3 * Routines for GTPv2 dissection
4 * Copyright 2009 - 2011, Anders Broman <anders.broman [at] ericcsson.com>
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
25 * Ref: 3GPP TS 29.274 version 8.1.1 Release 8 ETSI TS 129 274 V8.1.1 (2009-04)
34 #include <epan/packet.h>
35 #include <epan/asn1.h>
36 #include <epan/expert.h>
37 #include <epan/sminmpec.h>
39 #include "packet-gsm_a_common.h"
40 #include "packet-gsm_map.h"
41 #include "packet-e164.h"
42 #include "packet-e212.h"
43 #include "packet-s1ap.h"
44 #include "packet-ranap.h"
47 static dissector_handle_t nas_eps_handle;
49 /*GTPv2 Message->GTP Header(SB)*/
50 static int proto_gtpv2 = -1;
52 static int hf_gtpv2_reserved = -1;
53 static int hf_gtpv2_spare_half_octet = -1;
54 static int hf_gtpv2_spare_bits = -1;
55 static int hf_gtpv2_flags = -1;
56 static int hf_gtpv2_version = -1;
57 static int hf_gtpv2_p = -1;
58 static int hf_gtpv2_t = -1;
59 static int hf_gtpv2_message_type = -1;
60 static int hf_gtpv2_msg_length = -1;
61 static int hf_gtpv2_teid = -1;
62 static int hf_gtpv2_seq = -1;
63 static int hf_gtpv2_spare = -1;
66 static int hf_gtpv2_ie = -1;
67 static int hf_gtpv2_ie_len = -1;
68 static int hf_gtpv2_cr = -1;
69 static int hf_gtpv2_instance = -1;
70 static int hf_gtpv2_cause = -1;
71 static int hf_gtpv2_cause_cs = -1;
72 static int hf_gtpv2_cause_bce = -1;
73 static int hf_gtpv2_cause_pce = -1;
74 static int hf_gtpv2_cause_off_ie_t = -1;
75 static int hf_gtpv2_rec = -1;
76 /*Start SRVCC Messages*/
77 static int hf_gtpv2_stn_sr = -1;
78 static int hf_gtpv2_len_trans_con = -1;
79 static int hf_gtpv2_eksi = -1;
80 static int hf_gtpv2_ck = -1;
81 static int hf_gtpv2_ik = -1;
82 static int hf_gtpv2_len_ms_classmark2 = -1;
83 static int hf_gtpv2_len_ms_classmark3 = -1;
84 static int hf_gtpv2_len_supp_codec_list = -1;
85 static int hf_gtpv2_ksi = -1;
86 /*static int hf_gtpv2_kc = -1; */
87 static int hf_gtpv2_cksn = -1;
88 static int hf_gtpv2_srvcc_cause = -1;
89 static int hf_gtpv2_rnc_id = -1;
90 static int hf_gtpv2_lac = -1;
91 static int hf_gtpv2_sac = -1;
92 static int hf_gtpv2_tgt_g_cell_id = -1;
93 static int hf_gtpv2_teid_c = -1;
94 static int hf_gtpv2_sv_sti = -1;
95 static int hf_gtpv2_sv_ics = -1;
96 static int hf_gtpv2_sv_emind = -1;
97 /*End SRVCC Messages*/
98 static int hf_gtpv2_apn = -1;
99 static int hf_gtpv2_ebi = -1;
100 static int hf_gtpv2_daf = -1;
101 static int hf_gtpv2_dtf = -1;
102 static int hf_gtpv2_hi = -1;
103 static int hf_gtpv2_dfi = -1;
104 static int hf_gtpv2_oi = -1;
105 static int hf_gtpv2_isrsi = -1;
106 static int hf_gtpv2_israi = -1;
107 static int hf_gtpv2_sgwci = -1;
108 static int hf_gtpv2_sqci = -1;
109 static int hf_gtpv2_uimsi = -1;
110 static int hf_gtpv2_cfsi = -1;
111 static int hf_gtpv2_crsi = -1;
112 static int hf_gtpv2_pt = -1;
113 static int hf_gtpv2_ps = -1;
114 static int hf_gtpv2_si = -1;
115 static int hf_gtpv2_msv = -1;
116 static int hf_gtpv2_ccrsi = -1;
117 static int hf_gtpv2_pdn_type = -1;
118 static int hf_gtpv2_pdn_ipv4 = -1;
119 static int hf_gtpv2_pdn_ipv6_len = -1;
120 static int hf_gtpv2_pdn_ipv6 = -1;
121 static int hf_gtpv2_pdn_numbers_nsapi = -1;
122 static int hf_gtpv2_p_tmsi = -1;
123 static int hf_gtpv2_p_tmsi_sig = -1;
126 static int hf_gtpv2_rat_type = -1;
127 static int hf_gtpv2_uli_ecgi_flg = -1;
128 static int hf_gtpv2_uli_lai_flg = -1;
129 static int hf_gtpv2_uli_tai_flg = -1;
130 static int hf_gtpv2_uli_rai_flg = -1;
131 static int hf_gtpv2_uli_sai_flg = -1;
132 static int hf_gtpv2_uli_cgi_flg = -1;
133 static int hf_gtpv2_cng_rep_act = -1;
135 static int hf_gtpv2_selec_mode = -1;
136 static int hf_gtpv2_source_type = -1;
137 static int hf_gtpv2_f_teid_v4 = -1;
138 static int hf_gtpv2_f_teid_v6 = -1;
139 static int hf_gtpv2_f_teid_interface_type= -1;
140 static int hf_gtpv2_f_teid_gre_key= -1;
141 static int hf_gtpv2_f_teid_ipv4= -1;
142 static int hf_gtpv2_f_teid_ipv6= -1;
143 static int hf_gtpv2_tmsi = -1;
144 static int hf_gtpv2_hsgw_addr_f_len = -1;
145 static int hf_gtpv2_hsgw_addr_ipv4 = -1;
146 static int hf_gtpv2_hsgw_addr_ipv6 = -1;
147 static int hf_gtpv2_gre_key = -1;
148 static int hf_gtpv2_sgw_addr_ipv4 = -1;
149 static int hf_gtpv2_sgw_addr_ipv6 = -1;
150 static int hf_gtpv2_sgw_s1u_teid = -1;
151 static int hf_gtpv2_imsi= -1;
152 static int hf_gtpv2_ipv4_addr = -1;
155 static int hf_gtpv2_ambr_up= -1;
156 static int hf_gtpv2_ambr_down= -1;
157 static int hf_gtpv2_ip_address_ipv4= -1;
158 static int hf_gtpv2_ip_address_ipv6= -1;
159 static int hf_gtpv2_mei= -1;
161 /* Trace Information */
162 static int hf_gtpv2_tra_info = -1;
163 static int hf_gtpv2_tra_info_msc_momt_calls = -1;
164 static int hf_gtpv2_tra_info_msc_momt_sms = -1;
165 static int hf_gtpv2_tra_info_msc_lu_imsi_ad = -1;
166 static int hf_gtpv2_tra_info_msc_handovers = -1;
167 static int hf_gtpv2_tra_info_msc_ss = -1;
168 static int hf_gtpv2_tra_info_mgw_context = -1;
169 static int hf_gtpv2_tra_info_sgsn_pdp_context = -1;
170 static int hf_gtpv2_tra_info_sgsn_momt_sms = -1;
171 static int hf_gtpv2_tra_info_sgsn_rau_gprs_ad = -1;
172 static int hf_gtpv2_tra_info_sgsn_mbms = -1;
173 static int hf_gtpv2_tra_info_sgsn_reserved = -1;
174 static int hf_gtpv2_tra_info_ggsn_pdp = -1;
175 static int hf_gtpv2_tra_info_ggsn_mbms = -1;
176 static int hf_gtpv2_tra_info_bm_sc = -1;
177 static int hf_gtpv2_tra_info_mme_sgw_ss = -1;
178 static int hf_gtpv2_tra_info_mme_sgw_sr = -1;
179 static int hf_gtpv2_tra_info_mme_sgw_iataud = -1;
180 static int hf_gtpv2_tra_info_lne_msc_s = -1;
181 static int hf_gtpv2_tra_info_lne_mgw = -1;
182 static int hf_gtpv2_tra_info_lne_sgsn = -1;
183 static int hf_gtpv2_tra_info_lne_ggsn = -1;
184 static int hf_gtpv2_tra_info_lne_rnc = -1;
185 static int hf_gtpv2_tra_info_lne_bm_sc = -1;
186 static int hf_gtpv2_tra_info_lne_mme = -1;
187 static int hf_gtpv2_tra_info_lne_sgw = -1;
188 static int hf_gtpv2_tra_info_lne_pdn_gw = -1;
189 static int hf_gtpv2_tra_info_lne_enb = -1;
190 static int hf_gtpv2_tra_info_tdl = -1;
191 static int hf_gtpv2_tra_info_lmsc_a = -1;
192 static int hf_gtpv2_tra_info_lmsc_lu = -1;
193 static int hf_gtpv2_tra_info_lmsc_mc = -1;
194 static int hf_gtpv2_tra_info_lmsc_map_g = -1;
195 static int hf_gtpv2_tra_info_lmsc_map_b = -1;
196 static int hf_gtpv2_tra_info_lmsc_map_e = -1;
197 static int hf_gtpv2_tra_info_lmsc_map_f = -1;
198 static int hf_gtpv2_tra_info_lmsc_cap = -1;
199 static int hf_gtpv2_tra_info_lmsc_map_d = -1;
200 static int hf_gtpv2_tra_info_lmsc_map_c = -1;
201 static int hf_gtpv2_tra_info_lmgw_mc = -1;
202 static int hf_gtpv2_tra_info_lmgw_nb_up = -1;
203 static int hf_gtpv2_tra_info_lmgw_lu_up = -1;
204 static int hf_gtpv2_tra_info_lsgsn_gb = -1;
205 static int hf_gtpv2_tra_info_lsgsn_lu = -1;
206 static int hf_gtpv2_tra_info_lsgsn_gn = -1;
207 static int hf_gtpv2_tra_info_lsgsn_map_gr = -1;
208 static int hf_gtpv2_tra_info_lsgsn_map_gd = -1;
209 static int hf_gtpv2_tra_info_lsgsn_map_gf = -1;
210 static int hf_gtpv2_tra_info_lsgsn_gs = -1;
211 static int hf_gtpv2_tra_info_lsgsn_ge = -1;
212 static int hf_gtpv2_tra_info_lggsn_gn = -1;
213 static int hf_gtpv2_tra_info_lggsn_gi = -1;
214 static int hf_gtpv2_tra_info_lggsn_gmb = -1;
215 static int hf_gtpv2_tra_info_lrnc_lu = -1;
216 static int hf_gtpv2_tra_info_lrnc_lur = -1;
217 static int hf_gtpv2_tra_info_lrnc_lub = -1;
218 static int hf_gtpv2_tra_info_lrnc_uu = -1;
219 static int hf_gtpv2_tra_info_lbm_sc_gmb = -1;
220 static int hf_gtpv2_tra_info_lmme_s1_mme = -1;
221 static int hf_gtpv2_tra_info_lmme_s3 = -1;
222 static int hf_gtpv2_tra_info_lmme_s6a = -1;
223 static int hf_gtpv2_tra_info_lmme_s10 = -1;
224 static int hf_gtpv2_tra_info_lmme_s11 = -1;
225 static int hf_gtpv2_tra_info_lsgw_s4 = -1;
226 static int hf_gtpv2_tra_info_lsgw_s5 = -1;
227 static int hf_gtpv2_tra_info_lsgw_s8b = -1;
228 static int hf_gtpv2_tra_info_lsgw_s11 = -1;
229 static int hf_gtpv2_tra_info_lpdn_gw_s2a = -1;
230 static int hf_gtpv2_tra_info_lpdn_gw_s2b = -1;
231 static int hf_gtpv2_tra_info_lpdn_gw_s2c = -1;
232 static int hf_gtpv2_tra_info_lpdn_gw_s5 = -1;
233 static int hf_gtpv2_tra_info_lpdn_gw_s6c = -1;
234 static int hf_gtpv2_tra_info_lpdn_gw_gx = -1;
235 static int hf_gtpv2_tra_info_lpdn_gw_s8b = -1;
236 static int hf_gtpv2_tra_info_lpdn_gw_sgi = -1;
237 static int hf_gtpv2_tra_info_lenb_s1_mme = -1;
238 static int hf_gtpv2_tra_info_lenb_x2 = -1;
239 static int hf_gtpv2_tra_info_lenb_uu = -1;
241 static int hf_gtpv2_address_digits = -1;
242 static int hf_gtpv2_ti = -1;
244 static int hf_gtpv2_bearer_qos_pvi= -1;
245 static int hf_gtpv2_bearer_qos_pl= -1;
246 static int hf_gtpv2_bearer_qos_pci= -1;
247 static int hf_gtpv2_bearer_qos_label_qci = -1;
248 static int hf_gtpv2_bearer_qos_mbr_up = -1;
249 static int hf_gtpv2_bearer_qos_mbr_down = -1;
250 static int hf_gtpv2_bearer_qos_gbr_up = -1;
251 static int hf_gtpv2_bearer_qos_gbr_down = -1;
252 static int hf_gtpv2_flow_qos_label_qci = -1;
253 static int hf_gtpv2_flow_qos_mbr_up = -1;
254 static int hf_gtpv2_flow_qos_mbr_down = -1;
255 static int hf_gtpv2_flow_qos_gbr_up = -1;
256 static int hf_gtpv2_flow_qos_gbr_down = -1;
258 static int hf_gtpv2_delay_value = -1;
259 static int hf_gtpv2_charging_id = -1;
260 static int hf_gtpv2_charging_characteristic = -1;
261 static int hf_gtpv2_bearer_flag_ppc = -1;
262 static int hf_gtpv2_bearer_flag_vb = -1;
263 static int hf_gtpv2_ue_time_zone_dst = -1;
264 static int hf_gtpv2_fq_csid_type = -1;
265 static int hf_gtpv2_fq_csid_nr = -1;
266 static int hf_gtpv2_fq_csid_ipv4 = -1;
267 static int hf_gtpv2_fq_csid_ipv6 = -1;
268 static int hf_gtpv2_fq_csid_id = -1;
269 static int hf_gtpv2_complete_req_msg_type = -1;
270 static int hf_gtpv2_mme_grp_id = -1;
271 static int hf_gtpv2_mme_code = -1;
272 static int hf_gtpv2_m_tmsi = -1;
273 static int hf_gtpv2_container_type = -1;
274 static int hf_gtpv2_cause_type = -1;
275 static int hf_gtpv2_CauseRadioNetwork = -1;
276 static int hf_gtpv2_CauseTransport = -1;
277 static int hf_gtpv2_CauseNas = -1;
278 static int hf_gtpv2_CauseProtocol = -1;
279 static int hf_gtpv2_CauseMisc = -1;
280 static int hf_gtpv2_target_type = -1;
281 static int hf_gtpv2_macro_enodeb_id = -1;
283 static int hf_gtpv2_node_type= -1;
284 static int hf_gtpv2_fqdn = -1;
285 static int hf_gtpv2_enterprise_id = -1;
286 static int hf_gtpv2_apn_rest= -1;
287 static int hf_gtpv2_pti= -1;
288 static int hf_gtpv2_mm_context_sm = -1;
289 static int hf_gtpv2_mm_context_nhi = -1;
290 static int hf_gtpv2_mm_context_drxi = -1;
291 static int hf_gtpv2_mm_context_cksn = -1;
292 static int hf_gtpv2_mm_context_cksn_ksi = -1;
293 static int hf_gtpv2_mm_context_ksi_a= -1;
294 static int hf_gtpv2_mm_context_ksi = -1;
295 static int hf_gtpv2_mm_context_nr_tri = -1;
296 static int hf_gtpv2_mm_context_nr_qui = -1;
297 static int hf_gtpv2_mm_context_nr_qua = -1;
298 static int hf_gtpv2_mm_context_unipa = -1;
299 static int hf_gtpv2_mm_context_unc = -1;
300 static int hf_gtpv2_mm_context_nas_dl_cnt = -1;
301 static int hf_gtpv2_mm_context_nas_ul_cnt = -1;
303 static int hf_gtpv2_uli_cgi_lac= -1;
304 static int hf_gtpv2_uli_cgi_ci= -1;
305 static int hf_gtpv2_uli_sai_lac= -1;
306 static int hf_gtpv2_uli_sai_sac= -1;
307 static int hf_gtpv2_uli_rai_lac= -1;
308 static int hf_gtpv2_uli_rai_rac= -1;
309 static int hf_gtpv2_uli_tai_tac= -1;
310 static int hf_gtpv2_uli_ecgi_eci= -1;
311 static int hf_gtpv2_uli_lai_lac = -1;
312 static int hf_gtpv2_uli_ecgi_eci_spare= -1;
313 static int hf_gtpv2_nsapi = -1;
314 static int hf_gtpv2_bearer_control_mode= -1;
317 static gint ett_gtpv2 = -1;
318 static gint ett_gtpv2_flags = -1;
319 static gint ett_gtpv2_ie = -1;
320 static gint ett_gtpv2_uli_flags = -1;
321 static gint ett_gtpv2_uli_field = -1;
322 static gint ett_gtpv2_bearer_ctx = -1;
323 static gint ett_gtpv2_PDN_conn = -1;
324 static gint ett_gtpv2_mm_context_flag = -1;
325 static gint ett_gtpv2_pdn_numbers_nsapi = -1;
326 static gint ett_gtpv2_tra_info_trigg = -1;
327 static gint ett_gtpv2_tra_info_trigg_msc_server = -1;
328 static gint ett_gtpv2_tra_info_trigg_mgw = -1;
329 static gint ett_gtpv2_tra_info_trigg_sgsn = -1;
330 static gint ett_gtpv2_tra_info_trigg_ggsn = -1;
331 static gint ett_gtpv2_tra_info_trigg_bm_sc = -1;
332 static gint ett_gtpv2_tra_info_trigg_sgw_mme = -1;
333 static gint ett_gtpv2_tra_info_interfaces = -1;
334 static gint ett_gtpv2_tra_info_interfaces_imsc_server = -1;
335 static gint ett_gtpv2_tra_info_interfaces_lmgw = -1;
336 static gint ett_gtpv2_tra_info_interfaces_lsgsn = -1;
337 static gint ett_gtpv2_tra_info_interfaces_lggsn = -1;
338 static gint ett_gtpv2_tra_info_interfaces_lrnc = -1;
339 static gint ett_gtpv2_tra_info_interfaces_lbm_sc = -1;
340 static gint ett_gtpv2_tra_info_interfaces_lmme = -1;
341 static gint ett_gtpv2_tra_info_interfaces_lsgw = -1;
342 static gint ett_gtpv2_tra_info_interfaces_lpdn_gw = -1;
343 static gint ett_gtpv2_tra_info_interfaces_lpdn_lenb = -1;
344 static gint ett_gtpv2_tra_info_ne_types = -1;
345 static gint ett_gtpv2_rai = -1;
346 static gint ett_gtpv2_ms_mark = -1;
347 static gint ett_gtpv2_stn_sr = -1;
348 static gint ett_gtpv2_supp_codec_list = -1;
350 /* Definition of User Location Info (AVP 22) masks */
351 #define GTPv2_ULI_CGI_MASK 0x01
352 #define GTPv2_ULI_SAI_MASK 0x02
353 #define GTPv2_ULI_RAI_MASK 0x04
354 #define GTPv2_ULI_TAI_MASK 0x08
355 #define GTPv2_ULI_ECGI_MASK 0x10
356 #define GTPv2_ULI_LAI_MASK 0x20
358 #define GTPV2_CREATE_SESSION_REQUEST 32
359 #define GTPV2_CREATE_SESSION_RESPONSE 33
360 #define GTPV2_FORWARD_RELOCATION_REQ 133
361 #define GTPV2_FORWARD_CTX_NOTIFICATION 137
362 static void dissect_gtpv2_ie_common(tvbuff_t * tvb, packet_info * pinfo _U_, proto_tree * tree, gint offset, guint8 message_type);
364 /*Message Types for GTPv2 (Refer Pg19 29.274) (SB)*/
365 static const value_string gtpv2_message_type_vals[] = {
368 {2, "Echo Response"},
369 {3, "Version Not Supported Indication"},
370 /* 4-24 Reserved for S101 interface TS 29.276 */
371 {4, "Node Alive Request"},
372 {5, "Node Alive Response"},
373 {6, "Redirection Request"},
374 {7, "Redirection Response"},
375 /* 25-31 Reserved for Sv interface TS 29.280 */
376 /*Start SRVCC Messages ETSI TS 129 280 V10.1.0 (2011-06) 5.2.1*/
377 {25, "SRVCC PS to CS Request"},
378 {26, "SRVCC PS to CS Response"},
379 {27, "SRVCC PS to CS Complete Notification"},
380 {28, "SRVCC PS to CS Complete Acknowledge"},
381 {29, "SRVCC PS to CS Cancel Notification"},
382 {30, "SRVCC PS to CS Cancel Acknowledge"},
383 {31, "For Future Sv interface use"},
384 /*End SRVCC Messages*/
385 /* SGSN/MME to PGW (S4/S11, S5/S8) */
386 {32, "Create Session Request"},
387 {33, "Create Session Response"},
388 {34, "Modify Bearer Request"},
389 {35, "Modify Bearer Response"},
390 {36, "Delete Session Request"},
391 {37, "Delete Session Response"},
392 /* SGSN to PGW (S4, S5/S8) */
