE_DEC, NULL, 0x40,
3823 { &hf_gtpv2_tra_info_lsgsn_ge,
3824 {"Ge","gtpv2.tra_info_lsgsn_ge",
3825 FT_UINT8, BASE_DEC, NULL, 0x80,
3828 { &hf_gtpv2_tra_info_lggsn_gn,
3829 {"Gn","gtpv2.tra_info_lggsn_gn",
3830 FT_UINT8, BASE_DEC, NULL, 0x01,
3833 { &hf_gtpv2_tra_info_lggsn_gi,
3834 {"Gi","gtpv2.tra_info_lggsn_gi",
3835 FT_UINT8, BASE_DEC, NULL, 0x02,
3838 { &hf_gtpv2_tra_info_lggsn_gmb,
3839 {"Gmb","gtpv2.tra_info_lggsn_gmb",
3840 FT_UINT8, BASE_DEC, NULL, 0x04,
3843 { &hf_gtpv2_tra_info_lrnc_lu,
3844 {"Iu","gtpv2.tra_info_lrnc_lu",
3845 FT_UINT8, BASE_DEC, NULL, 0x01,
3848 { &hf_gtpv2_tra_info_lrnc_lur,
3849 {"Iur","gtpv2.tra_info_lrnc_lur",
3850 FT_UINT8, BASE_DEC, NULL, 0x02,
3853 { &hf_gtpv2_tra_info_lrnc_lub,
3854 {"Iub","gtpv2.tra_info_lrnc_lub",
3855 FT_UINT8, BASE_DEC, NULL, 0x04,
3858 { &hf_gtpv2_tra_info_lrnc_uu,
3859 {"Uu","gtpv2.tra_info_lrnc_uu",
3860 FT_UINT8, BASE_DEC, NULL, 0x08,
3863 { &hf_gtpv2_tra_info_lbm_sc_gmb,
3864 {"Gmb","gtpv2.tra_info_lbm_sc_gmb",
3865 FT_UINT8, BASE_DEC, NULL, 0x01,
3868 { &hf_gtpv2_tra_info_lmme_s1_mme,
3869 {"S1-MME","gtpv2.tra_info_lmme_s1_mme",
3870 FT_UINT8, BASE_DEC, NULL, 0x01,
3873 { &hf_gtpv2_tra_info_lmme_s3,
3874 {"S3","gtpv2.tra_info_lmme_s3",
3875 FT_UINT8, BASE_DEC, NULL, 0x02,
3878 { &hf_gtpv2_tra_info_lmme_s6a,
3879 {"S6a","gtpv2.tra_info_lmme_s6a",
3880 FT_UINT8, BASE_DEC, NULL, 0x04,
3883 { &hf_gtpv2_tra_info_lmme_s10,
3884 {"S10","gtpv2.tra_info_lmme_s10",
3885 FT_UINT8, BASE_DEC, NULL, 0x08,
3888 { &hf_gtpv2_tra_info_lmme_s11,
3889 {"S11","gtpv2.tra_info_lmme_s11",
3890 FT_UINT8, BASE_DEC, NULL, 0x10,
3893 { &hf_gtpv2_tra_info_lsgw_s4,
3894 {"S4","gtpv2.tra_info_lsgw_s4",
3895 FT_UINT8, BASE_DEC, NULL, 0x01,
3898 { &hf_gtpv2_tra_info_lsgw_s5,
3899 {"S5","gtpv2.tra_info_lsgw_s5",
3900 FT_UINT8, BASE_DEC, NULL, 0x02,
3903 { &hf_gtpv2_tra_info_lsgw_s8b,
3904 {"S8b","gtpv2.tra_info_lsgw_s8b",
3905 FT_UINT8, BASE_DEC, NULL, 0x04,
3908 { &hf_gtpv2_tra_info_lsgw_s11,
3909 {"S11","gtpv2.tra_info_lsgw_s11",
3910 FT_UINT8, BASE_DEC, NULL, 0x08,
3913 { &hf_gtpv2_tra_info_lpdn_gw_s2a,
3914 {"S2a","gtpv2.tra_info_lpdn_gw_s2a",
3915 FT_UINT8, BASE_DEC, NULL, 0x01,
3918 { &hf_gtpv2_tra_info_lpdn_gw_s2b,
3919 {"S2b","gtpv2.tra_info_lpdn_gw_s2b",
3920 FT_UINT8, BASE_DEC, NULL, 0x02,
3923 { &hf_gtpv2_tra_info_lpdn_gw_s2c,
3924 {"S2c","gtpv2.tra_info_lpdn_gw_s2c",
3925 FT_UINT8, BASE_DEC, NULL, 0x04,
3928 { &hf_gtpv2_tra_info_lpdn_gw_s5,