393 {38, "Change Notification Request"},
394 {39, "Change Notification Response"},
395 /* 40-63 For future use */
396 /* Messages without explicit response */
397 {64, "Modify Bearer Command"}, /* (MME/SGSN to PGW -S11/S4, S5/S8) */
398 {65, "Modify Bearer Failure Indication"}, /*(PGW to MME/SGSN -S5/S8, S11/S4) */
399 {66, "Delete Bearer Command"}, /* (MME to PGW -S11, S5/S8) */
400 {67, "Delete Bearer Failure Indication"}, /* (PGW to MME -S5/S8, S11) */
401 {68, "Bearer Resource Command"}, /* (MME/SGSN to PGW -S11/S4, S5/S8) */
402 {69, "Bearer Resource Failure Indication"}, /* (PGW to MME/SGSN -S5/S8, S11/S4) */
403 {70, "Downlink Data Notification Failure Indication"}, /*(SGSN/MME to SGW -S4/S11) */
404 {71, "Trace Session Activation"},
405 {72, "Trace Session Deactivation"},
406 {73, "Stop Paging Indication"},
407 /* 74-94 For future use */
408 /* PDN-GW to SGSN/MME (S5/S8, S4/S11) */
409 {95, "Create Bearer Request"},
410 {96, "Create Bearer Response"},
411 {97, "Update Bearer Request"},
412 {98, "Update Bearer Response"},
413 {99, "Delete Bearer Request"},
414 {100, "Delete Bearer Response"},
415 /* PGW to MME, MME to PGW, SGW to PGW, SGW to MME (S5/S8, S11) */
416 {101, "Delete PDN Connection Set Request"},
417 {102, "Delete PDN Connection Set Response"},
418 /* 103-127 For future use */
419 /* MME to MME, SGSN to MME, MME to SGSN, SGSN to SGSN (S3/10/S16) */
420 {128, "Identification Request"},
421 {129, "Identification Response"},
422 {130, "Context Request"},
423 {131, "Context Response"},
424 {132, "Context Acknowledge"},
425 {133, "Forward Relocation Request"},
426 {134, "Forward Relocation Response"},
427 {135, "Forward Relocation Complete Notification"},
428 {136, "Forward Relocation Complete Acknowledge"},
429 {137, "Forward Access Context Notification"},
430 {138, "Forward Access Context Acknowledge"},
431 {139, "Relocation Cancel Request"},
432 {140, "Relocation Cancel Response"},
433 {141, "Configuration Transfer Tunnel"},
434 /* 142-148 For future use */
435 /* SGSN to MME, MME to SGSN (S3)*/
436 {149, "Detach Notification"},
437 {150, "Detach Acknowledge"},
438 {151, "CS Paging Indication"},
439 {152, "RAN Information Relay"},
440 {153, "Alert MME Notification"},
441 {154, "Alert MME Acknowledge"},
442 {155, "UE Activity Notification"},
443 {156, "UE Activity Acknowledge"},
444 /* 157 to 159 For future use */
445 /* MME to SGW (S11) */
446 {160, "Create Forwarding Tunnel Request"},
447 {161, "Create Forwarding Tunnel Response"},
448 {162, "Suspend Notification"},
449 {163, "Suspend Acknowledge"},
450 {164, "Resume Notification"},
451 {165, "Resume Acknowledge"},
452 {166, "Create Indirect Data Forwarding Tunnel Request"},
453 {167, "Create Indirect Data Forwarding Tunnel Response"},
454 {168, "Delete Indirect Data Forwarding Tunnel Request"},
455 {169, "Delete Indirect Data Forwarding Tunnel Response"},
456 {170, "Release Access Bearers Request"},
457 {171, "Release Access Bearers Response"},
458 /* 172-175 For future use */
459 /* SGW to SGSN/MME (S4/S11) */
460 {176, "Downlink Data Notification"},
461 {177, "Downlink Data Notification Acknowledgement"},
462 /* SGW to SGSN (S4) */
463 {178, "Update Bearer Complete"},
464 /* 179-191 For future use */
466 {200, "Update PDN Connection Set Request"},
467 {201, "Update PDN Connection Set Response"},
468 /* 202 to 230 For future use */
469 /* MBMS GW to MME/SGSN (Sm/Sn) */
470 {231, "MBMS Session Start Request"},
471 {323, "MBMS Session Start Response"},
472 {233, "MBMS Session Update Request"},
473 {234, "MBMS Session Update Response"},
474 {235, "MBMS Session Stop Request"},
475 {236, "MBMS Session Stop Response"},
476 /* 237 to 239 For future use */
477 /* 240-255 Reserved for GTP-U TS 29.281 [13] */
478 {240, "Data Record Transfer Request"},
479 {241, "Data Record Transfer Response"},
483 #define GTPV2_IE_RESERVED 0
484 #define GTPV2_IE_IMSI 1
485 #define GTPV2_IE_CAUSE 2
486 #define GTPV2_REC_REST_CNT 3
487 /*Start SRVCC Messages*/
488 #define GTPV2_IE_STN_SR 51
489 #define GTPV2_IE_SRC_TGT_TRANS_CON 52
490 #define GTPV2_IE_TGT_SRC_TRANS_CON 53
491 #define GTPV2_IE_MM_CON_EUTRAN_SRVCC 54
492 #define GTPV2_IE_MM_CON_UTRAN_SRVCC 55
493 #define GTPV2_IE_SRVCC_CAUSE 56
494 #define GTPV2_IE_TGT_RNC_ID 57
495 #define GTPV2_IE_TGT_GLOGAL_CELL_ID 58
496 #define GTPV2_IE_TEID_C 59
497 #define GTPV2_IE_SV_FLAGS 60
498 #define GTPV2_IE_SAI 61
499 /* 61 - 70 for future sv interface use*/
500 /*End SRVCC Messages*/
502 #define GTPV2_AMBR 72
504 #define GTPV2_IP_ADDRESS 74
506 #define GTPV2_IE_MSISDN 76
507 #define GTPV2_INDICATION 77
510 #define GTPV2_BEARER_QOS 80
511 #define GTPV2_IE_FLOW_QOS 81
512 #define GTPV2_IE_RAT_TYPE 82
513 #define GTPV2_IE_SERV_NET 83
514 #define GTPV2_IE_BEARER_TFT 84
515 #define GTPV2_IE_TAD 85
516 #define GTPV2_IE_ULI 86
517 #define GTPV2_IE_F_TEID 87
518 #define GTPV2_IE_TMSI 88
519 #define GTPV2_IE_GLOBAL_CNID 89
520 #define GTPV2_IE_S103PDF 90
521 #define GTPV2_IE_S1UDF 91
522 #define GTPV2_IE_DEL_VAL 92
523 #define GTPV2_IE_BEARER_CTX 93
524 #define GTPV2_IE_CHAR_ID 94
525 #define GTPV2_IE_CHAR_CHAR 95
526 #define GTPV2_IE_TRA_INFO 96
527 #define GTPV2_BEARER_FLAG 97
528 /* define GTPV2_IE_PAGING_CAUSE 98 (void) */
529 #define GTPV2_IE_PDN_TYPE 99
530 #define GTPV2_IE_PTI 100
531 #define GTPV2_IE_DRX_PARAM 101
532 #define GTPV2_IE_UE_NET_CAPABILITY 102
533 #define GTPV2_IE_MM_CONTEXT_GSM_T 103
534 #define GTPV2_IE_MM_CONTEXT_UTMS_CQ 104
535 #define GTPV2_IE_MM_CONTEXT_GSM_CQ 105
536 #define GTPV2_IE_MM_CONTEXT_UTMS_Q 106
537 #define GTPV2_IE_MM_CONTEXT_EPS_QQ 107
538 #define GTPV2_IE_MM_CONTEXT_UTMS_QQ 108
539 #define GTPV2_IE_PDN_CONNECTION 109
540 #define GTPV2_IE_PDN_NUMBERS 110
541 #define GTPV2_IE_P_TMSI 111
542 #define GTPV2_IE_P_TMSI_SIG 112
543 #define GTPV2_IE_HOP_COUNTER 113
544 #define GTPV2_IE_UE_TIME_ZONE 114
545 #define GTPV2_IE_TRACE_REFERENCE 115
546 #define GTPV2_IE_COMPLETE_REQUEST_MSG 116
547 #define GTPV2_IE_GUTI 117
548 #define GTPV2_IE_F_CONTAINER 118
549 #define GTPV2_IE_F_CAUSE 119
550 #define GTPV2_IE_SEL_PLMN_ID 120
551 #define GTPV2_IE_TARGET_ID 121
552 /* GTPV2_IE_NSAPI 122 */
553 #define GTPV2_IE_PKT_FLOW_ID 123
554 #define GTPV2_IE_RAB_CONTEXT 124
555 #define GTPV2_IE_S_RNC_PDCP_CTX_INFO 125
556 #define GTPV2_IE_UDP_S_PORT_NR 126
557 #define GTPV2_IE_APN_RESTRICTION 127
558 #define GTPV2_IE_SEL_MODE 128
559 #define GTPV2_IE_SOURCE_IDENT 129
560 #define GTPV2_IE_BEARER_CONTROL_MODE 130
561 #define GTPV2_IE_CNG_REP_ACT 131
562 #define GTPV2_IE_FQ_CSID 132
563 #define GTPV2_IE_CHANNEL_NEEDED 133
564 #define GTPV2_IE_EMLPP_PRI 134
565 #define GTPV2_IE_NODE_TYPE 135
566 #define GTPV2_IE_FQDN 136
567 #define GTPV2_IE_TI 137
568 #define GTPV2_IE_PRIVATE_EXT 255
571 #define CREATE_NEW_TFT 0X20
572 #define DELETE_TFT 0X40
573 #define ADD_PACKET_FILTERS_TFT 0X60
574 #define REPLACE_PACKET_FILTERS_TFT 0X80
575 #define DELETE_PACKET_FILTERS_TFT 0XA0
576 #define NO_TFT_OPERATION 0XC0
577 #define RESERVED 0XE0
580 /* Table 8.1-1: Information Element types for GTPv2 */
581 static const value_string gtpv2_element_type_vals[] = {
583 {1, "International Mobile Subscriber Identity (IMSI)"}, /* Variable Length / 8.3 */
584 {2, "Cause"}, /* Variable Length / 8.4 */
585 {3, "Recovery (Restart Counter)"}, /* Variable Length / 8.5 */
586 /* 4-50 Reserved for S101 interface Extendable / See 3GPP TS 29.276 [14] */
587 /* 51-70 Reserved for Sv interface Extendable / See 3GPP TS 29.280 [15] */
588 /*Start SRVCC Messages ETSI TS 129 280 V10.1.0 (2011-06) 6.1*/
589 {51, "STN-SR"}, /* Variable Length / 6.2 */
590 {52, "Source to Target Transparent Container"}, /* Variable Length / 6.3 */
591 {53, "Target to Source Transparent Container"}, /* Variable Length / 6.4 */
592 {54, "MM Context for E-UTRAN SRVCC"}, /* Variable Length / 6.5 */
593 {55, "MM Context for UTRAN SRVCC"}, /* Variable Length / 6.6 */
594 {56, "SRVCC Cause"}, /* Fixed Length / 6.7 */
595 {57, "Target RNC ID"}, /* Variable Length / 6.8 */
596 {58, "Target Global Cell ID"}, /* Variable Length / 6.9 */
597 {59, "TEID-C"}, /* Extendable / 6.10 */
598 {60, "Sv Flags"}, /* Extendable / 6.11 */
599 {61, "Service Area Identifier"}, /* Extendable / 6.12 */
600 /* 62-70 For future Sv interface use */
601 /*End SRVCC Messages*/
602 {71, "Access Point Name (APN)"}, /* Variable Length / 8.6 */
603 {72, "Aggregate Maximum Bit Rate (AMBR)"}, /* Fixed Length / 8.7 */
604 {73, "EPS Bearer ID (EBI)"}, /* Extendable / 8.8 */
605 {74, "IP Address"}, /* Extendable / 8.9 */
606 {75, "Mobile Equipment Identity (MEI)"}, /* Variable Length / 8.10 */
607 {76, "MSISDN"}, /* Variable Length / 8.11 */
608 {77, "Indication"}, /* Extendable / 8.12 */
609 {78, "Protocol Configuration Options (PCO)"}, /* Variable Length / 8.13 */
610 {79, "PDN Address Allocation (PAA)"}, /* Variable Length / 8.14 */
611 {80, "Bearer Level Quality of Service (Bearer QoS)"}, /* Variable Length / 8.15 */
612 {81, "Flow Quality of Service (Flow QoS)"}, /* Extendable / 8.16 */
613 {82, "RAT Type"}, /* Extendable / 8.17 */
614 {83, "Serving Network"}, /* Extendable / 8.18 */
615 {84, "EPS Bearer Level Traffic Flow Template (Bearer TFT)"}, /* Variable Length / 8.19 */
616 {85, "Traffic Aggregation Description (TAD)"}, /* Variable Length / 8.20 */
617 {86, "User Location Info (ULI)"}, /* Variable Length / 8.21 */
618 {87, "Fully Qualified Tunnel Endpoint Identifier (F-TEID)"}, /* Extendable / 8.22 */
619 {88, "TMSI"}, /* Variable Length / 8.23 */
620 {89, "Global CN-Id"}, /* Variable Length / 8.24 */
621 {90, "S103 PDN Data Forwarding Info (S103PDF)"}, /* Variable Length / 8.25 */
622 {91, "S1-U Data Forwarding Info (S1UDF)"}, /* Variable Length/ 8.26 */
623 {92, "Delay Value"}, /* Extendable / 8.27 */
624 {93, "Bearer Context"}, /* Extendable / 8.28 */
625 {94, "Charging ID"}, /* Extendable / 8.29 */
626 {95, "Charging Characteristics"}, /* Extendable / 8.30 */
627 {96, "Trace Information"}, /* Extendable / 8.31 */
628 {97, "Bearer Flags"}, /* Extendable / 8.32 */
629 {98, "Paging Cause"}, /* Variable Length / 8.33 */
630 {99, "PDN Type"}, /* Extendable / 8.34 */
631 {100, "Procedure Transaction ID"}, /* Extendable / 8.35 */
632 {101, "DRX Parameter"}, /* Variable Length/ 8.36 */
633 {102, "UE Network Capability"}, /* Variable Length / 8.37 */
634 {103, "MM Context (GSM Key and Triplets)"}, /* Variable Length / 8.38 */
635 {104, "MM Context (UMTS Key, Used Cipher and Quintuplets)"}, /* Variable Length / 8.38 */
636 {105, "MM Context (GSM Key, Used Cipher and Quintuplets)"}, /* Variable Length / 8.38 */
637 {106, "MM Context (UMTS Key and Quintuplets)"}, /* Variable Length / 8.38 */
638 {107, "MM Context (EPS Security Context, Quadruplets and Quintuplets)"}, /* Variable Length / 8.38 */
639 {108, "MM Context (UMTS Key, Quadruplets and Quintuplets)"}, /* Variable Length / 8.38 */
640 {109, "PDN Connection"}, /* Extendable / 8.39 */
641 {110, "PDU Numbers"}, /* Extendable / 8.40 */
642 {111, "P-TMSI"}, /* Variable Length / 8.41 */
643 {112, "P-TMSI Signature"}, /* Variable Length / 8.42 */
644 {113, "Hop Counter"}, /* Extendable / 8.43 */
645 {114, "UE Time Zone"}, /* Variable Length / 8.44 */
646 {115, "Trace Reference"}, /* Fixed Length / 8.45 */
647 {116, "Complete Request Message"}, /* Variable Length / 8.46 */
648 {117, "GUTI"}, /* Variable Length / 8.47 */
649 {118, "F-Container"}, /* Variable Length / 8.48 */
650 {119, "F-Cause"}, /* Variable Length / 8.49 */
651 {120, "Selected PLMN ID"}, /* Variable Length / 8.50 */
652 {121, "Target Identification"}, /* Variable Length / 8.51 */
653 {122, "NSAPI"}, /* Extendable / 8.52 */
654 {123, "Packet Flow ID"}, /* Variable Length / 8.53 */
655 {124, "RAB Context"}, /* Fixed Length / 8.54 */
656 {125, "Source RNC PDCP Context Info"}, /* Variable Length / 8.55 */
657 {126, "UDP Source Port Number"}, /* Extendable / 8.56 */
658 {127, "APN Restriction"}, /* Extendable / 8.57 */
659 {128, "Selection Mode"}, /* Extendable / 8.58 */
660 {129, "Source Identification"}, /* Variable Length / 8.50 */
661 {130, "Bearer Control Mode"}, /* Extendable / 8.60 */
662 {131, "Change Reporting Action"}, /* Variable Length / 8.61 */
663 {132, "Fully Qualified PDN Connection Set Identifier (FQ-CSID)"}, /* Variable Length / 8.62 */
664 {133, "Channel needed"}, /* Extendable / 8.63 */
665 {134, "eMLPP Priority"}, /* Extendable / 8.64 */
666 {135, "Node Type"}, /* Extendable / 8.65 */
667 {136, "Fully Qualified Domain Name (FQDN)"}, /* Variable Length / 8.66 */
668 {137, "Transaction Identifier (TI)"}, /* Variable Length / 8.68 */
669 {138, "MBMS Session"}, /* Duration Extendable / 8.69 */
670 {139, "MBMS Service Area"}, /* Extendable / 8.70 */
671 {140, "MBMS Session Identifier"}, /* Extendable / 8.71 */
672 {141, "MBMS Flow Identifier"}, /* Extendable / 8.72 */
673 {142, "MBMS IP Multicast Distribution"}, /* Extendable / 8.73 */
674 {143, "MBMS Distribution Acknowledge"}, /* Extendable / 8.74 */
675 {144, "RFSP Index"}, /* Fixed Length / 8.77 */
676 {145, "User CSG Information (UCI)"}, /* Extendable / 8.75 */
677 {146, "CSG Information Reporting Action"}, /* Extendable / 8.76 */
678 {147, "CSG ID"}, /* Extendable / 8.78 */
679 {148, "CSG Membership Indication (CMI)"}, /* Extendable / 8.79 */
680 {149, "Service indicator"}, /* Fixed Length / 8.80 */
681 {150, "Detach Type"}, /* Fixed Length / 8.81 */
682 {151, "Local Distiguished Name (LDN)"}, /* Variable / 8.82 */
683 {152, "Node Features"}, /* Extendable / 8.83 */
684 {153, "MBMS Time to Data Transfer"}, /* Extendable / 8.84 */
685 {154, "Throttling"}, /* Extendable / 8.85 */
686 {155, "Allocation/Retention Priority (ARP)"}, /* Extendable / 8.86 */
687 /* 156 to 254 Spare. For future use. */ /* For future use. FFS */
688 {255, "Private Extension"}, /* Extension Extendable / 8.67 */
692 /* Code to dissect IE's */
695 dissect_gtpv2_unknown(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
697 proto_item *expert_item;
699 expert_item = proto_tree_add_text(tree, tvb, 0, length, "IE data not dissected yet");
700 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_NOTE, "IE data not dissected yet");
701 PROTO_ITEM_SET_GENERATED(expert_item);
706 * 8.3 International Mobile Subscriber Identity (IMSI)
708 * IMSI is defined in 3GPP TS 23.003
709 * Editor's note: IMSI coding will be defined in 3GPP TS 24.301
710 * Editor's note: In the first release of GTPv2 spec (TS 29.274v8.0.0) n = 8.
711 * That is, the overall length of the IE is 11 octets.
715 dissect_gtpv2_imsi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
718 const gchar *imsi_str;
720 /* Fetch the BCD encoded digits from tvb low half byte, formating the digits according to
721 * a default digit set of 0-9 returning "?" for overdecadic digits a pointer to the EP
722 * allocated string will be returned.