3929 {"S5","gtpv2.tra_info_lpdn_gw_s5",
3930 FT_UINT8, BASE_DEC, NULL, 0x08,
3933 { &hf_gtpv2_tra_info_lpdn_gw_s6c,
3934 {"S6c","gtpv2.tra_info_lpdn_gw_s6c",
3935 FT_UINT8, BASE_DEC, NULL, 0x10,
3938 { &hf_gtpv2_tra_info_lpdn_gw_gx,
3939 {"Gx","gtpv2.tra_info_lpdn_gw_gx",
3940 FT_UINT8, BASE_DEC, NULL, 0x20,
3943 { &hf_gtpv2_tra_info_lpdn_gw_s8b,
3944 {"S8b","gtpv2.tra_info_lpdn_gw_s8b",
3945 FT_UINT8, BASE_DEC, NULL, 0x40,
3948 { &hf_gtpv2_tra_info_lpdn_gw_sgi,
3949 {"SGi","gtpv2.tra_info_lpdn_gw_sgi",
3950 FT_UINT8, BASE_DEC, NULL, 0x80,
3953 { &hf_gtpv2_tra_info_lenb_s1_mme,
3954 {"S1-MME","gtpv2.tra_info_lenb_s1_mme",
3955 FT_UINT8, BASE_DEC, NULL, 0x01,
3958 { &hf_gtpv2_tra_info_lenb_x2,
3959 {"X2","gtpv2.tra_info_lenb_x2",
3960 FT_UINT8, BASE_DEC, NULL, 0x02,
3963 { &hf_gtpv2_tra_info_lenb_uu,
3964 {"Uu","gtpv2.tra_info_lenb_uu",
3965 FT_UINT8, BASE_DEC, NULL, 0x04,
3968 { &hf_gtpv2_pdn_ipv4,
3969 {"PDN Address and Prefix(IPv4)", "gtpv2.pdn_addr_and_prefix.ipv4",
3970 FT_IPv4, BASE_NONE, NULL, 0x0,
3973 { &hf_gtpv2_pdn_ipv6_len,
3974 {"IPv6 Prefix Length", "gtpv2.pdn_ipv6_len",
3975 FT_UINT8, BASE_DEC, NULL, 0x0,
3978 { &hf_gtpv2_pdn_ipv6,
3979 {"PDN Address and Prefix(IPv6)", "gtpv2.pdn_addr_and_prefix.ipv6",
3980 FT_BYTES, BASE_NONE, NULL, 0x0,
3983 {&hf_gtpv2_bearer_qos_pvi,
3984 {"PVI (Pre-emption Vulnerability)", "gtpv2.bearer_qos_pvi",
3985 FT_BOOLEAN, 8, NULL, 0x01,
3988 {&hf_gtpv2_bearer_qos_pl,
3989 {"PL (Priority Level)", "gtpv2.bearer_qos_pl",
3990 FT_UINT8, BASE_DEC, NULL, 0x3c,
3993 {&hf_gtpv2_bearer_qos_pci,
3994 {"PCI (Pre-emption Capability)", "gtpv2.bearer_qos_pci",
3995 FT_BOOLEAN, 8, NULL, 0x40,
3998 {&hf_gtpv2_bearer_qos_label_qci,
3999 {"Label (QCI)", "gtpv2.bearer_qos_label_qci",
4000 FT_UINT8, BASE_DEC, NULL, 0x0,
4003 {&hf_gtpv2_bearer_qos_mbr_up,
4004 {"Maximum Bit Rate For Uplink", "gtpv2.bearer_qos_mbr_up",
4005 FT_UINT64, BASE_DEC, NULL, 0x0,
4008 {&hf_gtpv2_bearer_qos_mbr_down,
4009 {"Maximum Bit Rate For Downlink", "gtpv2.bearer_qos_mbr_down",
4010 FT_UINT64, BASE_DEC, NULL, 0x0,
4013 {&hf_gtpv2_bearer_qos_gbr_up,
4014 {"Guaranteed Bit Rate For Uplink", "gtpv2.bearer_qos_gbr_up",
4015 FT_UINT64, BASE_DEC, NULL, 0x0,
4018 {&hf_gtpv2_bearer_qos_gbr_down,
4019 {"Guaranteed Bit Rate For Downlink", "gtpv2.bearer_qos_gbr_down",
4020 FT_UINT64, BASE_DEC, NULL, 0x0,
4023 {&hf_gtpv2_flow_qos_label_qci,
4024 {"Label (QCI)", "gtpv2.flow_qos_label_qci",
4025 FT_UINT8, BASE_DEC, NULL, 0x0,
4028 {&hf_gtpv2_flow_qos_mbr_up,
4029 {"Maximum Bit Rate For Uplink", "gtpv2.flow_qos_mbr_up",
4030 FT_UINT64, BASE_DEC, NULL, 0x0,
4033 {&hf_gtpv2_flow_qos_mbr_down,
4034 {"Maximum Bit Rate For Downlink", "gtpv2.flow_qos_mbr_down",
4035 FT_UINT64, BASE_DEC, NULL, 0x0,
4038 {&hf_gtpv2_flow_qos_gbr_up,
4039 {"Guaranteed Bit Rate For Uplink", "gtpv2.flow_qos_gbr_up",
4040 FT_UINT64, BASE_DEC, NULL, 0x0,
4043 {&hf_gtpv2_flow_qos_gbr_down,
4044 {"Guaranteed Bit Rate For Downlink", "gtpv2.flow_qos_gbr_down",
4045 FT_UINT64, BASE_DEC, NULL, 0x0,
4048 { &hf_gtpv2_rat_type,
4049 {"RAT Type", "gtpv2.rat_type",
4050 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_rat_type_vals_ext, 0x0,
4053 { &hf_gtpv2_uli_ecgi_flg,
4054 {"ECGI Present Flag)", "gtpv2.uli_ecgi_flg",
4055 FT_BOOLEAN, 8, NULL, GTPv2_ULI_ECGI_MASK,
4058 { &hf_gtpv2_uli_lai_flg,
4059 {"LAI Present Flag)", "gtpv2.uli_lai_flg",
4060 FT_BOOLEAN, 8, NULL, GTPv2_ULI_LAI_MASK,
4063 { &hf_gtpv2_uli_tai_flg,
4064 {"TAI Present Flag)", "gtpv2.uli_tai_flg",
4065 FT_BOOLEAN, 8, NULL, GTPv2_ULI_TAI_MASK,
4068 { &hf_gtpv2_uli_rai_flg,
4069 {"RAI Present Flag)", "gtpv2.uli_rai_flg",
4070 FT_BOOLEAN, 8, NULL, GTPv2_ULI_RAI_MASK,
4073 { &hf_gtpv2_uli_sai_flg,
4074 {"SAI Present Flag)", "gtpv2.uli_sai_flg",
4075 FT_BOOLEAN, 8, NULL, GTPv2_ULI_SAI_MASK,
4078 { &hf_gtpv2_uli_cgi_flg,
4079 {"CGI Present Flag)", "gtpv2.uli_cgi_flg",
4080 FT_BOOLEAN, 8, NULL, GTPv2_ULI_CGI_MASK,
4083 { &hf_gtpv2_uli_cgi_lac,
4084 {"Location Area Code", "gtpv2.uli_cgi_lac",
4085 FT_UINT16, BASE_DEC, NULL, 0x0,
4088 { &hf_gtpv2_uli_cgi_ci,
4089 {"Cell Identity", "gtpv2.uli_cgi_ci",
4090 FT_UINT16, BASE_DEC, NULL, 0x0,
4093 { &hf_gtpv2_uli_sai_lac,
4094 {"Location Area Code", "gtpv2.uli_sai_lac",
4095 FT_UINT16, BASE_DEC, NULL, 0x0,
4098 { &hf_gtpv2_uli_sai_sac,
4099 {"Service Area Code", "gtpv2.uli_sai_sac",
4100 FT_UINT16, BASE_DEC, NULL, 0x0,
4103 { &hf_gtpv2_uli_rai_lac,
4104 {"Location Area Code", "gtpv2.uli_rai_lac",
4105 FT_UINT16, BASE_DEC, NULL, 0x0,
4108 { &hf_gtpv2_uli_rai_rac,
4109 {"Routing Area Code", "gtpv2.uli_rai_rac",
4110 FT_UINT16, BASE_DEC, NULL, 0x0,
4113 { &hf_gtpv2_uli_tai_tac,
4114 {"Tracking Area Code", "gtpv2.uli_tai_tac",
4115 FT_UINT16, BASE_DEC, NULL, 0x0,
4118 {&hf_gtpv2_uli_ecgi_eci,
4119 {"ECI (E-UTRAN Cell Identifier)", "gtpv2.uli_ecgi_eci",
4120 FT_UINT32, BASE_HEX, NULL, 0x0,
4123 {&hf_gtpv2_uli_lai_lac,