724 imsi_str = tvb_bcd_dig_to_ep_str( tvb, offset, length, NULL, FALSE);
726 proto_tree_add_string(tree, hf_gtpv2_imsi, tvb, offset, length, imsi_str);
727 proto_item_append_text(item, "%s", imsi_str);
735 /* Table 8.4-1: Cause values */
736 static const value_string gtpv2_cause_vals[] = {
741 {3, "Complete Detach"},
742 {4, "RAT changed from 3GPP to Non-3GPP"},
743 {5, "ISR is activated"},
744 {6, "Error Indication received from RNC/eNodeB"},
745 {7, "IMSI Detach Only"},
746 {8, "Reactivation Requested"},
747 {9, "PDN reconnection to this APN disallowed"},
748 {10, "Access changed from Non-3GPP to 3GPP"},
749 /* 11-15 Spare. This value range is reserved for Cause values in a request message */
755 /* Acceptance Response */
756 {16, "Request accepted"},
757 {17, "Request accepted partially"},
758 {18, "New PDN type due to network preference"},
759 {19, "New PDN type due to single address bearer only"},
760 /* 20-63 Spare. This value range is reserved for Cause values in acceptance response message */
761 /* Rejection Response */
807 {64, "Context Not Found"},
808 {65, "Invalid Message Format"},
809 {66, "Version not supported by next peer"},
810 {67, "Invalid length"},
811 {68, "Service not supported"},
812 {69, "Mandatory IE incorrect"},
813 {70, "Mandatory IE missing"},
814 {71, "Optional IE incorrect"},
815 {72, "System failure"},
816 {73, "No resources available"},
817 {74, "Semantic error in the TFT operation"},
818 {75, "Syntactic error in the TFT operation"},
819 {76, "Semantic errors in packet filter(s)"},
820 {77, "Syntactic errors in packet filter(s)"},
821 {78, "Missing or unknown APN"},
822 {79, "Unexpected repeated IE"},
823 {80, "GRE key not found"},
824 {81, "Reallocation failure"},
825 {82, "Denied in RAT"},
826 {83, "Preferred PDN type not supported"},
827 {84, "All dynamic addresses are occupied"},
828 {85, "UE context without TFT already activated"},
829 {86, "Protocol type not supported"},
830 {87, "UE not responding"},
832 {89, "Service denied"},
833 {90, "Unable to page UE"},
834 {91, "No memory available"},
835 {92, "User authentication failed"},
836 {93, "APN access denied - no subscription"},
837 {94, "Request rejected"},
838 {95, "P-TMSI Signature mismatch"},
839 {96, "IMSI not known"},
840 {97, "Semantic error in the TAD operation"},
841 {98, "Syntactic error in the TAD operation"},
842 {99, "Reserved Message Value Received"},
843 {100, "PGW not responding"},
844 {101, "Collision with network initiated request"},
845 {102, "Unable to page UE due to Suspension"},
846 {103, "Conditional IE missing"},
847 {104, "APN Restriction type Incompatible with currently active PDN connection"},
848 {105, "Invalid overall length of the triggered response message and a piggybacked initial message"},
849 {106, "Data forwarding not supported"},
850 {107, "Invalid reply from remote peer"},
851 {108, "Fallback to GTPv1"},
852 {109, "Invalid peer"},
853 {110, "Temporarily rejected due to handover procedure in progress"},
854 {111, "Modifications not limited to S1-U bearers"},
855 {112, "Request rejected for a PMIPv6 reason "},
856 /* 113-239 Spare. For future use in a triggered/response message */
857 /* 240-255 Spare. For future use in an initial/request message */
861 static value_string_ext gtpv2_cause_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_cause_vals);
863 /* Table 8.4-1: CS (Cause Source) */
864 static const true_false_string gtpv2_cause_cs = {
865 "Originated by remote node",
866 "Originated by node sending the message",
870 dissect_gtpv2_cause(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
875 /* Cause value octet 5 */
876 tmp = tvb_get_guint8(tvb, offset);
877 proto_tree_add_item(tree, hf_gtpv2_cause, tvb, offset, 1, FALSE);
879 /* Add Cause to ie_tree */
880 proto_item_append_text(item, "%s (%u)", val_to_str_ext_const(tmp, >pv2_cause_vals_ext, "Unknown"),tmp);
883 /* Octet 6 Spare PCE BCE CS */
884 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
885 proto_tree_add_item(tree, hf_gtpv2_cause_pce, tvb, offset, 1, FALSE);
886 proto_tree_add_item(tree, hf_gtpv2_cause_bce, tvb, offset, 1, FALSE);
887 proto_tree_add_item(tree, hf_gtpv2_cause_cs, tvb, offset, 1, FALSE);
890 /* If n = 2, a = 0 and the Cause IE shall be 6 octets long.
891 * Therefore, octets "a(n+1) to a(n+4)" will not be present.
892 * If n = 6, a = 1 and the Cause IE will be 10 octets long.
898 * If the rejection is due to a mandatory IE or a verifiable conditional IE is faulty
899 * or missing, the offending IE shall be included within an additional field "a(n+1)
900 * to a(n+4)". Only Type and Instance fields of the offending IE that caused the
901 * rejection have a meaning. The length in the Octet 8-9 and spare bits in the Octet 10
902 * shall be set to "0". In this case, the value of "n" shall be "6".
903 * Otherwise, the value of "n" is equal to "2".
906 /* Type of the offending IE */
907 proto_tree_add_item(tree, hf_gtpv2_cause_off_ie_t, tvb, offset, 1, FALSE);
911 proto_tree_add_item(tree, hf_gtpv2_ie_len, tvb, offset, 2, FALSE);
913 /* a(n+4) Spare Instance */
914 proto_tree_add_bits_item(tree, hf_gtpv2_spare_half_octet, tvb, offset>>3, 4, FALSE);
915 proto_tree_add_item(tree, hf_gtpv2_instance, tvb, offset, 1, FALSE);
921 * 8.5 Recovery (Restart Counter)
924 dissect_gtpv2_recovery(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
929 recovery = tvb_get_guint8(tvb, offset);
930 proto_tree_add_item(tree, hf_gtpv2_rec, tvb, offset, 1, FALSE);
931 proto_item_append_text(item, "%u", recovery);
936 /*Start SRVCC Messages*/
940 dissect_gtpv2_stn_sr(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
942 proto_item *stn_sr_item;
943 proto_tree *sub_tree;
947 stn_sr_item = proto_tree_add_item(tree, hf_gtpv2_stn_sr, tvb, offset, length, FALSE);
948 new_tvb = tvb_new_subset(tvb, offset, length, length );
949 sub_tree = proto_item_add_subtree(stn_sr_item, ett_gtpv2_stn_sr);
952 * contains the Nature of Address and Numbering Plan Indicator (NANPI) of the "AddressString" ASN.1 type (see 3GPP
953 * TS 29.002 [11]). Octets 6 to (n+4) contain the actual STN-SR (digits of an address encoded as a TBCD-STRING as in
954 * the "AddressString" ASN.1 type). For an odd number of STN-SR digits, bits 8 to 5 of the last octet are encoded with the
957 dissect_gsm_map_msisdn(new_tvb, pinfo, sub_tree);
960 /* 6.3 Source to Target Transparent Container */
963 dissect_gtpv2_src_tgt_trans_con(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
966 proto_tree_add_item(tree, hf_gtpv2_len_trans_con, tvb, offset, 1, FALSE);
968 /*ra_type_flag = 0;*/
970 /* Transparent Container
971 * When target network is GERAN, this container carries the Old BSS to New BSS
972 * Information IE defined in 3GPP TS 48.008 [8]. When target network is UTRAN, this container carries the Source RNC
973 * to Target RNC Transparent Container IE defined in 3GPP TS 25.413 [9]. The Transparent container field includes the
974 * IE value part as it is specified in the respective specification.
976 proto_tree_add_text(tree, tvb, offset, length-1, "Transparent Container: %s", tvb_bytes_to_str(tvb, offset, length-1));
978 * bssmap_old_bss_to_new_bss_info(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo);
979 * dissect_ranap_SourceRNC_ToTargetRNC_TransparentContainer_PDU
984 /* 6.4 Target to Source Transparent Container */
986 dissect_gtpv2_tgt_src_trans_con(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
989 proto_tree_add_item(tree, hf_gtpv2_len_trans_con, tvb, offset, 1, FALSE);
992 /* Transparent Container */
993 proto_tree_add_text(tree, tvb, offset, length-1, "Transparent Container: %s", tvb_bytes_to_str(tvb, offset, length-1));
998 /* 6.5 MM Context for E-UTRAN SRVCC */
1000 dissect_gtpv2_mm_con_eutran_srvcc(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1004 proto_tree *ms_tree, *fi;
1006 proto_tree_add_item(tree, hf_gtpv2_eksi, tvb, offset, 1, FALSE);
1008 proto_tree_add_text(tree, tvb, offset , 16,"CKsrvcc: %s ",tvb_bytes_to_str(tvb, offset, 16));
1010 proto_tree_add_text(tree, tvb, offset, 16, "IKsrvcc: %s ", tvb_bytes_to_str(tvb, offset, 16));
1013 /* Length of Mobile Station Classmark2 */
1014 elm_len = tvb_get_guint8(tvb, offset);
1015 proto_tree_add_item(tree, hf_gtpv2_len_ms_classmark2, tvb, offset, 1, FALSE);
1017 fi = proto_tree_add_text(tree, tvb, offset, elm_len, "Mobile Station Classmark2 %s", tvb_bytes_to_str(tvb, offset, elm_len));
1018 ms_tree = proto_item_add_subtree(fi, ett_gtpv2_ms_mark);
1019 de_ms_cm_2(tvb, ms_tree, pinfo, offset, elm_len, NULL, 0);
1020 offset = offset+elm_len;
1022 /* Length of Mobile Station Classmark3 */
1023 elm_len = tvb_get_guint8(tvb, offset);
1024 proto_tree_add_item(tree, hf_gtpv2_len_ms_classmark3, tvb, offset, 1, FALSE);
1026 fi = proto_tree_add_text(tree, tvb, offset, elm_len, "Mobile Station Classmark3 %s", tvb_bytes_to_str(tvb, offset, elm_len));
1027 ms_tree = proto_item_add_subtree(fi, ett_gtpv2_ms_mark);
1028 de_ms_cm_3(tvb, ms_tree, pinfo, offset, elm_len, NULL, 0);
1029 offset = offset+elm_len;
1031 /*Length of Supported Codec List */
1032 elm_len = tvb_get_guint8(tvb, offset);
1033 proto_tree_add_item(tree, hf_gtpv2_len_supp_codec_list, tvb, offset, 1, FALSE);
1035 fi = proto_tree_add_text(tree, tvb, offset, elm_len, "Supported Codec List %s", tvb_bytes_to_str(tvb, offset, elm_len));
1036 ms_tree = proto_item_add_subtree(fi, ett_gtpv2_supp_codec_list);
1037 de_sup_codec_list(tvb, ms_tree, pinfo, offset, elm_len, NULL, 0);
1038 offset = offset+elm_len;
1042 /* 6.6 MM Context for UTRAN SRVCC */
1044 dissect_gtpv2_mm_con_utran_srvcc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1048 proto_tree *ms_tree, *fi;
1050 proto_tree_add_item(tree, hf_gtpv2_ksi, tvb, offset, 1, FALSE);
1053 proto_tree_add_text(tree, tvb, offset , 16,"CK'cs: %s",tvb_bytes_to_str(tvb, offset, 16));
1055 proto_tree_add_text(tree, tvb, offset, 16, "IK'cs: %s",tvb_bytes_to_str(tvb, offset, 16));
1057 proto_tree_add_text(tree, tvb, offset, 8, "Kc': %s",tvb_bytes_to_str(tvb, offset, 8));
1059 proto_tree_add_item(tree, hf_gtpv2_cksn, tvb, offset, 1, FALSE);
1062 /*Length of Mobile Station Classmark2 */
1063 ms_class = tvb_get_guint8(tvb, offset);
1064 proto_tree_add_item(tree, hf_gtpv2_len_ms_classmark2, tvb, offset, 1, FALSE);
1066 fi = proto_tree_add_text(tree, tvb, offset, ms_class, "Mobile Station Classmark2 %s", tvb_bytes_to_str(tvb, offset, ms_class));
1067 ms_tree = proto_item_add_subtree(fi, ett_gtpv2_ms_mark);
1068 de_ms_cm_2(tvb, ms_tree, pinfo, offset, length, NULL, 0);
1069 offset = offset+ms_class;
1071 /*Length of Mobile Station Classmark3 */
1072 ms_class = tvb_get_guint8(tvb, offset);
1073 proto_tree_add_item(tree, hf_gtpv2_len_ms_classmark3, tvb, offset, 1, FALSE);
1075 fi = proto_tree_add_text(tree, tvb, offset, ms_class, "Mobile Station Classmark3 %s", tvb_bytes_to_str(tvb, offset, ms_class));
1076 ms_tree = proto_item_add_subtree(fi, ett_gtpv2_ms_mark);
1077 de_ms_cm_3(tvb, ms_tree, pinfo, offset, length, NULL, 0);
1078 offset = offset+ms_class;
1080 /*Length of Supported Codec List */
1081 ms_class = tvb_get_guint8(tvb, offset);
1082 proto_tree_add_item(tree, hf_gtpv2_len_supp_codec_list, tvb, offset, 1, FALSE);
1084 fi = proto_tree_add_text(tree, tvb, offset, ms_class, "Supported Codec List %s", tvb_bytes_to_str(tvb, offset, ms_class));
1085 ms_tree = proto_item_add_subtree(fi, ett_gtpv2_supp_codec_list);
1086 de_sup_codec_list(tvb, ms_tree, pinfo, offset, length, NULL, 0);
1087 offset = offset+ms_class;
1091 /* 6.7 SRVCC Cause */
1092 static const value_string gtpv2_srvcc_cause_vals[] = {
1095 {2, "Handover/Relocation cancelled by source system "},
1096 {3, "Handover /Relocation Failure with Target system"},
1097 {4, "Handover/Relocation Target not allowed"},
1098 {5, "Unknown Target ID"},
1099 {6, "Target Cell not available"},
1100 {7, "No Radio Resources Available in Target Cell"},
1101 {8, "Failure in Radio Interface Procedure"},
1105 static value_string_ext gtpv2_srvcc_cause_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_srvcc_cause_vals);
1108 dissect_gtpv2_srvcc_cause(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1113 srvcc_cause = tvb_get_guint8(tvb, 0);
1114 proto_tree_add_item(tree, hf_gtpv2_srvcc_cause, tvb, 0, 1, FALSE);
1115 proto_item_append_text(item, "%s (%u)", val_to_str_ext_const(srvcc_cause, >pv2_srvcc_cause_vals_ext, "Unknown"),srvcc_cause);
1120 /* 6.8 Target RNC ID */
1122 dissect_gtpv2_tgt_rnc_id(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1126 proto_tree *subtree;
1127 proto_item *rai_item;
1131 guint32 curr_offset;
1133 /*ra_type_flag = 1;*/ /*Flag to be set to differentiate GERAN and UTRAN*/
1134 curr_offset = offset;
1136 mcc = (tvb_get_guint8(tvb, curr_offset) & 0x0f) <<8;
1137 mcc |= (tvb_get_guint8(tvb, curr_offset) & 0xf0);
1138 mcc |= (tvb_get_guint8(tvb, curr_offset+1) & 0x0f);
1139 mnc = (tvb_get_guint8(tvb, curr_offset+2) & 0x0f) <<8;
1140 mnc |= (tvb_get_guint8(tvb, curr_offset+2) & 0xf0);
1141 mnc |= (tvb_get_guint8(tvb, curr_offset+1) & 0xf0) >>4;
1142 if ((mnc&0x000f) == 0x000f)
1145 lac = tvb_get_ntohs(tvb, curr_offset+3);
1146 rnc_id = tvb_get_guint8(tvb, curr_offset+5);
1148 rai_item = proto_tree_add_text(tree,
1149 tvb, curr_offset, 6,
1150 "Routing area identification: %x-%x-%u-%u",
1151 mcc,mnc,lac,rnc_id);
1153 subtree = proto_item_add_subtree(rai_item, ett_gtpv2_rai);
1154 dissect_e212_mcc_mnc(tvb, pinfo, subtree, offset, TRUE);
1156 proto_tree_add_item(subtree, hf_gtpv2_lac, tvb, curr_offset+3, 2, FALSE);
1157 proto_tree_add_item(subtree, hf_gtpv2_rnc_id, tvb, curr_offset+5, 1, FALSE);
1161 /* no length check possible */
1166 /* 6.9 Target Global Cell ID */
1168 dissect_gtpv2_tgt_global_cell_id(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1172 proto_tree *subtree;
1173 proto_item *rai_item;
1177 guint32 curr_offset;
1179 curr_offset = offset;
1181 mcc = (tvb_get_guint8(tvb, curr_offset) & 0x0f) <<8;
1182 mcc |= (tvb_get_guint8(tvb, curr_offset) & 0xf0);
1183 mcc |= (tvb_get_guint8(tvb, curr_offset+1) & 0x0f);
1184 mnc = (tvb_get_guint8(tvb, curr_offset+2) & 0x0f) <<8;
1185 mnc |= (tvb_get_guint8(tvb, curr_offset+2) & 0xf0);
1186 mnc |= (tvb_get_guint8(tvb, curr_offset+1) & 0xf0) >>4;
1187 if ((mnc&0x000f) == 0x000f)
1190 lac = tvb_get_ntohs(tvb, curr_offset+3);
1191 tgt_cell_id = tvb_get_guint8(tvb, curr_offset+5);
1193 rai_item = proto_tree_add_text(tree,
1194 tvb, curr_offset, 6,
1195 "Routing area identification: %x-%x-%u-%u",
1196 mcc,mnc,lac,tgt_cell_id);
1198 subtree = proto_item_add_subtree(rai_item, ett_gtpv2_rai);
1199 dissect_e212_mcc_mnc(tvb, pinfo, subtree, offset, TRUE);
1201 proto_tree_add_item(subtree, hf_gtpv2_lac, tvb, curr_offset+3, 2, FALSE);
1202 proto_tree_add_item(subtree, hf_gtpv2_tgt_g_cell_id, tvb, curr_offset+5, 1, FALSE);
1206 /* no length check possible */
1210 /* 6.10 Tunnel Endpoint Identifier for Control Plane (TEID-C) */
1212 dissect_gtpv2_teid_c(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1216 proto_tree_add_item(tree, hf_gtpv2_teid_c, tvb, offset, 4, FALSE);
1219 proto_tree_add_text(tree, tvb, offset, length-4, "Spare: %s",tvb_bytes_to_str(tvb, offset, length-4));
1224 dissect_gtpv2_sv_flags(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1227 proto_tree_add_item(tree, hf_gtpv2_sv_sti, tvb, offset, 1, FALSE);
1228 proto_tree_add_item(tree, hf_gtpv2_sv_ics, tvb, offset, 1, FALSE);
1229 proto_tree_add_item(tree, hf_gtpv2_sv_emind, tvb, offset, 1, FALSE);
1232 proto_tree_add_text(tree, tvb, offset, length-1, "Spare: %s",tvb_bytes_to_str(tvb, offset, length-1));
1235 /* 6.12 Service Area Identifier */
1238 dissect_gtpv2_sai(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1242 /* 5 MCC digit 2 MCC digit 1
1243 * 6 MNC digit 3 MCC digit 3
1244 * 7 MNC digit 2 MNC digit 1
1246 dissect_e212_mcc_mnc(tvb, pinfo, tree, offset, TRUE);
1249 /* The Location Area Code (LAC) consists of 2 octets. Bit 8 of Octet 8 is the most significant bit and bit 1 of Octet 9 the
1250 * least significant bit. The coding of the location area code is the responsibility of each administration. Coding using full
1251 * hexadecimal representation shall be used.
1253 proto_tree_add_item(tree, hf_gtpv2_lac, tvb, offset, 2, FALSE);
1256 /* The Service Area Code (SAC) consists of 2 octets. Bit 8 of Octet 10 is the most significant bit and bit 1 of Octet 11 the
1257 * least significant bit. The SAC is defined by the operator. See 3GPP TS 23.003 [4] subclause 12.5 for more information
1259 proto_tree_add_item(tree, hf_gtpv2_sac, tvb, offset, 2, FALSE);
1263 /*End SRVCC Messages*/
1267 * 8.6 Access Point Name (APN)
1268 * The encoding the APN field follows 3GPP TS 23.003 [2] subclause 9.1.
1269 * The content of the APN field shall be the full APN with both the APN Network Identifier
1270 * and APN Operator Identifier being present as specified in 3GPP TS 23.003 [2]
1271 * subclauses 9.1.1 and 9.1.2, 3GPP TS 23.060 [35] Annex A and 3GPP TS 23.401 [3] subclauses 4.3.8.1.