4124 {"Location Area Code (LAC)", "gtpv2.uli_lai_lac",
4125 FT_UINT16, BASE_HEX, NULL, 0x0,
4128 {&hf_gtpv2_uli_ecgi_eci_spare,
4129 {"Spare", "gtpv2.uli_ecgi_eci_spare",
4130 FT_UINT8, BASE_DEC, NULL, 0x0,
4134 {"NSAPI", "gtpv2.nsapi",
4135 FT_UINT8, BASE_DEC, NULL, 0x0f,
4138 {&hf_gtpv2_f_teid_v4,
4139 {"V4", "gtpv2.f_teid_v4",
4140 FT_BOOLEAN, 8, TFS(>pv2_f_teid_v4_vals), 0x80,
4143 {&hf_gtpv2_f_teid_v6,
4144 {"V6", "gtpv2.f_teid_v6",
4145 FT_BOOLEAN, 8, TFS(>pv2_f_teid_v6_vals), 0x40,
4148 {&hf_gtpv2_f_teid_interface_type,
4149 {"Interface Type", "gtpv2.f_teid_interface_type",
4150 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_f_teid_interface_type_vals_ext, 0x1f,
4153 {&hf_gtpv2_f_teid_gre_key,
4154 {"TEID/GRE Key", "gtpv2.f_teid_gre_key",
4155 FT_UINT32, BASE_DEC, NULL, 0x0,
4158 { &hf_gtpv2_f_teid_ipv4,
4159 {"F-TEID IPv4", "gtpv2.f_teid_ipv4",
4160 FT_IPv4, BASE_NONE, NULL, 0x0,
4163 { &hf_gtpv2_f_teid_ipv6,
4164 {"F-TEID IPv6", "gtpv2.f_teid_ipv6",
4165 FT_IPv6, BASE_NONE, NULL, 0x0,
4169 {"TMSI", "gtpv2.tmsi",
4170 FT_UINT32, BASE_HEX, NULL, 0x0,
4173 { &hf_gtpv2_hsgw_addr_f_len,
4174 {"HSGW Address for forwarding Length", "gtpv2.hsgw_addr_f_len",
4175 FT_UINT8, BASE_DEC, NULL, 0x0,
4178 { &hf_gtpv2_hsgw_addr_ipv4,
4179 {"HSGW Address for forwarding", "gtpv2.hsgw_addr_ipv4",
4180 FT_IPv4, BASE_NONE, NULL, 0x0,
4183 { &hf_gtpv2_hsgw_addr_ipv6,
4184 {"HSGW Address for forwarding", "gtpv2.hsgw_addr_ipv6",
4185 FT_IPv6, BASE_NONE, NULL, 0x0,
4188 { &hf_gtpv2_gre_key,
4189 {"GRE Key", "gtpv2.gre_key",
4190 FT_UINT32, BASE_DEC, NULL, 0x0,
4193 { &hf_gtpv2_sgw_addr_ipv4,
4194 {"Serving GW Address", "gtpv2.sgw_addr_ipv4",
4195 FT_IPv4, BASE_NONE, NULL, 0x0,
4198 { &hf_gtpv2_sgw_addr_ipv6,
4199 {"Serving GW Address", "gtpv2.sgw_addr_ipv6",
4200 FT_IPv6, BASE_NONE, NULL, 0x0,
4203 { &hf_gtpv2_sgw_s1u_teid,
4204 {"Serving GW S1-U TEID", "gtpv2.sgw_s1u_teid",
4205 FT_UINT32, BASE_HEX, NULL, 0x0,
4208 {&hf_gtpv2_delay_value,
4209 {"Delay Value (In integer multiples of 50 milliseconds or zero)", "gtpv2.delay_value",
4210 FT_UINT8, BASE_DEC, NULL, 0x0,
4213 {&hf_gtpv2_charging_id,
4214 {"Charging id", "gtpv2.charging_id",
4215 FT_UINT32, BASE_DEC, NULL, 0x0,
4218 {&hf_gtpv2_charging_characteristic,
4219 {"Charging Characteristic", "gtpv2.charging_characteristic",
4220 FT_UINT16, BASE_HEX, NULL, 0xffff,
4223 {&hf_gtpv2_bearer_flag_ppc,
4224 {"PPC (Prohibit Payload Compression)", "gtpv2.bearer_flag.ppc",
4225 FT_BOOLEAN, 8, NULL, 0x01,
4228 {&hf_gtpv2_bearer_flag_vb,
4229 {"VB (Voice Bearer)", "gtpv2.bearer_flag.vb",
4230 FT_BOOLEAN, 8, NULL, 0x02,
4234 {"Procedure Transaction Id", "gtpv2.pti",
4235 FT_UINT8, BASE_DEC, NULL, 0x0,
4239 { &hf_gtpv2_mm_context_sm,
4240 {"Security Mode", "gtpv2.mm_context_sm",
4241 FT_UINT8, BASE_DEC, VALS(gtpv2_mm_context_security_mode), 0xe0,
4244 { &hf_gtpv2_mm_context_nhi,
4245 {"NHI(Next Hop Indicator)", "gtpv2.mm_context_nhi",
4246 FT_BOOLEAN, 8, TFS(>pv2_nhi_vals), 0x10,
4249 { &hf_gtpv2_mm_context_drxi,
4250 {"DRXI", "gtpv2.mm_context_drxi",
4251 FT_UINT8, BASE_DEC, NULL, 0x08,
4254 { &hf_gtpv2_mm_context_cksn,
4255 {"CKSN", "gtpv2.mm_context_cksn",
4256 FT_UINT8, BASE_DEC, NULL, 0x07,
4259 { &hf_gtpv2_mm_context_cksn_ksi,
4260 {"CKSN/KSI", "gtpv2.mm_context_cksn_ksi",
4261 FT_UINT8, BASE_DEC, NULL, 0x07,
4264 { &hf_gtpv2_mm_context_ksi_a,
4265 {"KSI_asme", "gtpv2.mm_context_ksi_a",
4266 FT_UINT8, BASE_DEC, NULL, 0x07,
4269 { &hf_gtpv2_mm_context_nr_tri,
4270 {"Number of Triplet", "gtpv2.mm_context_nr_tri",
4271 FT_UINT8, BASE_DEC, NULL, 0xe0,
4274 { &hf_gtpv2_mm_context_unipa,
4275 {"Used NAS integrity protection algorithm", "gtpv2.mm_context_unipa",
4276 FT_UINT8, BASE_DEC, VALS(gtpv2_mm_context_unipa_vals), 0x70,
4280 { &hf_gtpv2_mm_context_unc,
4281 {"Used NAS Cipher", "gtpv2.mm_context_unc",
4282 FT_UINT8, BASE_DEC, VALS(gtpv2_mm_context_unc_vals), 0x0f,
4285 { &hf_gtpv2_mm_context_nas_dl_cnt,
4286 {"NAS Downlink Count", "gtpv2.mm_context_nas_dl_cnt",
4287 FT_UINT24, BASE_DEC, NULL, 0x0,
4290 { &hf_gtpv2_mm_context_nas_ul_cnt,
4291 {"NAS Uplink Count", "gtpv2.mm_context_nas_ul_cnt",
4292 FT_UINT24, BASE_DEC, NULL, 0x0,
4296 { &hf_gtpv2_mm_context_ksi,
4297 {"KSI", "gtpv2.mm_context_ksi",
4298 FT_UINT8, BASE_DEC, NULL, 0x07,
4301 { &hf_gtpv2_mm_context_nr_qui,
4302 {"Number of Quintuplets", "gtpv2.mm_context_nr_qui",
4303 FT_UINT8, BASE_DEC, NULL, 0xe0,
4307 { &hf_gtpv2_mm_context_nr_qua,
4308 {"Number of Quadruplet", "gtpv2.mm_context_nr_qua",
4309 FT_UINT8, BASE_DEC, NULL, 0x1c,
4312 {&hf_gtpv2_ue_time_zone_dst,
4313 {"Daylight Saving Time","gtpv2.ue_time_zone_dst",
4314 FT_UINT8, BASE_DEC, VALS(gtpv2_ue_time_zone_dst_vals),0x03,
4317 { &hf_gtpv2_fq_csid_type,
4318 {"Node-ID Type", "gtpv2.fq_csid_type",
4319 FT_UINT8, BASE_DEC, NULL, 0xf0,
4322 { &hf_gtpv2_fq_csid_nr,
4323 {"Number of CSIDs", "gtpv2.fq_csid_nr",