1274 dissect_gtpv2_apn(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1281 name_len = tvb_get_guint8(tvb, offset);
1283 if (name_len < 0x20) {
1284 apn = tvb_get_ephemeral_string(tvb, offset + 1, length - 1);
1286 if (name_len >= length - 1)
1289 name_len = name_len + apn[tmp] + 1;
1293 apn = tvb_get_ephemeral_string(tvb, offset, length);
1295 proto_tree_add_string(tree, hf_gtpv2_apn, tvb, offset, length, apn);
1299 proto_item_append_text(item, "%s", apn);
1304 * 8.7 Aggregate Maximum Bit Rate (AMBR)
1308 dissect_gtpv2_ambr(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1312 proto_tree_add_item(tree, hf_gtpv2_ambr_up, tvb, offset, 4, FALSE);
1314 proto_tree_add_item(tree, hf_gtpv2_ambr_down, tvb, offset, 4, FALSE);
1318 * 8.8 EPS Bearer ID (EBI)
1321 dissect_gtpv2_ebi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1327 /* Spare (all bits set to 0) B8 - B5*/
1328 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset, 4, FALSE);
1329 /* EPS Bearer ID (EBI) B4 - B1 */
1330 ebi = tvb_get_guint8(tvb, offset);
1331 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 1, FALSE);
1332 proto_item_append_text(item, "%u", ebi);
1339 dissect_gtpv2_ip_address(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1342 struct e_in6_addr ipv6_addr;
1346 proto_tree_add_item(tree, hf_gtpv2_ip_address_ipv4, tvb, offset, length, FALSE);
1347 proto_item_append_text(item, "IPv4 %s", tvb_ip_to_str(tvb, offset));
1349 else if (length==16)
1351 proto_tree_add_item(tree, hf_gtpv2_ip_address_ipv6, tvb, offset, length, FALSE);
1352 tvb_get_ipv6(tvb, offset, &ipv6_addr);
1353 proto_item_append_text(item, "IPv6 %s", ip6_to_str(&ipv6_addr));
1357 * 8.10 Mobile Equipment Identity (MEI)
1358 * The ME Identity field contains either the IMEI or the IMEISV
1359 * as defined in clause 6.2 of 3GPP TS 23.003 [2]. It is encoded
1360 * as specified in clause 7.7.53 of 3GPP TS 29.060 [4], beginning
1361 * with octet 4 of Figure 7.7.53.1. The IMEI(SV) digits are encoded
1362 * using BCD coding where IMEI is 15 BCD digits and IMEISV is 16 BCD
1363 * digits. For IMEI, bits 5 to 8 of the last octet shall be filled
1364 * with an end mark coded as '1111'.
1368 dissect_gtpv2_mei(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1371 const gchar *mei_str;
1373 /* Fetch the BCD encoded digits from tvb low half byte, formating the digits according to
1374 * a default digit set of 0-9 returning "?" for overdecadic digits a pointer to the EP
1375 * allocated string will be returned.
1377 mei_str = tvb_bcd_dig_to_ep_str( tvb, 0, length, NULL, FALSE);
1379 proto_tree_add_string(tree, hf_gtpv2_mei, tvb, offset, length, mei_str);
1380 proto_item_append_text(item, "%s", mei_str);
1386 * MSISDN is defined in 3GPP TS 23.003
1387 * Editor's note: MSISDN coding will be defined in TS 24.301.
1390 dissect_gtpv2_msisdn(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1392 const char *digit_str;
1394 /* Octets 5 to (n+4) represent the MSISDN value is in international number format
1395 * as described in ITU-T Rec E.164 [25] and 3GPP TS 29.002 [41].
1396 * MSISDN value contains only the actual MSISDN number (does not contain the "nature of
1397 * address indicator" octet, which indicates "international number"
1398 * as in 3GPP TS 29.002 [41]) and is encoded as TBCD digits, i.e.
1399 * digits from 0 through 9 are encoded "0000" to "1001".
1400 * When there is an odd number of digits, bits 8 to 5 of the last octet are encoded with
1401 * the filler "1111".
1403 dissect_e164_cc(tvb, tree, 0, TRUE);
1404 /* Fetch the BCD encoded digits from tvb low half byte, formating the digits according to
1405 * a default digit set of 0-9 returning "?" for overdecadic digits a pointer to the EP
1406 * allocated string will be returned.
1408 digit_str = tvb_bcd_dig_to_ep_str( tvb, 0, length, NULL, FALSE);
1410 proto_tree_add_string(tree, hf_gtpv2_address_digits, tvb, 0, length, digit_str);
1411 proto_item_append_text(item, "%s", digit_str);
1418 dissect_gtpv2_ind(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1421 /* Octet 5 DAF DTF HI DFI OI ISRSI ISRAI SGWCI */
1422 proto_tree_add_item(tree, hf_gtpv2_daf, tvb, offset, 1, FALSE);
1423 proto_tree_add_item(tree, hf_gtpv2_dtf, tvb, offset, 1, FALSE);
1424 proto_tree_add_item(tree, hf_gtpv2_hi, tvb, offset, 1, FALSE);
1425 proto_tree_add_item(tree, hf_gtpv2_dfi, tvb, offset, 1, FALSE);
1426 proto_tree_add_item(tree, hf_gtpv2_oi, tvb, offset, 1, FALSE);
1427 proto_tree_add_item(tree, hf_gtpv2_isrsi, tvb, offset, 1, FALSE);
1428 proto_tree_add_item(tree, hf_gtpv2_israi, tvb, offset, 1, FALSE);
1429 proto_tree_add_item(tree, hf_gtpv2_sgwci, tvb, offset, 1, FALSE);
1432 proto_tree_add_text(tree, tvb, 0, length, "Older version?, should be 2 octets in 8.0.0");
1438 /* Octet 6 SQCI UIMSI CFSI CRSI P PT SI MSV
1439 * 3GPP TS 29.274 version 9.4.0 Release 9
1441 proto_tree_add_item(tree, hf_gtpv2_sqci, tvb, offset, 1, FALSE);
1442 proto_tree_add_item(tree, hf_gtpv2_uimsi, tvb, offset, 1, FALSE);
1443 proto_tree_add_item(tree, hf_gtpv2_cfsi, tvb, offset, 1, FALSE);
1444 proto_tree_add_item(tree, hf_gtpv2_crsi, tvb, offset, 1, FALSE);
1446 proto_tree_add_item(tree, hf_gtpv2_ps, tvb, offset, 1, FALSE);
1447 proto_tree_add_item(tree, hf_gtpv2_pt, tvb, offset, 1, FALSE);
1448 proto_tree_add_item(tree, hf_gtpv2_si, tvb, offset, 1, FALSE);
1449 proto_tree_add_item(tree, hf_gtpv2_msv, tvb, offset, 1, FALSE);
1455 /* Only present in version 9 and higher */
1456 /* Octet 7 Spare Spare Spare Spare Spare Spare Spare CCRSI */
1457 proto_tree_add_item(tree, hf_gtpv2_ccrsi, tvb, offset, 1, FALSE);
1462 * 8.13 Protocol Configuration Options (PCO)
1463 * Protocol Configuration Options (PCO) is transferred via GTP tunnels. The sending entity copies the value part of the
1464 * PCO into the Value field of the PCO IE. The detailed coding of the PCO field from octets 5 to (n+4) shall be specified
1465 * as per clause 10.5.6.3 of 3GPP TS 24.008 [5], starting with octet 3.
1466 * Dissected in packet-gsm_a_gm.c
1469 dissect_gtpv2_pco(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1471 switch(message_type){
1472 case GTPV2_CREATE_SESSION_REQUEST:
1473 /* PCO options as MS to network direction */
1474 pinfo->link_dir = P2P_DIR_UL;
1476 case GTPV2_CREATE_SESSION_RESPONSE:
1477 /* PCO options as Network to MS direction: */
1478 pinfo->link_dir = P2P_DIR_DL;
1483 de_sm_pco(tvb, tree, pinfo, 0, length, NULL, 0);
1487 * 8.14 PDN Address Allocation (PAA)
1490 static const value_string gtpv2_pdn_type_vals[] = {
1498 dissect_gtpv2_paa(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1502 pdn_type = tvb_get_guint8(tvb, offset);
1503 proto_tree_add_item(tree, hf_gtpv2_pdn_type, tvb, offset, 1, FALSE);
1509 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv4, tvb, offset, 4, FALSE);
1514 /* If PDN type value indicates IPv6, octet 6 contains the IPv6 Prefix Length.
1515 * Octets 7 through 22 contain an IPv6 Prefix and Interface Identifier.
1516 * Bit 8 of octet 7 represents the most significant bit of the IPv6 Prefix
1517 * and Interface Identifier and bit 1 of octet 22 the least significant bit.
1519 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6_len, tvb, offset, 1, FALSE);
1521 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6, tvb, offset, 16, FALSE);
1526 /* If PDN type value indicates IPv4v6, octet 6 contains the IPv6 Prefix Length.
1527 * Octets 7 through 22 contain an IPv6 Prefix and Interface Identifier.
1528 * Bit 8 of octet 7 represents the most significant bit of the IPv6 Prefix
1529 * and Interface Identifier and bit 1 of octet 22 the least significant bit.
1530 * Octets 23 through 26 contain an IPv4 address. Bit 8 of octet 23 represents
1531 * the most significant bit of the IPv4 address and bit 1 of octet 26 the least
1534 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6_len, tvb, offset, 1, FALSE);
1536 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv6, tvb, offset, 16, FALSE);
1538 proto_tree_add_item(tree, hf_gtpv2_pdn_ipv4, tvb, offset, 4, FALSE);
1546 * 8.15 Bearer Quality of Service (Bearer QoS)
1550 dissect_gtpv2_bearer_qos(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1553 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_pvi, tvb, offset, 1, FALSE);
1554 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_pl, tvb, offset, 1, FALSE);
1555 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_pci, tvb, offset, 1, FALSE);
1557 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_label_qci, tvb, offset, 1, FALSE);
1559 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_mbr_up, tvb, offset, 5, FALSE);
1561 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_mbr_down, tvb, offset, 5, FALSE);
1563 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_gbr_up, tvb, offset, 5, FALSE);
1565 proto_tree_add_item(tree, hf_gtpv2_bearer_qos_gbr_down, tvb, offset, 5, FALSE);
1570 * 8.16 Flow Quality of Service (Flow QoS)
1574 dissect_gtpv2_flow_qos(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1577 proto_tree_add_item(tree, hf_gtpv2_flow_qos_label_qci, tvb, offset, 1, FALSE);
1579 proto_tree_add_item(tree, hf_gtpv2_flow_qos_mbr_up, tvb, offset, 5, FALSE);
1581 proto_tree_add_item(tree, hf_gtpv2_flow_qos_mbr_down, tvb, offset, 5, FALSE);
1583 proto_tree_add_item(tree, hf_gtpv2_flow_qos_gbr_up, tvb, offset, 5, FALSE);
1585 proto_tree_add_item(tree, hf_gtpv2_flow_qos_gbr_down, tvb, offset, 5, FALSE);
1592 static const value_string gtpv2_rat_type_vals[] = {
1598 {5, "HSPA Evolution"},
1604 static value_string_ext gtpv2_rat_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_rat_type_vals);
1608 dissect_gtpv2_rat_type(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1612 rat_type = tvb_get_guint8(tvb, 0);
1613 proto_tree_add_item(tree, hf_gtpv2_rat_type, tvb, 0, 1, FALSE);
1614 proto_item_append_text(item, "%s (%u)", val_to_str_ext_const(rat_type, >pv2_rat_type_vals_ext, "Unknown"),rat_type);
1619 * 8.18 Serving Network
1622 dissect_gtpv2_serv_net(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1626 mcc_mnc_str = dissect_e212_mcc_mnc_ep_str(tvb, pinfo, tree, 0, TRUE);
1627 proto_item_append_text(item,"%s", mcc_mnc_str);
1631 * 8.19 EPS Bearer Level Traffic Flow Template (Bearer TFT)
1635 dissect_gtpv2_bearer_tft(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1637 /* The detailed coding of Traffic Aggregate
1638 * Description is specified in 3GPP TS 24.008 [5] ,
1639 * clause 10.5.6.12, beginning with octet 3..
1640 * Use the decoding in packet-gsm_a_gm.c
1642 de_sm_tflow_temp(tvb, tree, pinfo, 0, length, NULL, 0);
1645 /* 8.20 Traffic Aggregate Description (TAD)
1648 dissect_gtpv2_tad(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1650 /* The detailed coding of Traffic Aggregate
1651 * Description is specified in 3GPP TS 24.008 [5] ,
1652 * clause 10.5.6.12, beginning with octet 3..
1653 * Use the decoding in packet-gsm_a_gm.c
1655 de_sm_tflow_temp(tvb, tree, pinfo, 0, length, NULL, 0);
1659 * 8.21 User Location Info (ULI)
1661 * The flags ECGI, TAI, RAI, SAI and CGI in octed 5 indicate if the corresponding
1662 * fields are present in the IE or not. If one of these flags is set to "0",
1663 * the corresponding field is not present at all. The respective identities are defined in 3GPP
1665 * Editor's Note: The definition of ECGI is missing in 3GPP TS 23.003 v8.1.0.
1666 * It can be found in 3GPP TS 36.413 v8.3.0, but it is expected that it will be moved
1667 * to 23.003 in a future version.
1671 decode_gtpv2_uli(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length, guint8 instance _U_, guint flags)
1675 proto_tree *part_tree;
1677 /* 8.21.1 CGI field */
1678 if (flags & GTPv2_ULI_CGI_MASK)
1680 proto_item_append_text(item, "CGI ");
1681 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Cell Global Identity (CGI)");
1682 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1683 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1685 proto_tree_add_item(part_tree, hf_gtpv2_uli_cgi_lac, tvb, offset, 2, FALSE);
1686 proto_tree_add_item(part_tree, hf_gtpv2_uli_cgi_ci, tvb, offset, 2, FALSE);
1692 /* 8.21.2 SAI field */
1693 if (flags & GTPv2_ULI_SAI_MASK)
1695 proto_item_append_text(item, "SAI ");
1696 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Service Area Identity (SAI)");
1697 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1698 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1700 proto_tree_add_item(part_tree, hf_gtpv2_uli_sai_lac, tvb, offset, 2, FALSE);
1701 proto_tree_add_item(part_tree, hf_gtpv2_uli_sai_sac, tvb, offset, 2, FALSE);
1706 /* 8.21.3 RAI field */
1707 if (flags & GTPv2_ULI_RAI_MASK)
1709 proto_item_append_text(item, "RAI ");
1710 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Routeing Area Identity (RAI)");
1711 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1712 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1714 proto_tree_add_item(part_tree, hf_gtpv2_uli_rai_lac, tvb, offset, 2, FALSE);
1715 proto_tree_add_item(part_tree, hf_gtpv2_uli_rai_rac, tvb, offset, 2, FALSE);
1720 /* 8.21.4 TAI field */
1721 if (flags & GTPv2_ULI_TAI_MASK)
1723 proto_item_append_text(item, "TAI ");
1724 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "Tracking Area Identity (TAI)");
1725 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1726 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1728 proto_tree_add_item(part_tree, hf_gtpv2_uli_tai_tac, tvb, offset, 2, FALSE);
1733 /* 8.21.5 ECGI field */
1734 if (flags & GTPv2_ULI_ECGI_MASK)
1741 proto_item_append_text(item, "ECGI ");
1742 fi = proto_tree_add_text(tree, tvb, offset + 1, 7, "E-UTRAN Cell Global Identifier (ECGI)");
1743 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1744 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1746 /* The bits 8 through 5, of octet e+3 (Fig 8.21.5-1 in TS 29.274 V8.2.0) are spare
1747 * and hence they would not make any difference to the hex string following it,
1748 * thus we directly read 4 bytes from the tvb
1751 octet = tvb_get_guint8(tvb,offset);
1752 spare = octet & 0xF0;
1753 octet4 = tvb_get_ntohl(tvb,offset);
1754 ECGI = octet4 & 0x0FFFFFFF;
1755 proto_tree_add_uint(part_tree, hf_gtpv2_uli_ecgi_eci_spare, tvb, offset, 1, spare);
1756 /* The coding of the E-UTRAN cell identifier is the responsibility of each administration.
1757 * Coding using full hexadecimal representation shall be used.
1759 proto_tree_add_uint(part_tree, hf_gtpv2_uli_ecgi_eci, tvb, offset, 4, ECGI);
1760 /*proto_tree_add_item(tree, hf_gtpv2_uli_ecgi_eci, tvb, offset, 4, FALSE);*/
1766 /* 8.21.6 LAI field */
1767 if (flags & GTPv2_ULI_LAI_MASK)
1769 proto_item_append_text(item, "LAI ");
1770 fi = proto_tree_add_text(tree, tvb, offset + 1, 5, "LAI (Location Area Identifier)");
1771 part_tree = proto_item_add_subtree(fi, ett_gtpv2_uli_field);
1772 dissect_e212_mcc_mnc(tvb, pinfo, part_tree, offset, TRUE);
1775 /* The Location Area Code (LAC) consists of 2 octets. Bit 8 of Octet f+3 is the most significant bit
1776 * and bit 1 of Octet f+4 the least significant bit. The coding of the location area code is the
1777 * responsibility of each administration. Coding using full hexadecimal representation shall be used.
1779 proto_tree_add_item(part_tree, hf_gtpv2_uli_lai_lac, tvb, offset, 2, FALSE);
1787 dissect_gtpv2_uli(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1789 proto_item *flags_item;
1790 proto_tree *flag_tree;
1794 flags_item = proto_tree_add_text(tree, tvb, offset, 1, "Flags");
1795 flag_tree = proto_item_add_subtree(flags_item, ett_gtpv2_uli_flags);
1796 flags = tvb_get_guint8(tvb,offset)&0x3f;
1797 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset>>3, 2, FALSE);
1800 proto_tree_add_item(flag_tree, hf_gtpv2_uli_lai_flg, tvb, offset, 1, FALSE);
1802 proto_tree_add_item(flag_tree, hf_gtpv2_uli_ecgi_flg, tvb, offset, 1, FALSE);
1804 proto_tree_add_item(flag_tree, hf_gtpv2_uli_tai_flg, tvb, offset, 1, FALSE);
1806 proto_tree_add_item(flag_tree, hf_gtpv2_uli_rai_flg, tvb, offset, 1, FALSE);
1808 proto_tree_add_item(flag_tree, hf_gtpv2_uli_sai_flg, tvb, offset, 1, FALSE);
1810 proto_tree_add_item(flag_tree, hf_gtpv2_uli_cgi_flg, tvb, offset, 1, FALSE);
1812 decode_gtpv2_uli(tvb, pinfo, tree, item, length, instance, flags);
1817 /* Diameter 3GPP AVP Code: 22 3GPP-User-Location-Info */
1820 * 16.4.7.2 Coding 3GPP Vendor-Specific RADIUS attributes
1822 * For P-GW, the Geographic Location Type values and coding are defined as follows:
1827 * 3-127 Spare for future use
1831 * 131-255 Spare for future use
1835 dissect_diameter_3gpp_uli(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
1841 length = tvb_length(tvb);
1842 flags_3gpp = tvb_get_guint8(tvb,offset);
1848 flags = GTPv2_ULI_TAI_MASK;
1852 flags = GTPv2_ULI_ECGI_MASK;
1856 flags = GTPv2_ULI_TAI_MASK + GTPv2_ULI_ECGI_MASK;
1863 decode_gtpv2_uli(tvb, pinfo, tree, NULL, length, 0, flags);
1868 * 8.22 Fully Qualified TEID (F-TEID)
1870 static const value_string gtpv2_f_teid_interface_type_vals[] = {
1871 {0, "S1-U eNodeB GTP-U interface"},
1872 {1, "S1-U SGW GTP-U interface"},
1873 {2, "S12 RNC GTP-U interface"},
1874 {3, "S12 SGW GTP-U interface"},
1875 {4, "S5/S8 SGW GTP-U interface"},
1876 {5, "S5/S8 PGW GTP-U interface"},
1877 {6, "S5/S8 SGW GTP-C interface"},
1878 {7, "S5/S8 PGW GTP-C interface"},
1879 {8, "S5/S8 SGW PMIPv6 interface"},/* (the 32 bit GRE key is encoded in 32 bit TEID field "
1880 "and since alternate CoA is not used the control plane and user plane addresses are the same for PMIPv6)"}, */
1881 {9, "S5/S8 PGW PMIPv6 interface"},/* (the 32 bit GRE key is encoded in 32 bit TEID field "
1882 "and the control plane and user plane addresses are the same for PMIPv6)"}, */
1883 {10, "S11 MME GTP-C interface"},
1884 {11, "S11/S4 SGW GTP-C interface"},
1885 {12, "S10 MME GTP-C interface"},
1886 {13, "S3 MME GTP-C interface"},
1887 {14, "S3 SGSN GTP-C interface"},
1888 {15, "S4 SGSN GTP-U interface"},
1889 {16, "S4 SGW GTP-U interface"},
1890 {17, "S4 SGSN GTP-C interface"},
1891 {18, "S16 SGSN GTP-C interface"},
1892 {19, "eNodeB GTP-U interface for DL data forwarding"},
1893 {20, "eNodeB GTP-U interface for UL data forwarding"},
1894 {21, "RNC GTP-U interface for data forwarding"},
1895 {22, "SGSN GTP-U interface for data forwarding"},
1896 {23, "SGW GTP-U interface for data forwarding"},
1897 {24, "Sm MBMS GW GTP-C interface"},
1898 {25, "Sn MBMS GW GTP-C interface"},
1899 {26, "Sm MME GTP-C interface"},
1900 {27, "Sn SGSN GTP-C interface"},
1901 {28, "SGW GTP-U interface for UL data forwarding"},
1902 {29, "Sn SGSN GTP-U interface"},
1903 {30, "S2b ePDG GTP-C interface"},
1904 {31, "S2b-U ePDG GTP-U interface"},
1905 {32, "S2b PGW GTP-C interface"},
1906 {33, "S2b-U PGW GTP-U interface"},
1909 static value_string_ext gtpv2_f_teid_interface_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_f_teid_interface_type_vals);
1911 static const true_false_string gtpv2_f_teid_v4_vals = {
1912 "IPv4 address present",
1913 "IPv4 address not present",
1916 static const true_false_string gtpv2_f_teid_v6_vals = {
1917 "IPv6 address present",
1918 "IPv6 address not present",
1922 dissect_gtpv2_f_teid(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1927 flags = tvb_get_guint8(tvb, offset);
1928 proto_tree_add_item(tree, hf_gtpv2_f_teid_v4, tvb, offset, 1, FALSE);
1929 proto_tree_add_item(tree, hf_gtpv2_f_teid_v6, tvb, offset, 1, FALSE);
1930 proto_tree_add_item(tree, hf_gtpv2_f_teid_interface_type, tvb, offset, 1, FALSE);
1933 proto_tree_add_item(tree, hf_gtpv2_f_teid_gre_key, tvb, offset, 4, FALSE);
1934 proto_item_append_text(item, "%s, TEID/GRE Key: 0x%s", val_to_str_ext_const((flags & 0x1f), >pv2_f_teid_interface_type_vals_ext, "Unknown"),
1935 tvb_bytes_to_str(tvb, offset, 4));
1940 proto_tree_add_item(tree, hf_gtpv2_f_teid_ipv4, tvb, offset, 4, FALSE);
1941 proto_item_append_text(item, ", IPv4 %s", tvb_ip_to_str(tvb, offset));
1946 proto_tree_add_item(tree, hf_gtpv2_f_teid_ipv6, tvb, offset, 16, FALSE);
1947 proto_item_append_text(item, ", IPv6 %s", tvb_ip6_to_str(tvb, offset));
1955 dissect_gtpv2_tmsi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1957 proto_tree_add_item(tree, hf_gtpv2_tmsi, tvb, 0, 4, FALSE);
1958 proto_tree_add_text(item, tvb, 0, length, "TMSI: %s", tvb_bytes_to_str(tvb, 0, 4));
1963 * 12.3 CN Identifier
1965 * A CN node is uniquely identified within a PLMN by its CN Identifier (CN-Id). The CN-Id together with the PLMN
1966 * identifier globally identifies the CN node. The CN-Id together with the PLMN-Id is used as the CN node identifier in
1967 * RANAP signalling over the Iu interface.