4324 FT_UINT8, BASE_DEC, NULL, 0x0f,
4327 { &hf_gtpv2_fq_csid_ipv4,
4328 {"Node-ID (IPv4)", "gtpv2.fq_csid_ipv4",
4329 FT_IPv4, BASE_NONE, NULL, 0x0,
4332 { &hf_gtpv2_fq_csid_ipv6,
4333 {"Node-ID (IPv6)", "gtpv2.fq_csid_ipv6",
4334 FT_IPv6, BASE_NONE, NULL, 0x0,
4337 { &hf_gtpv2_fq_csid_id,
4338 {"CSID", "gtpv2.fq_csid_id",
4339 FT_UINT16, BASE_DEC, NULL, 0x0,
4342 { &hf_gtpv2_complete_req_msg_type,
4343 {"Complete Request Message Type","gtpv2.complete_req_msg_type",
4344 FT_UINT8, BASE_DEC, VALS(gtpv2_complete_req_msg_type_vals),0x0,
4347 {&hf_gtpv2_mme_grp_id,
4348 {"MME Group ID","gtpv2.mme_grp_id",
4349 FT_UINT16, BASE_DEC, NULL,0x0,
4352 { &hf_gtpv2_mme_code,
4353 {"MME Code","gtpv2.mme_code",
4354 FT_UINT8, BASE_DEC, NULL,0x0,
4358 {"M-TMSI","gtpv2.m_tmsi",
4359 FT_BYTES, BASE_NONE, NULL,0x0,
4362 { &hf_gtpv2_container_type,
4363 {"Container Type","gtpv2.container_type",
4364 FT_UINT8, BASE_DEC, VALS(gtpv2_container_type_vals),0x0f,
4367 { &hf_gtpv2_cause_type,
4368 {"Cause Type","gtpv2.cause_type",
4369 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_cause_type_vals_ext,0x0f,
4372 { &hf_gtpv2_CauseRadioNetwork,
4373 {"Radio Network Layer Cause","gtpv2.CauseRadioNetwork",
4374 FT_UINT8, BASE_DEC, VALS(&s1ap_CauseRadioNetwork_vals),0x0,
4377 { &hf_gtpv2_CauseTransport,
4378 {"Transport Layer Cause","gtpv2.CauseTransport",
4379 FT_UINT8, BASE_DEC, VALS(&s1ap_CauseTransport_vals),0x0,
4382 { &hf_gtpv2_CauseNas,
4383 {"NAS Cause","gtpv2.CauseNas",
4384 FT_UINT8, BASE_DEC, VALS(&s1ap_CauseNas_vals),0x0,
4387 { &hf_gtpv2_CauseMisc,
4388 {"Miscellaneous Cause","gtpv2.CauseMisc",
4389 FT_UINT8, BASE_DEC, VALS(&s1ap_CauseMisc_vals),0x0,
4392 { &hf_gtpv2_target_type,
4393 {"Target Type","gtpv2.target_type",
4394 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_target_type_vals_ext,0x0,
4397 {&hf_gtpv2_macro_enodeb_id,
4398 {"Macro eNodeB ID","gtpv2.macro_enodeb_id",
4399 FT_UINT24, BASE_HEX, NULL,0x0fffff,
4402 { &hf_gtpv2_CauseProtocol,
4403 {"Protocol Cause","gtpv2.CauseProtocol",
4404 FT_UINT8, BASE_DEC, VALS(&s1ap_CauseProtocol_vals),0x0,
4407 {&hf_gtpv2_apn_rest,
4408 {"APN Restriction", "gtpv2.apn_rest",
4409 FT_UINT8, BASE_DEC, NULL, 0x0,
4412 {&hf_gtpv2_selec_mode,
4413 {"Selection Mode","gtpv2.selec_mode",
4414 FT_UINT8, BASE_DEC, VALS(gtpv2_selec_mode_vals),0x03,
4417 { &hf_gtpv2_source_type,
4418 {"Source Type", "gtpv2.source_type",
4419 FT_UINT8, BASE_DEC, NULL, 0x0,