1968 * Global CN-Id = PLMN-Id || CN-Id
1969 * The CN-Id is defined by the operator, and set in the nodes via O&M.
1970 * For the syntax description and the use of this identifier in RANAP signalling, see 3GPP TS 25.413 [17].
1974 dissect_gtpv2_g_cn_id(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
1978 dissect_e212_mcc_mnc(tvb, pinfo, tree, 0, TRUE);
1981 /* >CN-ID M INTEGER (0..4095) */
1982 proto_tree_add_text(tree, tvb, offset, 2, "CN-Id: %s",
1983 tvb_bytes_to_str(tvb, offset, 2));
1986 * 8.25 S103 PDN Data Forwarding Info (S103PDF)
1989 dissect_gtpv2_s103pdf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
1991 proto_item *expert_item;
1995 /* The HSGW Address and GRE Key identify a GRE Tunnel towards a HSGW over S103 interface for a specific PDN
1996 * connection of the UE. The EPS Bearer IDs specify the EPS Bearers which require data forwarding that belonging to this
1997 * PDN connection. The number of EPS bearer Ids included is specified by the value of EPS Bearer ID Number.
1999 /* Octet 5 HSGW Address for forwarding Length = m */
2000 m = tvb_get_guint8(tvb, offset);
2001 proto_tree_add_item(tree, hf_gtpv2_hsgw_addr_f_len, tvb, offset, 1, FALSE);
2004 /* 6 to (m+5) HSGW Address for forwarding [4..16] */
2008 proto_tree_add_item(tree, hf_gtpv2_hsgw_addr_ipv4, tvb, offset, 1, FALSE);
2013 proto_tree_add_item(tree, hf_gtpv2_hsgw_addr_ipv6, tvb, offset, 1, FALSE);
2018 expert_item = proto_tree_add_text(tree, tvb, 0, length, "Wrong length %u, should be 4 or 16",m);
2019 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Wrong length %u, should be 4 or 16",m);
2020 PROTO_ITEM_SET_GENERATED(expert_item);
2024 /* (m+6)- to (m+9) GRE Key */
2025 proto_tree_add_item(tree, hf_gtpv2_gre_key, tvb, offset, 4, FALSE);
2028 /* (m+10) EPS Bearer ID Number = k */
2029 k = tvb_get_guint8(tvb, offset);
2030 proto_tree_add_text(tree, tvb, offset, 1, "EPS Bearer ID Number = %d", k);
2033 /* (m+11) to (m+10+k)
2034 * Spare EPS Bearer ID
2036 for ( i = 0; i < k; i++ ){
2037 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
2038 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 1, FALSE);
2044 * 8.26 S1-U Data Forwarding (S1UDF)
2047 dissect_gtpv2_s1udf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2049 proto_item *expert_item;
2053 /* 5 Spare EPS Bearer ID */
2054 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
2055 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 1, FALSE);
2057 /* 6 Serving GW Address Length = m */
2058 m = tvb_get_guint8(tvb, offset);
2059 proto_tree_add_text(tree, tvb, offset, 1, "Serving GW Address Length = %u", m);
2061 /* 7 to (m+6) Serving GW Address [4..16] */
2065 proto_tree_add_item(tree, hf_gtpv2_sgw_addr_ipv4, tvb, offset, 1, FALSE);
2070 proto_tree_add_item(tree, hf_gtpv2_sgw_addr_ipv6, tvb, offset, 1, FALSE);
2075 expert_item = proto_tree_add_text(tree, tvb, 0, length, "Wrong length %u, should be 4 or 16",m);
2076 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Wrong length %u, should be 4 or 16",m);
2077 PROTO_ITEM_SET_GENERATED(expert_item);
2082 * Serving GW S1-U TEID
2084 proto_tree_add_item(tree, hf_gtpv2_sgw_s1u_teid, tvb, offset, 4, FALSE);
2092 dissect_gtpv2_delay_value(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2096 proto_tree_add_item(tree, hf_gtpv2_delay_value, tvb, offset, 1, FALSE);
2100 * 8.28 Bearer Context (grouped IE)
2104 dissect_gtpv2_bearer_ctx(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree _U_, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2108 proto_tree *grouped_tree;
2110 proto_item_append_text(item, "[Grouped IE]");
2111 grouped_tree = proto_item_add_subtree(item, ett_gtpv2_bearer_ctx);
2113 new_tvb = tvb_new_subset(tvb, offset, length, length );
2114 dissect_gtpv2_ie_common(new_tvb, pinfo, grouped_tree, 0, message_type);
2117 /* 8.29 Charging ID */
2119 dissect_gtpv2_charging_id(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2123 proto_tree_add_item(tree, hf_gtpv2_charging_id, tvb, offset, length, FALSE);
2127 /* 8.30 Charging Characteristics
2128 * The charging characteristics information element is defined in 3GPP TS 32.251 [8]
2129 * and is a way of informing both the SGW and PGW of the rules for producing charging
2130 * information based on operator configured triggers. For the encoding of this
2131 * information element see 3GPP TS 32.298 [9].
2134 dissect_gtpv2_char_char(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2138 proto_tree_add_item(tree, hf_gtpv2_charging_characteristic, tvb, offset, 2, FALSE);
2141 /* These octet(s) is/are present only if explicitly specified */
2142 proto_tree_add_text(tree, tvb, offset, length-2, "Remaining octets");
2151 dissect_gtpv2_bearer_flag(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2156 /* Octet 5 Spare VB PPC */
2157 proto_tree_add_item(tree, hf_gtpv2_bearer_flag_ppc, tvb, offset, length, FALSE);
2158 proto_tree_add_item(tree, hf_gtpv2_bearer_flag_vb, tvb, offset, length, FALSE);
2165 dissect_gtpv2_pdn_type(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2172 proto_item *expert_item;
2173 expert_item = proto_tree_add_text(tree, tvb, 0, length, "Wrong length indicated. Expected 1, got %u", length);
2174 expert_add_info_format(pinfo, expert_item, PI_MALFORMED, PI_ERROR, "Wrong length indicated. Expected 1, got %u", length);
2175 PROTO_ITEM_SET_GENERATED(expert_item);
2179 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2180 pdn = tvb_get_guint8(tvb, offset)& 0x7;
2181 proto_tree_add_item(tree, hf_gtpv2_pdn_type, tvb, offset, length, FALSE);
2182 proto_item_append_text(item, "%s", val_to_str(pdn, gtpv2_pdn_type_vals, "Unknown"));
2187 * 8.31 Trace Information
2190 dissect_gtpv2_tra_info(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2192 proto_item *trigg, *msc_server, *mgw, *sgsn, *ggsn, *bm_sc, *sgw_mme, *ne_types;
2193 proto_tree *trigg_tree, *msc_server_tree, *mgw_tree, *sgsn_tree, *ggsn_tree, *bm_sc_tree, *sgw_mme_tree, *ne_types_tree;
2194 proto_item *interfaces, *imsc_server, *lmgw, *lsgsn, *lggsn, *lrnc, *lbm_sc, *lmme, *lsgw, *lpdn_gw, *lenb;
2195 proto_tree *interfaces_tree, *imsc_server_tree, *lmgw_tree, *lsgsn_tree, *lggsn_tree, *lrnc_tree, *lbm_sc_tree, *lmme_tree, *lsgw_tree, *lpdn_gw_tree, *lenb_tree;
2199 guint8 *trace_id = NULL;
2205 dissect_e212_mcc_mnc(tvb, pinfo, tree, 0, TRUE);
2208 /* Append Trace ID to main tree */
2209 tid = tvb_get_ntohs(tvb, offset);
2210 proto_item_append_text(item, "Trace ID: %d ", tid);
2213 /*--------------------------------------------------
2214 * trace_id = tvb_format_text(tvb, offset, 2);
2215 * proto_tree_add_string(tree, hf_gtpv2_tra_info, tvb, offset, length, trace_id);
2216 *--------------------------------------------------*/
2217 proto_tree_add_text(tree, tvb, offset, 3, "Trace ID: %d", tid);
2220 /* Triggering Events, put all into a new tree called trigging_tree */
2221 trigg = proto_tree_add_text(tree, tvb, offset, 8, "Trigging Events");
2222 trigg_tree = proto_item_add_subtree(trigg, ett_gtpv2_tra_info_trigg);
2224 /* Create all subtrees */
2225 msc_server = proto_tree_add_text(trigg_tree, tvb, offset, 2, "MSC Server");
2226 msc_server_tree = proto_item_add_subtree(msc_server, ett_gtpv2_tra_info_trigg_msc_server);
2228 mgw = proto_tree_add_text(trigg_tree, tvb, offset + 2, 1, "MGW");
2229 mgw_tree = proto_item_add_subtree(mgw, ett_gtpv2_tra_info_trigg_mgw);
2231 sgsn = proto_tree_add_text(trigg_tree, tvb, offset + 3, 2, "SGSN");
2232 sgsn_tree = proto_item_add_subtree(sgsn, ett_gtpv2_tra_info_trigg_sgsn);
2234 ggsn = proto_tree_add_text(trigg_tree, tvb, offset + 5, 1, "GGSN");
2235 ggsn_tree = proto_item_add_subtree(ggsn, ett_gtpv2_tra_info_trigg_ggsn);
2237 bm_sc = proto_tree_add_text(trigg_tree, tvb, offset + 6, 1, "BM-SC");
2238 bm_sc_tree = proto_item_add_subtree(bm_sc, ett_gtpv2_tra_info_trigg_bm_sc);
2240 sgw_mme = proto_tree_add_text(trigg_tree, tvb, offset + 7, 1, "SGW MME");
2241 sgw_mme_tree = proto_item_add_subtree(sgw_mme, ett_gtpv2_tra_info_trigg_sgw_mme);
2243 /* MSC Server - 2 octets */
2244 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_momt_calls, tvb, offset, 1, FALSE);
2245 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_momt_sms, tvb, offset, 1, FALSE);
2246 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_lu_imsi_ad, tvb, offset, 1, FALSE);
2247 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_handovers, tvb, offset, 1, FALSE);
2248 proto_tree_add_item(msc_server_tree, hf_gtpv2_tra_info_msc_ss, tvb, offset, 1, FALSE);
2249 bit_offset = offset<<3;
2250 proto_tree_add_bits_item(msc_server_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 3, FALSE);
2252 bit_offset = offset<<3;
2253 proto_tree_add_bits_item(msc_server_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 8, FALSE);
2257 proto_tree_add_item(mgw_tree, hf_gtpv2_tra_info_mgw_context, tvb, offset, 1, FALSE);
2258 bit_offset = offset<<3;
2259 proto_tree_add_bits_item(mgw_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 7, FALSE);
2261 /* SGSN - 2 octets */
2262 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_pdp_context, tvb, offset, 1, FALSE);
2263 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_momt_sms, tvb, offset, 1, FALSE);
2264 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_rau_gprs_ad, tvb, offset, 1, FALSE);
2265 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_mbms, tvb, offset, 1, FALSE);
2266 bit_offset = offset<<3;
2267 proto_tree_add_bits_item(sgsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 4, FALSE);
2269 proto_tree_add_item(sgsn_tree, hf_gtpv2_tra_info_sgsn_reserved, tvb, offset, 1, FALSE);
2270 bit_offset = offset<<3;
2271 proto_tree_add_bits_item(sgsn_tree, hf_gtpv2_reserved, tvb, bit_offset, 8, FALSE);
2273 /* GGSN - 1 octet */
2274 proto_tree_add_item(ggsn_tree, hf_gtpv2_tra_info_ggsn_pdp, tvb, offset, 1, FALSE);
2275 proto_tree_add_item(ggsn_tree, hf_gtpv2_tra_info_ggsn_mbms, tvb, offset, 1, FALSE);
2276 bit_offset = offset<<3;
2277 proto_tree_add_bits_item(ggsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 6, FALSE);
2279 /* BM-SC - 1 octet */
2280 proto_tree_add_item(bm_sc_tree, hf_gtpv2_tra_info_bm_sc, tvb, offset, 1, FALSE);
2281 bit_offset = offset<<3;
2282 proto_tree_add_bits_item(bm_sc_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 7, FALSE);
2284 /* MME/SGW - 1 octet */
2285 proto_tree_add_item(sgw_mme_tree, hf_gtpv2_tra_info_mme_sgw_ss, tvb, offset, 1, FALSE);
2286 proto_tree_add_item(sgw_mme_tree, hf_gtpv2_tra_info_mme_sgw_sr, tvb, offset, 1, FALSE);
2287 proto_tree_add_item(sgw_mme_tree, hf_gtpv2_tra_info_mme_sgw_iataud, tvb, offset, 1, FALSE);
2288 bit_offset = offset<<3;
2289 proto_tree_add_bits_item(sgw_mme_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
2292 /* Create NE Types subtree */
2293 ne_types = proto_tree_add_text(tree, tvb, offset, 2, "List of NE Types");
2294 ne_types_tree = proto_item_add_subtree(ne_types, ett_gtpv2_tra_info_ne_types);
2297 /* List of NE Types */
2298 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_msc_s, tvb, offset, 1, FALSE);
2299 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_mgw, tvb, offset, 1, FALSE);
2300 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_sgsn, tvb, offset, 1, FALSE);
2301 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_ggsn, tvb, offset, 1, FALSE);
2302 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_rnc, tvb, offset, 1, FALSE);
2303 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_bm_sc, tvb, offset, 1, FALSE);
2304 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_mme, tvb, offset, 1, FALSE);
2305 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_sgw, tvb, offset, 1, FALSE);
2307 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_pdn_gw, tvb, offset, 1, FALSE);
2308 proto_tree_add_item(ne_types_tree, hf_gtpv2_tra_info_lne_enb, tvb, offset, 1, FALSE);
2309 bit_offset = offset<<3;
2310 proto_tree_add_bits_item(ne_types_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 6, FALSE);
2313 /* Trace Depth Length */
2314 tdl = tvb_get_guint8(tvb, offset);
2315 proto_tree_add_item(tree, hf_gtpv2_tra_info_tdl, tvb, offset, 1, FALSE);
2319 * Will be displayed if length of Trace Depth Length is > 0
2320 * The list will only contains UTF8String, RAW DATA
2322 proto_tree_add_text(tree, tvb, offset, tdl, "Trace Depth List: %s", tvb_bytes_to_str(tvb, offset, tdl));
2325 /* Set up subtree interfaces and put all interfaces under it */
2326 interfaces = proto_tree_add_text(tree, tvb, offset, 12, "List of Interfaces");
2327 interfaces_tree = proto_item_add_subtree(interfaces, ett_gtpv2_tra_info_interfaces);
2329 /* Create all subtrees */
2330 imsc_server = proto_tree_add_text(interfaces_tree, tvb, offset, 2, "MSC Server");
2331 imsc_server_tree = proto_item_add_subtree(imsc_server, ett_gtpv2_tra_info_interfaces_imsc_server);
2333 lmgw = proto_tree_add_text(interfaces_tree, tvb, offset + 2, 1, "MGW");
2334 lmgw_tree = proto_item_add_subtree(lmgw, ett_gtpv2_tra_info_interfaces_lmgw);
2336 lsgsn = proto_tree_add_text(interfaces_tree, tvb, offset + 3, 2, "SGSN");
2337 lsgsn_tree = proto_item_add_subtree(lsgsn, ett_gtpv2_tra_info_interfaces_lsgsn);
2339 lggsn = proto_tree_add_text(interfaces_tree, tvb, offset + 5, 1, "GGSN");
2340 lggsn_tree = proto_item_add_subtree(lggsn, ett_gtpv2_tra_info_interfaces_lggsn);
2342 lrnc = proto_tree_add_text(interfaces_tree, tvb, offset + 6, 1, "RNC");
2343 lrnc_tree = proto_item_add_subtree(lrnc, ett_gtpv2_tra_info_interfaces_lrnc);
2345 lbm_sc = proto_tree_add_text(interfaces_tree, tvb, offset + 7, 1, "BM-SC");
2346 lbm_sc_tree = proto_item_add_subtree(lbm_sc, ett_gtpv2_tra_info_interfaces_lbm_sc);
2348 lmme = proto_tree_add_text(interfaces_tree, tvb, offset + 8, 1, "MME");
2349 lmme_tree = proto_item_add_subtree(lmme, ett_gtpv2_tra_info_interfaces_lmme);
2351 lsgw = proto_tree_add_text(interfaces_tree, tvb, offset + 9, 1, "SGW");
2352 lsgw_tree = proto_item_add_subtree(lsgw, ett_gtpv2_tra_info_interfaces_lsgw);
2354 lpdn_gw = proto_tree_add_text(interfaces_tree, tvb, offset + 10, 1, "PDN GW");
2355 lpdn_gw_tree = proto_item_add_subtree(lpdn_gw, ett_gtpv2_tra_info_interfaces_lpdn_gw);
2357 lenb = proto_tree_add_text(interfaces_tree, tvb, offset + 11, 1, "eNB");
2358 lenb_tree = proto_item_add_subtree(lenb, ett_gtpv2_tra_info_interfaces_lpdn_lenb);
2360 /* MSC Server - 2 octests */
2361 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_a, tvb, offset, 1, FALSE);
2362 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_lu, tvb, offset, 1, FALSE);
2363 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_mc, tvb, offset, 1, FALSE);
2364 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_g, tvb, offset, 1, FALSE);
2365 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_b, tvb, offset, 1, FALSE);
2366 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_e, tvb, offset, 1, FALSE);
2367 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_f, tvb, offset, 1, FALSE);
2368 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_cap, tvb, offset, 1, FALSE);
2370 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_d, tvb, offset, 1, FALSE);
2371 proto_tree_add_item(imsc_server_tree, hf_gtpv2_tra_info_lmsc_map_c, tvb, offset, 1, FALSE);
2372 bit_offset = offset<<3;
2373 proto_tree_add_bits_item(imsc_server_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 6, FALSE);
2376 proto_tree_add_item(lmgw_tree, hf_gtpv2_tra_info_lmgw_mc, tvb, offset, 1, FALSE);
2377 proto_tree_add_item(lmgw_tree, hf_gtpv2_tra_info_lmgw_nb_up, tvb, offset, 1, FALSE);
2378 proto_tree_add_item(lmgw_tree, hf_gtpv2_tra_info_lmgw_lu_up, tvb, offset, 1, FALSE);
2379 bit_offset = offset<<3;
2380 proto_tree_add_bits_item(lmgw_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
2382 /* SGSN - 2 octets */
2383 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_gb, tvb, offset, 1, FALSE);
2384 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_lu, tvb, offset, 1, FALSE);
2385 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_gn, tvb, offset, 1, FALSE);
2386 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_map_gr, tvb, offset, 1, FALSE);
2387 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_map_gd, tvb, offset, 1, FALSE);
2388 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_map_gf, tvb, offset, 1, FALSE);
2389 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_gs, tvb, offset, 1, FALSE);
2390 proto_tree_add_item(lsgsn_tree, hf_gtpv2_tra_info_lsgsn_ge, tvb, offset, 1, FALSE);
2392 bit_offset = offset<<3;
2393 proto_tree_add_bits_item(lsgsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 8, FALSE);
2396 /* GGSN - 1 octet */
2397 proto_tree_add_item(lggsn_tree, hf_gtpv2_tra_info_lggsn_gn, tvb, offset, 1, FALSE);
2398 proto_tree_add_item(lggsn_tree, hf_gtpv2_tra_info_lggsn_gi, tvb, offset, 1, FALSE);
2399 proto_tree_add_item(lggsn_tree, hf_gtpv2_tra_info_lggsn_gmb, tvb, offset, 1, FALSE);
2400 bit_offset = offset<<3;
2401 proto_tree_add_bits_item(lggsn_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
2404 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_lu, tvb, offset, 1, FALSE);
2405 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_lur, tvb, offset, 1, FALSE);
2406 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_lub, tvb, offset, 1, FALSE);
2407 proto_tree_add_item(lrnc_tree, hf_gtpv2_tra_info_lrnc_uu, tvb, offset, 1, FALSE);
2408 bit_offset = offset<<3;
2409 proto_tree_add_bits_item(lrnc_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 4, FALSE);
2411 /* BM_SC - 1 octet */
2412 proto_tree_add_item(lbm_sc_tree, hf_gtpv2_tra_info_lbm_sc_gmb, tvb, offset, 1, FALSE);
2413 bit_offset = offset<<3;
2414 proto_tree_add_bits_item(lbm_sc_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 7, FALSE);
2417 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s1_mme, tvb, offset, 1, FALSE);