4422 {&hf_gtpv2_bearer_control_mode,
4423 {"Bearer Control Mode","gtpv2.bearer_control_mode",
4424 FT_UINT8, BASE_DEC, VALS(gtpv2_bearer_control_mode_vals),0x0,
4427 { &hf_gtpv2_cng_rep_act,
4428 {"Change Reporting Action", "gtpv2.cng_rep_act",
4429 FT_UINT8, BASE_DEC, VALS(gtpv2_cng_rep_act_vals), 0x0,
4432 { &hf_gtpv2_node_type,
4433 {"Node Type", "gtpv2.node_type",
4434 FT_UINT8, BASE_DEC, VALS(gtpv2_node_type_vals), 0x0,
4438 {"FQDN", "gtpv2.fqdn",
4439 FT_STRING, BASE_NONE, NULL, 0x0,
4442 { &hf_gtpv2_enterprise_id,
4443 {"Enterprise ID", "gtpv2.enterprise_id",
4444 FT_UINT16, BASE_DEC|BASE_EXT_STRING, &sminmpec_values_ext, 0x0,
4447 { &hf_gtpv2_address_digits,
4448 { "Address digits", "gtpv2.address_digits",
4449 FT_STRING, BASE_NONE, NULL, 0,
4453 {"Transaction Identifier", "gtpv2.ti",
4454 FT_BYTES, BASE_NONE, NULL, 0x0,
4460 static gint *ett_gtpv2_array[] = {
4464 &ett_gtpv2_uli_flags,
4465 &ett_gtpv2_uli_field,
4466 &ett_gtpv2_bearer_ctx,
4467 &ett_gtpv2_PDN_conn,
4468 &ett_gtpv2_mm_context_flag,
4469 &ett_gtpv2_pdn_numbers_nsapi,
4470 &ett_gtpv2_tra_info_trigg,
4471 &ett_gtpv2_tra_info_trigg_msc_server,
4472 &ett_gtpv2_tra_info_trigg_mgw,
4473 &ett_gtpv2_tra_info_trigg_sgsn,
4474 &ett_gtpv2_tra_info_trigg_ggsn,
4475 &ett_gtpv2_tra_info_trigg_bm_sc,
4476 &ett_gtpv2_tra_info_trigg_sgw_mme,
4477 &ett_gtpv2_tra_info_interfaces,
4478 &ett_gtpv2_tra_info_interfaces_imsc_server,
4479 &ett_gtpv2_tra_info_interfaces_lmgw,
4480 &ett_gtpv2_tra_info_interfaces_lsgsn,
4481 &ett_gtpv2_tra_info_interfaces_lggsn,
4482 &ett_gtpv2_tra_info_interfaces_lrnc,
4483 &ett_gtpv2_tra_info_interfaces_lbm_sc,
4484 &ett_gtpv2_tra_info_interfaces_lmme,
4485 &ett_gtpv2_tra_info_interfaces_lsgw,
4486 &ett_gtpv2_tra_info_interfaces_lpdn_gw,
4487 &ett_gtpv2_tra_info_interfaces_lpdn_lenb,
4488 &ett_gtpv2_tra_info_ne_types
4492 proto_gtpv2 = proto_register_protocol("GPRS Tunneling Protocol V2", "GTPv2", "gtpv2");
4493 proto_register_field_array(proto_gtpv2, hf_gtpv2, array_length(hf_gtpv2));
4494 proto_register_subtree_array(ett_gtpv2_array, array_length(ett_gtpv2_array));
4495 /* AVP Code: 22 3GPP-User-Location-Info */
4496 dissector_add_uint("diameter.3gpp", 22, new_create_dissector_handle(dissect_diameter_3gpp_uli, proto_gtpv2));
4498 register_dissector("gtpv2", dissect_gtpv2, proto_gtpv2);
4502 proto_reg_handoff_gtpv2(void)
4504 nas_eps_handle = find_dissector("nas-eps");
git.samba.org / obnox / wireshark / wip.git / blob