2418 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s3, tvb, offset, 1, FALSE);
2419 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s6a, tvb, offset, 1, FALSE);
2420 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s10, tvb, offset, 1, FALSE);
2421 proto_tree_add_item(lmme_tree, hf_gtpv2_tra_info_lmme_s11, tvb, offset, 1, FALSE);
2422 bit_offset = offset<<3;
2423 proto_tree_add_bits_item(lmme_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 3, FALSE);
2426 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s4, tvb, offset, 1, FALSE);
2427 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s5, tvb, offset, 1, FALSE);
2428 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s8b, tvb, offset, 1, FALSE);
2429 proto_tree_add_item(lsgw_tree, hf_gtpv2_tra_info_lsgw_s11, tvb, offset, 1, FALSE);
2430 bit_offset = offset<<3;
2431 proto_tree_add_bits_item(lsgw_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 4, FALSE);
2433 /* PDN GW - 1 octet */
2434 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s2a, tvb, offset, 1, FALSE);
2435 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s2b, tvb, offset, 1, FALSE);
2436 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s2c, tvb, offset, 1, FALSE);
2437 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s5, tvb, offset, 1, FALSE);
2438 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s6c, tvb, offset, 1, FALSE);
2439 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_gx, tvb, offset, 1, FALSE);
2440 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_s8b, tvb, offset, 1, FALSE);
2441 proto_tree_add_item(lpdn_gw_tree, hf_gtpv2_tra_info_lpdn_gw_sgi, tvb, offset, 1, FALSE);
2444 proto_tree_add_item(lenb_tree, hf_gtpv2_tra_info_lenb_s1_mme, tvb, offset, 1, FALSE);
2445 proto_tree_add_item(lenb_tree, hf_gtpv2_tra_info_lenb_x2, tvb, offset, 1, FALSE);
2446 proto_tree_add_item(lenb_tree, hf_gtpv2_tra_info_lenb_uu, tvb, offset, 1, FALSE);
2447 bit_offset = offset<<3;
2448 proto_tree_add_bits_item(lenb_tree, hf_gtpv2_spare_bits, tvb, bit_offset, 5, FALSE);
2450 /*--------------------------------------------------
2452 *--------------------------------------------------*/
2454 /* IP Address of Trace Collection Entity */
2455 while ( (offset + 4) <= length ) {
2457 proto_tree_add_item(tree, hf_gtpv2_ipv4_addr, tvb, offset, 4, FALSE);
2464 * 8.33 Void (TS 129 274 V9.4.0 (2010-10))
2467 /* 8.35 Procedure Transaction ID (PTI) */
2469 dissect_gtpv2_pti(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2471 proto_tree_add_item(tree, hf_gtpv2_pti, tvb, 0, 1, FALSE);
2474 * 8.36 DRX Parameter
2477 dissect_gtpv2_drx_param(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2481 /* 36.413 : 9.2.1.17 Paging Cause, void */
2482 proto_tree_add_text(tree, tvb, offset, length, "DRX parameter: %s", tvb_bytes_to_str(tvb, offset, (length )));
2486 * 8.37 UE Network Capability
2487 * UE Network Capability is coded as depicted in Figure 8.37-1. Actual coding of the UE Network Capability field is
2488 * defined in 3GPP TS 24.301
2491 dissect_gtpv2_ue_net_capability(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2493 de_emm_ue_net_cap(tvb, tree, pinfo, 0, length, NULL, 0);
2499 static const value_string gtpv2_mm_context_security_mode[] = {
2500 {0, "GSM Key and Triplets"},
2501 {1, "UMTS Key, Used Cipher and Quintuplets"},
2502 {2, "GSM Key, Used Cipher and Quintuplets"},
2503 {3, "UMTS Key and Quintuplets"},
2504 {4, "EPS Security Context, Quadruplets and Quintuplets" },
2505 {5, "UMTS Key, Quadruplets and Quintuplets"},
2509 static const true_false_string gtpv2_nhi_vals = {
2510 "NH (Next Hop) and NCC (Next Hop Chaining Count) are both present",
2511 "NH (Next Hop) and NCC (Next Hop Chaining Count) not present",
2514 /* Table 8.38-2: Used NAS Cipher Values */
2516 static const value_string gtpv2_mm_context_unc_vals[] = {
2517 {0, "No ciphering"},
2528 /* Table 8.38-4: Used NAS integrity protection algorithm Values */
2529 static const value_string gtpv2_mm_context_unipa_vals[] = {
2530 {0, "No ciphering"},
2543 dissect_gtpv2_mm_context_gsm_t(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2546 proto_tree *flag_tree;
2550 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2551 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2553 /* Security Mode | Spare | DRXI | CKSN */
2554 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2556 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 1, FALSE);
2557 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2558 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_cksn, tvb, offset, 1, FALSE);
2560 /* Number of Triplet | Spare | UAMB RI | SAMB RI */
2561 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_tri, tvb, offset, 1, FALSE);
2562 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2565 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2569 dissect_gtpv2_mm_context_utms_cq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2572 proto_tree *flag_tree;
2576 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2577 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2579 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2581 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2582 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2583 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_cksn_ksi, tvb, offset, 1, FALSE);
2585 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2586 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2589 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2593 dissect_gtpv2_mm_context_gsm_cq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2596 proto_tree *flag_tree;
2601 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2602 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2604 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2606 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2607 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2608 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_cksn_ksi, tvb, offset, 1, FALSE);
2610 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2611 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2614 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2619 dissect_gtpv2_mm_context_utms_q(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2622 proto_tree *flag_tree;
2626 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2627 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2630 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2632 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2633 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2634 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_ksi, tvb, offset, 1, FALSE);
2636 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2637 proto_tree_add_bits_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 5, FALSE);
2640 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2643 /* EPS Security Context and Quadruplets */
2645 dissect_gtpv2_mm_context_eps_qq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2647 proto_item *flag/*, *auth_qua, *net_cap*/;
2648 proto_tree *flag_tree/*, *auth_qua_tree, *net_cap_tree*/;
2649 guint32 offset/*, nas_dc, nas_uc, i*/;
2650 /*guint8 nhi, drxi, nr_qui, nr_qua, tmp;*/
2654 /*nhi = (tvb_get_guint8(tvb, offset) & 0x10);*/
2655 /*drxi = (tvb_get_guint8(tvb, offset) & 0x08);*/
2657 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2658 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2663 * Security Mode | NHI | DRXI | KSIASME
2665 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2666 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nhi, tvb, offset, 1, FALSE);
2667 /* If NHI (Next Hop Indicator), bit 5 of octet 5, is set to "1",
2668 * then the optional parameters NH (Next Hop) and NCC (Next
2669 * Hop Chaining Count) are both present, otherwise their octets are not present.
2671 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2672 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_ksi_a, tvb, offset, 1, FALSE);
2678 * Number of | Number of | UAMB | OSCI
2679 * Quintuplets | Quadruplet | RI |
2681 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2682 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qua, tvb, offset, 1, FALSE);
2685 /* Used NAS integrity protection algorithm */
2686 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_unipa, tvb, offset, 1, FALSE);
2687 /* Used NAS Cipher */
2688 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_unc, tvb, offset, 1, FALSE);
2691 /* Octet 8-10 NAS Downlink Count*/
2692 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nas_dl_cnt, tvb, offset, 1, FALSE);
2695 /* Octet 11-13 NAS Uplink Count */
2696 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nas_ul_cnt, tvb, offset, 1, FALSE);
2699 proto_tree_add_text(flag_tree, tvb, offset, -1, "The rest of the IE not dissected yet");
2704 dissect_gtpv2_mm_context_utms_qq(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2707 proto_tree *flag_tree;
2711 flag = proto_tree_add_text(tree, tvb, offset, 3, "MM Context flags");
2712 flag_tree = proto_item_add_subtree(flag, ett_gtpv2_mm_context_flag);
2714 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_sm, tvb, offset, 1, FALSE);
2716 proto_tree_add_item(flag_tree, hf_gtpv2_spare_bits, tvb, ((offset<<3)+3), 1, FALSE);
2717 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_drxi, tvb, offset, 1, FALSE);
2718 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_ksi_a, tvb, offset, 1, FALSE);
2720 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qui, tvb, offset, 1, FALSE);
2721 proto_tree_add_item(flag_tree, hf_gtpv2_mm_context_nr_qua, tvb, offset, 1, FALSE);
2722 proto_tree_add_item(flag_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 2, FALSE);
2727 * 8.39 PDN Connection (grouped IE)
2730 dissect_gtpv2_PDN_conn(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree _U_, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2733 proto_tree *grouped_tree;
2736 proto_item_append_text(item, "[Grouped IE]");
2737 grouped_tree = proto_item_add_subtree(item, ett_gtpv2_PDN_conn);
2738 new_tvb = tvb_new_subset(tvb, offset, length, length );
2740 dissect_gtpv2_ie_common(new_tvb, pinfo, grouped_tree, offset, message_type);
2746 dissect_gtpv2_pdn_numbers(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2748 proto_item *nsapi_ti;
2749 proto_tree *nsapi_tree;
2751 guint16 dlgtpu_seq, ulgtpu_seq, send_npdu_nr, rec_npdu_nr;
2754 nsapi = (tvb_get_guint8(tvb, offset) & 0x08);
2755 nsapi_ti = proto_tree_add_text(tree, tvb, offset, 1, "NSAPI: %d", nsapi);
2756 nsapi_tree = proto_item_add_subtree(nsapi_ti, ett_gtpv2_pdn_numbers_nsapi);
2757 proto_tree_add_item(nsapi_tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
2758 proto_tree_add_item(nsapi_tree, hf_gtpv2_pdn_numbers_nsapi, tvb, offset, 1, FALSE);
2759 proto_item_append_text(item, "NSAPI: %u", nsapi);
2762 dlgtpu_seq = tvb_get_ntohs(tvb, offset);
2763 proto_tree_add_text(tree, tvb, offset, 2, "DL GTP-U Sequence Number: %d", dlgtpu_seq);
2766 ulgtpu_seq = tvb_get_ntohs(tvb, offset);
2767 proto_tree_add_text(tree, tvb, offset, 2, "UL GTP-U Sequence Number: %d", ulgtpu_seq);
2770 send_npdu_nr = tvb_get_ntohs(tvb, offset);
2771 proto_tree_add_text(tree, tvb, offset, 2, "Send N-PDU Number: %d", send_npdu_nr);
2774 rec_npdu_nr = tvb_get_ntohs(tvb, offset);
2775 proto_tree_add_text(tree, tvb, offset, 2, "Receive N-PDU Number: %d", rec_npdu_nr);
2779 * 8.41 Packet TMSI (P-TMSI)
2782 dissect_gtpv2_p_tmsi(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2786 /* The TMSI consists of 4 octets. It can be coded using a full hexadecimal representation. */
2787 proto_tree_add_item(tree, hf_gtpv2_p_tmsi, tvb, offset, 4, FALSE);
2788 proto_item_append_text(item, "%s", tvb_bytes_to_str(tvb, offset, 4));
2792 * 8.42 P-TMSI Signature
2795 dissect_gtpv2_p_tmsi_sig(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2799 /* The P-TMSI Signature consists of 3 octets and may be allocated by the SGSN. */
2800 proto_tree_add_item(tree, hf_gtpv2_p_tmsi_sig, tvb, offset, 3, FALSE);
2801 proto_item_append_text(item, "%s", tvb_bytes_to_str(tvb, offset, 3));
2809 dissect_gtpv2_hop_counter(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2814 hop_counter = tvb_get_guint8(tvb, offset);
2816 proto_tree_add_text(tree, tvb, offset, 1, "Hop Counter: %d", hop_counter);
2817 proto_item_append_text(item, "%d", hop_counter);
2824 static const value_string gtpv2_ue_time_zone_dst_vals[] = {
2825 {0, "No Adjustments for Daylight Saving Time"},
2826 {1, "+1 Hour Adjustments for Daylight Saving Time"},
2827 {2, "+2 Hour Adjustments for Daylight Saving Time"},
2832 dissect_gtpv2_ue_time_zone(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2837 * UE Time Zone is used to indicate the offset between universal time and local time in steps of 15 minutes of where the
2838 * UE currently resides. The "Time Zone" field uses the same format as the "Time Zone" IE in 3GPP TS 24.008 [5].
2839 * (packet-gsm_a_dtap.c)
2841 de_time_zone(tvb, tree, pinfo, offset, 1, NULL, 0);
2843 proto_tree_add_item(item, hf_gtpv2_ue_time_zone_dst, tvb, offset, 1, FALSE);
2847 * 8.45 Trace Reference
2850 dissect_gtpv2_trace_reference(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2856 mcc_mnc_str = dissect_e212_mcc_mnc_ep_str(tvb, pinfo, tree, 0, TRUE);
2859 trace_id = tvb_get_ntohs(tvb, offset);
2860 proto_tree_add_text(tree, tvb, offset, 3, "Trace ID: %d", trace_id);
2862 proto_item_append_text(item,"%s,Trace ID %u", mcc_mnc_str, trace_id);
2865 * 8.46 Complete Request Message
2867 static const value_string gtpv2_complete_req_msg_type_vals[] = {
2868 {0, "Complete Attach Request Message" },
2869 {1, "Complete TAU Request Message" },
2873 dissect_complete_request_msg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2880 proto_tree_add_item(tree, hf_gtpv2_complete_req_msg_type, tvb, offset, 1, FALSE);
2884 /* Add the Complete Request Message */
2885 new_tvb = tvb_new_subset_remaining(tvb, offset);
2886 call_dissector(nas_eps_handle, new_tvb, pinfo, tree);
2894 dissect_gtpv2_guti(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
2900 dissect_e212_mcc_mnc(tvb, pinfo, tree, 0, TRUE);
2903 proto_tree_add_item(tree, hf_gtpv2_mme_grp_id, tvb, offset, 2, FALSE);
2906 proto_tree_add_item(tree, hf_gtpv2_mme_code, tvb, offset, 1, FALSE);
2909 proto_tree_add_item(tree, hf_gtpv2_m_tmsi, tvb, offset,4, FALSE);
2913 * 8.48 Fully Qualified Container (F-Container)
2916 static const value_string gtpv2_container_type_vals[] = {
2917 {1, "UTRAN transparent container"},
2918 {2, "BSS container"},
2919 {3, "E-UTRAN transparent container"},
2925 dissect_gtpv2_F_container(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type, guint8 instance _U_)
2929 guint8 container_type;
2931 /* Octets 8 7 6 5 4 3 2 1
2932 * 5 Spare | Container Type
2934 proto_tree_add_item(tree, hf_gtpv2_container_type, tvb, offset, 1, FALSE);
2935 container_type = tvb_get_guint8(tvb,offset);
2937 if(message_type == GTPV2_FORWARD_CTX_NOTIFICATION) {
2938 switch(container_type){
2940 /* E-UTRAN transparent container */
2941 tvb_new = tvb_new_subset_remaining(tvb, offset);
2942 dissect_s1ap_ENB_StatusTransfer_TransparentContainer_PDU(tvb_new, pinfo, tree);
2949 /* 7.3.2 Forward Relocation Response
2950 * E-UTRAN Transparent Container
2951 * This IE is conditionally included only during a handover to
2952 * E-UTRAN and contains the radio-related and core network
2953 * information. If the Cause IE contains the value "Request
2954 * accepted", this IE shall be included.
2956 proto_tree_add_text(tree, tvb, offset, length-offset, "Not dissected yet");
2961 * 8.49 Fully Qualified Cause (F-Cause)
2964 static const value_string gtpv2_cause_type_vals[] = {
2965 {0, "Radio Network Layer"},
2966 {1, "Transport Layer"},
2969 {4, "Miscellaneous"},
2983 static value_string_ext gtpv2_cause_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_cause_type_vals);
2986 dissect_gtpv2_F_cause(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
2991 /* The value of Instance field of the F-Cause IE in a GTPv2 message shall indicate
2992 * whether the F-Cause field contains RANAP Cause, BSSGP Cause or RAN Cause.
2993 * If the F-Cause field contains RAN Cause, the Cause Type field shall contain
2994 * the RAN cause subcategory as specified in 3GPP TS 36.413 [10] and it shall be
2995 * encoded as in Table 8.49-1.
2996 * If the F-Cause field contains BSSGP Cause or RANAP Cause,
2997 * the Cause Type field shall be ignored by the receiver.
2999 if(message_type == GTPV2_FORWARD_RELOCATION_REQ) {
3002 proto_item_append_text(item, "[RAN Cause]");
3003 proto_tree_add_item(tree, hf_gtpv2_cause_type, tvb, offset, 1, FALSE);
3004 cause_type = tvb_get_guint8(tvb,offset);
3008 /* CauseRadioNetwork */
3009 proto_tree_add_item(tree, hf_gtpv2_CauseRadioNetwork, tvb, offset, 1, FALSE);
3012 /* CauseTransport */
3013 proto_tree_add_item(tree, hf_gtpv2_CauseTransport, tvb, offset, 1, FALSE);
3017 proto_tree_add_item(tree, hf_gtpv2_CauseNas, tvb, offset, 1, FALSE);
3021 proto_tree_add_item(tree, hf_gtpv2_CauseProtocol, tvb, offset, 1, FALSE);
3025 proto_tree_add_item(tree, hf_gtpv2_CauseMisc, tvb, offset, 1, FALSE);
3033 proto_item_append_text(item, "[RANAP Cause]");
3036 proto_item_append_text(item, "[BSSGP Cause]");
3042 proto_tree_add_text(tree, tvb, offset, length-offset, "Not dissected yet");
3047 * 8.50 Selected PLMN ID
3050 * The Selected PLMN ID IE contains the core network operator selected for tne UE
3051 * in a shared network. Octets 5-7 shall be encoded as the content part of the
3052 * "Selected PLMN Identity" parameter in 3GPP TS 36.413 [10].
3053 * -The Selected PLMN identity consists of 3 digits from MCC followed by
3054 * either -a filler digit plus 2 digits from MNC (in case of 2 digit MNC) or
3055 * -3 digits from MNC (in case of a 3 digit MNC).
3058 dissect_gtpv2_sel_plmn_id(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3062 mcc_mnc_str = dissect_e212_mcc_mnc_ep_str(tvb, pinfo, tree, 0, TRUE);
3063 proto_item_append_text(item,"%s", mcc_mnc_str);
3067 * 8.51 Target Identification
3070 static const value_string gtpv2_target_type_vals[] = {
3072 {1, "Macro eNodeB ID"},
3073 {2, "Cell Identifier"},
3074 {3, "Home eNodeB ID"},
3077 static value_string_ext gtpv2_target_type_vals_ext = VALUE_STRING_EXT_INIT(gtpv2_target_type_vals);
3080 dissect_gtpv2_target_id(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3086 proto_tree_add_item(tree, hf_gtpv2_target_type, tvb, 0, 1, FALSE);
3087 target_type = tvb_get_guint8(tvb,offset);
3089 switch(target_type) {
3092 * In this case the Target ID field shall be encoded as the Target
3093 * RNC-ID part of the "Target ID" parameter in 3GPP TS 25.413 [33]. Therefore, the "Choice Target ID" that indicates
3094 * "Target RNC-ID" (numerical value of 0x20) shall not be included (value in octet 5 specifies the target type).
3096 tvb_new = tvb_new_subset_remaining(tvb, offset);
3097 dissect_ranap_TargetRNC_ID_PDU(tvb_new, pinfo, tree);
3101 /* Macro eNodeB ID*/
3102 tvb_new = tvb_new_subset_remaining(tvb, offset);
3103 dissect_e212_mcc_mnc(tvb_new, pinfo, tree, 0, TRUE);
3105 /* The Macro eNodeB ID consists of 20 bits.
3106 * Bit 4 of Octet 4 is the most significant bit and bit 1 of Octet 6 is the least significant bit.
3108 proto_tree_add_item(tree, hf_gtpv2_macro_enodeb_id, tvb, offset, 3, FALSE);
3110 /* Tracking Area Code (TAC) */
3111 proto_tree_add_item(tree, hf_gtpv2_uli_tai_tac, tvb, offset, 2, FALSE);
3115 /* Cell Identifier */
3116 /* Target ID field shall be same as the Octets 3 to 10 of the Cell Identifier IEI
3117 * in 3GPP TS 48.018 [34].
3120 /* Home eNodeB ID */
3121 /* Octet 10 to 12 Home eNodeB ID */
3122 /* Octet 13 to 14 Tracking Area Code (TAC) */
3127 proto_tree_add_text(tree, tvb, offset, length-offset, "Not dissected yet");
3135 * 8.53 Packet Flow ID
3138 dissect_gtpv2_pkt_flow_id(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3142 /* Octet 5 Spare EBI */
3143 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
3144 proto_tree_add_item(tree, hf_gtpv2_ebi, tvb, offset, 2, FALSE);
3147 /* Packet Flow ID */
3148 proto_tree_add_text(tree, tvb, offset, length, "Packet Flow ID: %s", tvb_bytes_to_str(tvb, offset, length-1));
3155 dissect_gtpv2_rab_context(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3158 guint16 dlgtpu_seq, ulgtpu_seq, dl_pdcp_seq, ul_pdcp_seq;
3161 proto_tree_add_bits_item(tree, hf_gtpv2_spare_bits, tvb, offset<<3, 4, FALSE);
3162 proto_tree_add_item(tree, hf_gtpv2_nsapi, tvb, offset, 1, FALSE);
3164 /* 6 to 7 DL GTP-U Sequence Number */
3165 dlgtpu_seq = tvb_get_ntohs(tvb, offset);
3166 proto_tree_add_text(tree, tvb, offset, 2, "DL GTP-U Sequence Number: %d", dlgtpu_seq);
3169 /* 8 to 9 UL GTP-U Sequence Number */
3170 ulgtpu_seq = tvb_get_ntohs(tvb, offset);
3171 proto_tree_add_text(tree, tvb, offset, 2, "UL GTP-U Sequence Number: %d", ulgtpu_seq);
3174 /* 10 to 11 DL PDCP Sequence Number */
3175 dl_pdcp_seq = tvb_get_ntohs(tvb, offset);
3176 proto_tree_add_text(tree, tvb, offset, 2, "DL PDCP Sequence Number: %d", dl_pdcp_seq);
3179 /* 12 to 13 UL PDCP Sequence Number */
3180 ul_pdcp_seq = tvb_get_ntohs(tvb, offset);
3181 proto_tree_add_text(tree, tvb, offset, 2, "UL PDCP Sequence Number: %d", ul_pdcp_seq);
3186 * 8.55 Source RNC PDCP context info
3189 dissect_gtpv2_s_rnc_pdcp_ctx_info(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3191 proto_tree_add_text(tree, tvb, 0, length, "RRC Container");
3195 * 8.56 UDP Source Port Number
3198 dissect_udp_s_port_nr(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3200 proto_tree_add_text(tree, tvb, 0, 2, "UPD Source Port Number: %u", tvb_get_ntohs(tvb, 0));
3201 proto_item_append_text(item, "%u", tvb_get_ntohs(tvb, 0));
3204 * 8.57 APN Restriction
3207 dissect_gtpv2_apn_rest(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3211 type_value = tvb_get_guint8(tvb, 0);
3212 proto_tree_add_item(tree, hf_gtpv2_apn_rest, tvb, 0, 1, FALSE);
3213 proto_item_append_text(item, "value %u", type_value);
3217 * 8.58 Selection Mode
3219 static const value_string gtpv2_selec_mode_vals[] = {
3220 {0, "MS or network provided APN, subscribed verified"},
3221 {1, "MS provided APN, subscription not verified"},
3222 {2, "Network provided APN, subscription not verified"},
3223 {3, "Network provided APN, subscription not verified (Basically for Future use"},
3228 dissect_gtpv2_selec_mode(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3233 ss_mode = tvb_get_guint8(tvb, offset) & 0x03;
3234 proto_tree_add_item(tree, hf_gtpv2_selec_mode, tvb, offset, 1, FALSE);
3235 proto_item_append_text(item, "%s", val_to_str(ss_mode, gtpv2_selec_mode_vals, "Unknown"));
3240 * 8.59 Source Identification
3242 static const value_string gtpv2_source_ident_types[] = {
3245 {2, "eNodeB ID(Reserved, used in erlier v of proto.)"},
3249 dissect_gtpv2_source_ident(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3251 proto_item *expert_item;
3255 /* Octet 5 to 12 Target Cell ID */
3256 de_cell_id(tvb, tree, pinfo, offset, 8, NULL, 0);
3258 /* Octet 13 Source Type */
3259 source_type = tvb_get_guint8(tvb, offset);
3260 proto_tree_add_item(tree, hf_gtpv2_source_type, tvb, offset, 1, FALSE);
3262 /* Octet 14 to (n+4) Source ID */
3263 switch(source_type){
3265 /* The Source Type is Cell ID for PS handover from GERAN A/Gb mode. In this case the coding of the Source ID field
3266 * shall be same as the Octets 3 to 10 of the Cell Identifier IEI in 3GPP TS 48.018 [34].
3268 de_cell_id(tvb, tree, pinfo, offset, 8, NULL, 0);
3272 /* The Source Type is RNC ID for PS handover from GERAN Iu mode or for inter-RAT handover from UTRAN. In this
3273 * case the Source ID field shall be encoded as as the Source RNC-ID part of the "Source ID" parameter in 3GPP TS
3276 /* RNC-ID M INTEGER (0..4095) */
3281 expert_item = proto_tree_add_text(tree, tvb, offset-1, 1, "Unknown source type");
3282 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Unknown source type");
3283 PROTO_ITEM_SET_GENERATED(expert_item);
3290 * 8.60 Bearer Control Mode
3292 static const value_string gtpv2_bearer_control_mode_vals[] = {
3293 {0, "Selected Bearer Control Mode-'MS_only'"},
3294 {1, "Selected Bearer Control Mode-'Network_only'"},
3295 {2, "Selected Bearer Control Mode-'MS/NW'"},
3298 static const value_string gtpv2_bearer_control_mode_short_vals[] = {
3300 {1, "Network_only"},
3306 dissect_gtpv2_bearer_control_mode(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3310 proto_tree_add_item(tree, hf_gtpv2_bearer_control_mode, tvb, 0, 1, FALSE);
3311 /* Add Bearer Control Mode to tree */
3312 bcm = tvb_get_guint8(tvb, 0);
3313 proto_item_append_text(item, "%s", val_to_str(bcm, gtpv2_bearer_control_mode_short_vals, "Unknown"));
3317 * 8.61 Change Reporting Action
3319 static const value_string gtpv2_cng_rep_act_vals[] = {
3320 {0, "Stop Reporting"},
3321 {1, "Start Reporting CGI/SAI"},
3322 {2, "Start Reporting RAI"},
3323 {3, "Start Reporting TAI"},
3324 {4, "Start Reporting ECGI"},
3325 {5, "Start Reporting CGI/SAI and RAI"},
3326 {6, "Start Reporting TAI and ECGI"},
3331 dissect_gtpv2_cng_rep_act(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3335 /* Add Action to tree */
3336 action = tvb_get_guint8(tvb, 0);
3337 proto_tree_add_item(tree, hf_gtpv2_cng_rep_act, tvb, 0, 1, FALSE);
3339 proto_item_append_text(item, "%s", val_to_str(action, gtpv2_cng_rep_act_vals, "Unknown"));
3342 * 8.62 Fully qualified PDN Connection Set Identifier (FQ-CSID)
3344 static const value_string gtpv2_fq_csid_type_vals[] = {
3345 {0, "Global unicast IPv4 address"},
3346 {1, "Global unicast IPv6 address"},
3347 {2, "4 octets long field"},
3353 dissect_gtpv2_fq_csid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3355 proto_item *expert_item;
3357 guint8 octet,node_id_type, csids;
3358 guint32 node_id, node_id_mcc_mnc;
3360 /* Octet 5 Node-ID Type Number of CSIDs= m */
3362 octet = tvb_get_guint8(tvb, offset);
3363 node_id_type = octet >> 4;
3364 csids = octet & 0x0f;
3365 proto_tree_add_item(tree, hf_gtpv2_fq_csid_type, tvb, offset, 1, FALSE);
3366 proto_tree_add_item(tree, hf_gtpv2_fq_csid_nr, tvb, offset, 1, FALSE);
3369 switch(node_id_type){
3371 /* Indicates that Node-ID is a global unicast IPv4 address and p = 9 */
3372 proto_tree_add_item(tree, hf_gtpv2_fq_csid_ipv4, tvb, offset, 4, FALSE);
3376 /* Indicates that Node-ID is a global unicast IPv6 address and p = 21 */
3377 proto_tree_add_item(tree, hf_gtpv2_fq_csid_ipv6, tvb, offset, 16, FALSE);
3381 /* Node-ID is a 4 octets long field with a 32 bit value stored in network order, and p= 9. The coding
3382 * of the field is specified below:
3383 * - Most significant 20 bits are the binary encoded value of (MCC * 1000 + MNC).
3384 * - Least significant 12 bits is a 12 bit integer assigned by an operator to an MME, SGW or PGW. Other values of
3385 * Node-ID Type are reserved.
3387 node_id = tvb_get_ntohl(tvb, offset);
3388 node_id_mcc_mnc = node_id >> 12;
3389 node_id = node_id & 0xfff;
3390 proto_tree_add_text(tree, tvb, offset, 4, "Node-ID: MCC+MNC %u, Id: %u",node_id_mcc_mnc, node_id);
3394 expert_item = proto_tree_add_text(tree, tvb, offset-1, 1, "Wrong Node-ID Type %u, should be 0-2(Or tis is a newer spec)",node_id_type);
3395 expert_add_info_format(pinfo, expert_item, PI_PROTOCOL, PI_ERROR, "Wrong Node-ID Type %u, should be 0-2(Or tis is a newer spec)",node_id_type);
3396 PROTO_ITEM_SET_GENERATED(expert_item);
3400 /* First PDN Connection Set Identifier (CSID)
3401 * Second PDN Connection Set Identifier (CSID)
3403 * m-th PDN Connection Set Identifier (CSID)
3406 proto_tree_add_item(tree, hf_gtpv2_fq_csid_id, tvb, offset, 2, FALSE);
3413 * 8.63 Channel needed
3416 dissect_gtpv2_channel_needed(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3418 /* The Channel needed shall be coded as depicted in Figure 8.63-1. Channel needed is coded as the IEI part and the value
3419 * part of the Channel Needed IE defined in 3GPP TS 44.018[28]
3421 de_rr_chnl_needed(tvb, tree, pinfo, 0, length, NULL, 0);
3425 * 8.64 eMLPP Priority
3426 * The eMLPP-Priority shall be coded as depicted in Figure 8.64-1. The eMLPP Priority is coded as the value part of the
3427 * eMLPP-Priority IE defined in 3GPP TS 48.008 [29] (not including 3GPP TS 48.008 IEI and 3GPP TS 48.008 [29]
3428 * length indicator).
3431 dissect_gtpv2_emlpp_pri(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3433 be_emlpp_prio(tvb, tree, pinfo, 0, length, NULL, 0);
3440 static const value_string gtpv2_node_type_vals[] = {
3447 dissect_gtpv2_node_type(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length _U_, guint8 message_type _U_, guint8 instance _U_)
3451 proto_tree_add_item(tree, hf_gtpv2_node_type, tvb, 0, 1, FALSE);
3452 /* Append Node Type to tree */
3453 node_type = tvb_get_guint8(tvb, 0);
3454 proto_item_append_text(item, "%s", val_to_str(node_type, gtpv2_node_type_vals, "Unknown"));
3459 * 8.66 Fully Qualified Domain Name (FQDN)
3462 dissect_gtpv2_fqdn(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3464 int offset = 0, name_len, tmp;
3465 guint8 *fqdn = NULL;
3467 /* The FQDN field encoding shall be identical to the encoding of
3468 * a FQDN within a DNS message of section 3.1 of IETF
3469 * RFC 1035 [31] but excluding the trailing zero byte.
3472 name_len = tvb_get_guint8(tvb, offset);
3474 if (name_len < 0x20) {
3475 fqdn = tvb_get_ephemeral_string(tvb, offset + 1, length - 1);
3477 if (name_len >= length - 1)
3480 name_len = name_len + fqdn[tmp] + 1;
3484 fqdn = tvb_get_ephemeral_string(tvb, offset, length);
3486 proto_tree_add_string(tree, hf_gtpv2_fqdn, tvb, offset, length, fqdn);
3487 proto_item_append_text(item, "%s", fqdn);
3492 * 8.67 Private Extension
3495 dissect_gtpv2_private_ext(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3499 /* oct 5 -7 Enterprise ID */
3500 proto_tree_add_item(tree, hf_gtpv2_enterprise_id, tvb, offset, 2, FALSE);
3502 proto_tree_add_text(tree, tvb, offset, length-2, "Proprietary value");
3506 * 8.68 Transaction Identifier (TI)
3509 dissect_gtpv2_ti(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, proto_item *item _U_, guint16 length, guint8 message_type _U_, guint8 instance _U_)
3511 /* 5 to (n+4) Transaction Identifier */
3512 proto_tree_add_item(tree, hf_gtpv2_ti, tvb, 0, length, FALSE);
3516 typedef struct _gtpv2_ie {
3518 void (*decode) (tvbuff_t *, packet_info *, proto_tree *, proto_item *, guint16, guint8, guint8);
3521 static const gtpv2_ie_t gtpv2_ies[] = {
3522 {GTPV2_IE_IMSI, dissect_gtpv2_imsi},
3523 {GTPV2_IE_CAUSE, dissect_gtpv2_cause}, /* 2, Cause (without embedded offending IE) 8.4 */
3524 {GTPV2_REC_REST_CNT, dissect_gtpv2_recovery}, /* 3, Recovery (Restart Counter) 8.5 */
3525 /* 4-50 Reserved for S101 interface Extendable / See 3GPP TS 29.276 [14] */
3526 /*Start SRVCC Messages 3GPP TS 29.280 */
3527 {GTPV2_IE_STN_SR, dissect_gtpv2_stn_sr}, /* 51 51 STN-SR */
3528 {GTPV2_IE_SRC_TGT_TRANS_CON, dissect_gtpv2_src_tgt_trans_con}, /* 52 Source to Target Transparent Container */
3529 {GTPV2_IE_TGT_SRC_TRANS_CON , dissect_gtpv2_tgt_src_trans_con}, /* 53 Target to Source Transparent Container */
3530 {GTPV2_IE_MM_CON_EUTRAN_SRVCC, dissect_gtpv2_mm_con_eutran_srvcc}, /* 54 MM Context for E-UTRAN SRVCC */
3531 {GTPV2_IE_MM_CON_UTRAN_SRVCC, dissect_gtpv2_mm_con_utran_srvcc}, /* 55 MM Context for UTRAN SRVCC */
3532 {GTPV2_IE_SRVCC_CAUSE, dissect_gtpv2_srvcc_cause}, /* 56 SRVCC Cause */
3533 {GTPV2_IE_TGT_RNC_ID, dissect_gtpv2_tgt_rnc_id}, /* 57 Target RNC ID */
3534 {GTPV2_IE_TGT_GLOGAL_CELL_ID, dissect_gtpv2_tgt_global_cell_id}, /* 58 Target Global Cell ID */
3535 {GTPV2_IE_TEID_C, dissect_gtpv2_teid_c}, /* 59 TEID-C */
3536 {GTPV2_IE_SV_FLAGS, dissect_gtpv2_sv_flags}, /* 60 Sv Flags */
3537 {GTPV2_IE_SAI, dissect_gtpv2_sai}, /* 61 Service Area Identifie */
3538 /* 61-70 Reserved for Sv interface Extendable / See 3GPP TS 29.280 [15] */
3540 {GTPV2_APN, dissect_gtpv2_apn}, /* 71, Access Point Name (APN) 8.6 */
3541 {GTPV2_AMBR, dissect_gtpv2_ambr}, /* 72, Aggregate Maximum Bit Rate (AMBR) */
3542 {GTPV2_EBI, dissect_gtpv2_ebi}, /* 73, EPS Bearer ID (EBI) 8.8 */
3543 {GTPV2_IP_ADDRESS, dissect_gtpv2_ip_address}, /* 74, IP Address */
3544 {GTPV2_MEI, dissect_gtpv2_mei}, /* 74, Mobile Equipment Identity */
3545 {GTPV2_IE_MSISDN, dissect_gtpv2_msisdn}, /* 76, MSISDN 8.11 */
3546 {GTPV2_INDICATION, dissect_gtpv2_ind}, /* 77 Indication 8.12 */
3547 {GTPV2_PCO, dissect_gtpv2_pco}, /* 78 Protocol Configuration Options (PCO) 8.13 */
3548 {GTPV2_PAA, dissect_gtpv2_paa}, /* 79 PDN Address Allocation (PAA) 8.14 */
3549 {GTPV2_BEARER_QOS,dissect_gtpv2_bearer_qos}, /* 80 Bearer Level Quality of Service (Bearer QoS) 8.15 */
3550 {GTPV2_IE_FLOW_QOS, dissect_gtpv2_flow_qos}, /* 81 Flow Quality of Service (Flow QoS) 8.16 */
3551 {GTPV2_IE_RAT_TYPE, dissect_gtpv2_rat_type}, /* 82, RAT Type 8.17 */
3552 {GTPV2_IE_SERV_NET, dissect_gtpv2_serv_net}, /* 83, Serving Network 8.18 */
3553 {GTPV2_IE_BEARER_TFT, dissect_gtpv2_bearer_tft}, /* 84, Bearer TFT 8.19 */
3554 {GTPV2_IE_TAD, dissect_gtpv2_tad}, /* 85, Traffic Aggregate Description 8.20 */
3555 {GTPV2_IE_ULI, dissect_gtpv2_uli}, /* 86, User Location Info (ULI) 8.22 */
3556 {GTPV2_IE_F_TEID, dissect_gtpv2_f_teid}, /* 87, Fully Qualified Tunnel Endpoint Identifier (F-TEID) 8.23 */
3557 {GTPV2_IE_TMSI, dissect_gtpv2_tmsi}, /* 88, TMSI 8.23 */
3558 {GTPV2_IE_GLOBAL_CNID, dissect_gtpv2_g_cn_id}, /* 89, Global CN-Id 8.25 */
3559 {GTPV2_IE_S103PDF, dissect_gtpv2_s103pdf}, /* 90, S103 PDN Data Forwarding Info (S103PDF) 8.25 */
3560 {GTPV2_IE_S1UDF, dissect_gtpv2_s1udf}, /* 91, S1-U Data Forwarding (S1UDF) 8.26 */
3561 {GTPV2_IE_DEL_VAL, dissect_gtpv2_delay_value}, /* 92, Delay Value 8.29 */
3562 {GTPV2_IE_BEARER_CTX,dissect_gtpv2_bearer_ctx}, /* 93, Bearer Context 8.31 */
3563 {GTPV2_IE_CHAR_ID, dissect_gtpv2_charging_id}, /* 94, Charging Id */
3564 {GTPV2_IE_CHAR_CHAR, dissect_gtpv2_char_char}, /* 95 Charging Characteristic */
3565 {GTPV2_IE_TRA_INFO, dissect_gtpv2_tra_info}, /* 96, Trace Information 8.31 */
3566 {GTPV2_BEARER_FLAG, dissect_gtpv2_bearer_flag}, /* 97, Bearer Flag */
3568 {GTPV2_IE_PDN_TYPE, dissect_gtpv2_pdn_type}, /* 99, PDN Type */
3569 {GTPV2_IE_PTI, dissect_gtpv2_pti}, /* 100, Procedure Transaction Id */
3570 {GTPV2_IE_DRX_PARAM, dissect_gtpv2_drx_param}, /* 101, DRX Parameter 8.36 */
3571 {GTPV2_IE_UE_NET_CAPABILITY, dissect_gtpv2_ue_net_capability}, /* 102, UE network capability 8.37 */
3572 {GTPV2_IE_MM_CONTEXT_GSM_T, dissect_gtpv2_mm_context_gsm_t}, /* 103, MM Context 8.38 GSM Key and Triplets */
3573 {GTPV2_IE_MM_CONTEXT_UTMS_CQ, dissect_gtpv2_mm_context_utms_cq}, /* 104, MM Context 8.38 */
3574 {GTPV2_IE_MM_CONTEXT_GSM_CQ, dissect_gtpv2_mm_context_gsm_cq}, /* 105, MM Context 8.38 */
3575 {GTPV2_IE_MM_CONTEXT_UTMS_Q, dissect_gtpv2_mm_context_utms_q}, /* 106, MM Context 8.38 */
3576 {GTPV2_IE_MM_CONTEXT_EPS_QQ, dissect_gtpv2_mm_context_eps_qq}, /* 107, MM Context 8.38 */
3577 {GTPV2_IE_MM_CONTEXT_UTMS_QQ, dissect_gtpv2_mm_context_utms_qq}, /* 108, MM Context 8.38 */
3578 {GTPV2_IE_PDN_CONNECTION, dissect_gtpv2_PDN_conn}, /* 109, PDN Connection */
3579 {GTPV2_IE_PDN_NUMBERS, dissect_gtpv2_pdn_numbers}, /* 110, PDN Numbers 8.40 */
3580 {GTPV2_IE_P_TMSI, dissect_gtpv2_p_tmsi}, /* 111, P-TMSI 8.41 */
3581 {GTPV2_IE_P_TMSI_SIG, dissect_gtpv2_p_tmsi_sig}, /* 112, P-TMSI Signature 8.42 */
3582 {GTPV2_IE_HOP_COUNTER, dissect_gtpv2_hop_counter}, /* 113, Hop Counter 8.43 */
3583 {GTPV2_IE_UE_TIME_ZONE, dissect_gtpv2_ue_time_zone}, /* 114, UE Time Zone */
3584 {GTPV2_IE_TRACE_REFERENCE, dissect_gtpv2_trace_reference}, /* 115, Trace Reference 8.45 */
3585 {GTPV2_IE_COMPLETE_REQUEST_MSG, dissect_complete_request_msg}, /* 116, Complete Request message 8.46 */
3586 {GTPV2_IE_GUTI, dissect_gtpv2_guti}, /* 117, GUTI 8.47 */
3587 {GTPV2_IE_F_CONTAINER, dissect_gtpv2_F_container}, /* 118, Fully Qualified Container (F-Container) */
3588 {GTPV2_IE_F_CAUSE, dissect_gtpv2_F_cause}, /* 119, Fully Qualified Cause (F-Cause) */
3589 {GTPV2_IE_SEL_PLMN_ID, dissect_gtpv2_sel_plmn_id}, /* 120, Selected PLMN ID 8.50 */
3590 {GTPV2_IE_TARGET_ID, dissect_gtpv2_target_id}, /* 121, Target Identification */
3591 /* 122, Void 8.52 */
3592 {GTPV2_IE_PKT_FLOW_ID, dissect_gtpv2_pkt_flow_id}, /* 123, Packet Flow ID 8.53 */
3593 {GTPV2_IE_RAB_CONTEXT, dissect_gtpv2_rab_context}, /* 124, RAB Context 8.54 */
3594 {GTPV2_IE_S_RNC_PDCP_CTX_INFO, dissect_gtpv2_s_rnc_pdcp_ctx_info}, /* 125, Source RNC PDCP context info 8.55 */
3595 {GTPV2_IE_UDP_S_PORT_NR, dissect_udp_s_port_nr}, /* 126, UDP Source Port Number 8.56 */
3596 {GTPV2_IE_APN_RESTRICTION, dissect_gtpv2_apn_rest}, /* 127, APN Restriction */
3597 {GTPV2_IE_SEL_MODE,dissect_gtpv2_selec_mode}, /* 128 Selection Mode */
3598 {GTPV2_IE_SOURCE_IDENT, dissect_gtpv2_source_ident}, /* 129, Source Identification 8.59 */
3599 {GTPV2_IE_BEARER_CONTROL_MODE,dissect_gtpv2_bearer_control_mode}, /* 130 Bearer Control Mode*/
3600 {GTPV2_IE_CNG_REP_ACT ,dissect_gtpv2_cng_rep_act}, /* 131 Change Reporting Action 8.61 */
3601 {GTPV2_IE_FQ_CSID, dissect_gtpv2_fq_csid}, /* 132, Fully Qualified PDN Connection Set Identifier (FQ-CSID) 8.62 */
3602 {GTPV2_IE_CHANNEL_NEEDED, dissect_gtpv2_channel_needed}, /* 133, Channel Needed 8.63 */
3603 {GTPV2_IE_EMLPP_PRI, dissect_gtpv2_emlpp_pri}, /* 134, eMLPP Priority 8.64 */
3604 {GTPV2_IE_NODE_TYPE ,dissect_gtpv2_node_type}, /* 135 Node Type 8.65 */
3605 {GTPV2_IE_FQDN, dissect_gtpv2_fqdn}, /* 136 8.66 Fully Qualified Domain Name (FQDN) */
3606 {GTPV2_IE_TI, dissect_gtpv2_ti}, /* 137 8.68 Transaction Identifier (TI) */
3607 /* 137-254 Spare. For future use. FFS */
3608 {GTPV2_IE_PRIVATE_EXT,dissect_gtpv2_private_ext},
3610 {0, dissect_gtpv2_unknown}
3616 dissect_gtpv2_ie_common(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree, gint offset, guint8 message_type)
3618 proto_tree *ie_tree;
3621 guint8 type, instance;
3625 * Octets 8 7 6 5 4 3 2 1
3628 * 4 CR Spare Instance
3629 * 5-(n+4) IE specific data
3631 while(offset < (gint)tvb_reported_length(tvb)){
3632 /* Get the type and length */
3633 type = tvb_get_guint8(tvb,offset);
3634 length = tvb_get_ntohs(tvb, offset+1);
3635 ti = proto_tree_add_text(tree, tvb, offset, 4 + length, "%s : ", val_to_str(type, gtpv2_element_type_vals, "Unknown"));
3636 ie_tree = proto_item_add_subtree(ti, ett_gtpv2_ie);
3638 proto_tree_add_item(ie_tree, hf_gtpv2_ie, tvb, offset, 1, FALSE);
3642 proto_tree_add_item(ie_tree, hf_gtpv2_ie_len, tvb, offset, 2, FALSE);
3644 /* CR Spare Instance Octet 4*/
3645 proto_tree_add_item(ie_tree, hf_gtpv2_cr, tvb, offset, 1, FALSE);
3647 instance = tvb_get_guint8(tvb,offset)& 0x0f;
3648 proto_tree_add_item(ie_tree, hf_gtpv2_instance, tvb, offset, 1, FALSE);
3651 /* TODO: call IE dissector here */
3652 if(type==GTPV2_IE_RESERVED){
3653 /* Treat IE type zero specal as type zero is used to end the loop in the else branch */
3654 proto_tree_add_text(ie_tree, tvb, offset, length, "IE type Zero is Reserved and should not be used");
3657 /* Loop over the IE dissector list to se if we find an entry, the last entry will have ie_type=0 breaking the loop */
3658 while (gtpv2_ies[++i].ie_type){
3659 if (gtpv2_ies[i].ie_type == type)
3662 /* Just give the IE dissector the IE */
3663 ie_tvb = tvb_new_subset_remaining(tvb, offset);
3664 (*gtpv2_ies[i].decode) (ie_tvb, pinfo , ie_tree, ti, length, message_type, instance);
3667 offset = offset + length;
3672 dissect_gtpv2(tvbuff_t * tvb, packet_info * pinfo, proto_tree * tree)
3674 proto_tree *gtpv2_tree, *flags_tree;
3675 proto_item *ti, *tf;
3676 guint8 message_type, t_flag;
3680 /* Currently we get called from the GTP dissector no need to check the version */
3681 col_set_str(pinfo->cinfo, COL_PROTOCOL, "GTPv2");
3682 col_clear(pinfo->cinfo, COL_INFO);
3684 /* message type is in octet 2 */
3685 message_type = tvb_get_guint8(tvb,1);
3686 col_add_str(pinfo->cinfo, COL_INFO, val_to_str(message_type, gtpv2_message_type_vals, "Unknown"));
3689 proto_tree_add_item(tree, proto_gtpv2, tvb, offset, -1, FALSE);
3692 ti = proto_tree_add_text(tree, tvb, offset, -1, "%s", val_to_str(message_type, gtpv2_message_type_vals, "Unknown"));
3693 gtpv2_tree = proto_item_add_subtree(ti, ett_gtpv2);
3695 /* Control Plane GTP uses a variable length header. Control Plane GTP header
3696 * length shall be a multiple of 4 octets.
3697 * Figure 5.1-1 illustrates the format of the GTPv2-C Header.
3698 * Bits 8 7 6 5 4 3 2 1
3699 * Octets 1 Version P T Spare Spare Spare
3701 * 3 Message Length (1st Octet)
3702 * 4 Message Length (2nd Octet)
3703 * m-k(m+3) If T flag is set to 1, then TEID shall be placed into octets 5-8.
3704 * Otherwise, TEID field is not present at all.
3705 * n-(n+2) Sequence Number
3707 * Figure 5.1-1: General format of GTPv2 Header for Control Plane
3709 tf = proto_tree_add_item(gtpv2_tree, hf_gtpv2_flags, tvb, offset, 1, FALSE);
3710 flags_tree = proto_item_add_subtree(tf, ett_gtpv2_flags);
3713 t_flag = (tvb_get_guint8(tvb,offset) & 0x08)>>3;
3714 proto_tree_add_item(flags_tree, hf_gtpv2_version, tvb, offset, 1, FALSE);
3715 proto_tree_add_item(flags_tree, hf_gtpv2_p, tvb, offset, 1, FALSE);
3716 proto_tree_add_item(flags_tree, hf_gtpv2_t, tvb, offset, 1, FALSE);
3720 proto_tree_add_item(gtpv2_tree, hf_gtpv2_message_type, tvb, offset, 1, FALSE);
3723 proto_tree_add_item(gtpv2_tree, hf_gtpv2_msg_length, tvb, offset, 2, FALSE);
3727 /* Tunnel Endpoint Identifier 4 octets */
3728 proto_tree_add_item(gtpv2_tree, hf_gtpv2_teid, tvb, offset, 4, FALSE);
3731 /* Sequence Number 3 octets */
3732 proto_tree_add_item(gtpv2_tree, hf_gtpv2_seq, tvb, offset, 3, FALSE);
3736 proto_tree_add_item(gtpv2_tree, hf_gtpv2_spare, tvb, offset, 1, FALSE);
3739 dissect_gtpv2_ie_common(tvb, pinfo, gtpv2_tree, offset, message_type);
3745 void proto_register_gtpv2(void)
3747 static hf_register_info hf_gtpv2[] = {
3748 { &hf_gtpv2_reserved,
3749 {"Reserved bit(s)", "gtpv2.reserved",
3750 FT_UINT8, BASE_DEC, NULL, 0x0,
3753 { &hf_gtpv2_spare_half_octet,
3754 {"Spare half octet", "gtpv2.spare_half_octet",
3755 FT_UINT8, BASE_DEC, NULL, 0x0,
3758 { &hf_gtpv2_spare_bits,
3759 {"Spare bit(s)", "gtpv2.spare_bits",
3760 FT_UINT8, BASE_DEC, NULL, 0x0,
3764 {"Flags", "gtpv2.flags",
3765 FT_UINT8, BASE_DEC, NULL, 0x0,
3769 {"Version", "gtpv2.version",
3770 FT_UINT8, BASE_DEC, NULL, 0xe0,
3775 FT_UINT8, BASE_DEC, NULL, 0x10,
3776 "If Piggybacked message is present or not", HFILL}
3780 FT_UINT8, BASE_DEC, NULL, 0x08,
3781 "If TEID field is present or not", HFILL}
3783 { &hf_gtpv2_message_type,
3784 {"Message Type", "gtpv2.message_type",
3785 FT_UINT8, BASE_DEC, VALS(gtpv2_message_type_vals), 0x0,
3788 { &hf_gtpv2_msg_length,
3789 {"Message Length", "gtpv2.msg_lengt",
3790 FT_UINT16, BASE_DEC, NULL, 0x0,
3794 {"Tunnel Endpoint Identifier", "gtpv2.teid",
3795 FT_UINT32, BASE_DEC, NULL, 0x0,
3799 {"Sequence Number", "gtpv2.seq",
3800 FT_UINT32, BASE_DEC, NULL, 0x0,
3804 {"Spare", "gtpv2.spare",
3805 FT_UINT16, BASE_DEC, NULL, 0x0,
3809 {"IE Type", "gtpv2.ie_type",
3810 FT_UINT8, BASE_DEC, VALS(gtpv2_element_type_vals), 0x0,
3814 {"IE Length", "gtpv2.ie_len",
3815 FT_UINT16, BASE_DEC, NULL, 0x0,
3816 "length of the information element excluding the first four octets", HFILL}
3819 {"CR flag", "gtpv2.cr",
3820 FT_UINT8, BASE_DEC, NULL, 0xf0,/* SRVCC */
3823 { &hf_gtpv2_instance,
3824 {"Instance", "gtpv2.instance",
3825 FT_UINT8, BASE_DEC, NULL, 0x0f,
3829 {"IMSI(International Mobile Subscriber Identity number)", "gtpv2.imsi",
3830 FT_STRING, BASE_NONE, NULL, 0,
3833 { &hf_gtpv2_ipv4_addr,
3834 {"IPv4 Address", "gtpv2.ipv4_addr",
3835 FT_IPv4, BASE_NONE, NULL, 0x0,
3839 {"Cause", "gtpv2.cause",
3840 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_cause_vals_ext, 0x0,
3843 {&hf_gtpv2_cause_cs,
3844 {"CS (Cause Source)","gtpv2.cs",
3845 FT_BOOLEAN, 8, TFS(>pv2_cause_cs), 0x01,
3848 { &hf_gtpv2_cause_bce,
3849 {"BCE (Bearer Context IE Error)","gtpv2.bce",
3850 FT_BOOLEAN, 8, NULL, 0x02,
3853 { &hf_gtpv2_cause_pce,
3854 {"PCE (PDN Connection IE Error)","gtpv2.pce",
3855 FT_BOOLEAN, 8, NULL, 0x04,
3858 { &hf_gtpv2_cause_off_ie_t,
3859 {"Type of the offending IE", "gtpv2.cause_off_ie_t",
3860 FT_UINT8, BASE_DEC, VALS(gtpv2_element_type_vals), 0x0,
3864 {"Restart Counter", "gtpv2.rec",
3865 FT_UINT8, BASE_DEC, NULL, 0x0,
3868 /*Start SRVCC Messages*/
3870 {"STN-SR", "gtpv2.stn_sr",
3871 FT_BYTES, BASE_NONE, NULL, 0x0,
3874 { &hf_gtpv2_len_trans_con,
3875 {"Length of the Transparent Container", "gtpv2.len_trans_con",
3876 FT_UINT8, BASE_DEC, NULL, 0x0,
3880 {"eKSI", "gtpv2.eksi",
3881 FT_UINT8, BASE_DEC, NULL, 0x07,
3886 FT_UINT32, BASE_DEC, NULL, 0x0,
3891 FT_UINT32, BASE_DEC, NULL, 0x0,
3896 FT_UINT_BYTES, BASE_NONE, NULL, 0x0,
3901 FT_UINT_BYTES, BASE_NONE, NULL, 0x0,
3904 { &hf_gtpv2_len_ms_classmark2,
3905 {"Length of Mobile Station Classmark2", "gtpv2.len_ms_classmark2",
3906 FT_UINT8, BASE_DEC, NULL, 0x0,
3909 { &hf_gtpv2_len_ms_classmark3,
3910 {"Length of Mobile Station Classmark3", "gtpv2.len_ms_classmark3",
3911 FT_UINT8, BASE_DEC, NULL, 0x0,
3914 { &hf_gtpv2_len_supp_codec_list,
3915 {"Length of Supported Codec List", "gtpv2.len_supp_codec_list",
3916 FT_UINT8, BASE_DEC, NULL, 0x0,
3920 {"KSI'cs", "gtpv2.ksi",
3921 FT_UINT8, BASE_DEC, NULL, 0x0F,
3926 FT_UINT_BYTES, BASE_NONE, NULL, 0x0,
3930 {"CKSN'", "gtpv2.cksn",
3931 FT_UINT8, BASE_DEC, NULL, 0x0,
3934 { &hf_gtpv2_srvcc_cause,
3935 {"SRVCC Cause", "gtpv2.srvcc_cause",
3936 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_srvcc_cause_vals_ext, 0x0,
3940 {"RNC ID", "gtpv2.rnc_id",
3941 FT_UINT8, BASE_DEC, NULL, 0x0,
3945 { "Location Area Code (LAC)","gtpv2.lac",
3946 FT_UINT16, BASE_HEX_DEC, NULL, 0x00,
3950 { "Service Area Code (SAC)","gtpv2.sac",
3951 FT_UINT16, BASE_HEX_DEC, NULL, 0x00,
3954 { &hf_gtpv2_tgt_g_cell_id,
3955 {"Cell ID", "gtpv2.tgt_g_cell_id",
3956 FT_UINT8, BASE_DEC, NULL, 0x0,
3960 {"Tunnel Endpoint Identifier for Control Plane(TEID-C)", "gtpv2.teid_c",
3961 FT_UINT32, BASE_DEC, NULL, 0x0,
3965 {"STI (Session Transfer Indicator)", "gtpv2.sv_sti",
3966 FT_BOOLEAN, 8, NULL, 0x04, NULL, HFILL}
3969 {"ICS (IMS Centralized Service)", "gtpv2.sv_ics",
3970 FT_BOOLEAN, 8, NULL, 0x02, NULL, HFILL}
3972 {&hf_gtpv2_sv_emind,
3973 {"EmInd(Emergency Indicator)", "gtpv2.sv_ics",
3974 FT_BOOLEAN, 8, NULL, 0x01, NULL, HFILL}
3977 /*End SRVCC Messages*/
3979 {"APN (Access Point Name)", "gtpv2.apn",
3980 FT_STRING, BASE_NONE, NULL, 0x0,
3984 {"AMBR Uplink (Aggregate Maximum Bit Rate for Uplink)", "gtpv2.ambr_up",
3985 FT_UINT32, BASE_DEC, NULL, 0x0,
3988 {&hf_gtpv2_ambr_down,
3989 {"AMBR Downlink(Aggregate Maximum Bit Rate for Downlink)", "gtpv2.ambr_down",
3990 FT_UINT32, BASE_DEC, NULL, 0x0,
3994 {"EPS Bearer ID (EBI)", "gtpv2.ebi",
3995 FT_UINT8, BASE_DEC, NULL, 0x0f,
3998 { &hf_gtpv2_ip_address_ipv4,
3999 {"IP address IPv4", "gtpv2.ip_address_ipv4",
4000 FT_IPv4, BASE_NONE, NULL, 0x0,
4003 { &hf_gtpv2_ip_address_ipv6,
4004 {"IP address IPv6", "gtpv2.ip_address_ipv6",
4005 FT_IPv6, BASE_NONE, NULL, 0x0,
4009 {"MEI(Mobile Equipment Identity)", "gtpv2.mei",
4010 FT_STRING, BASE_NONE, NULL, 0,
4013 { &hf_gtpv2_pdn_numbers_nsapi,
4014 {"NSAPI", "gtpv2.pdn_numbers_nsapi",
4015 FT_UINT8, BASE_DEC, NULL, 0x0f, NULL, HFILL}
4018 {"Packet TMSI (P-TMSI)", "gtpv2.p_tmsi",
4019 FT_UINT32, BASE_HEX, NULL, 0x0, NULL, HFILL}
4021 { &hf_gtpv2_p_tmsi_sig,
4022 {"P-TMSI Signature", "gtpv2.p_tmsi_sig",
4023 FT_UINT24, BASE_HEX, NULL, 0x0, NULL, HFILL}
4026 {"DAF (Dual Address Bearer Flag)", "gtpv2.daf",
4027 FT_BOOLEAN, 8, NULL, 0x80, NULL, HFILL}
4030 {"DTF (Direct Tunnel Flag)","gtpv2.dtf",
4031 FT_BOOLEAN, 8, NULL, 0x40, NULL, HFILL}
4034 {"HI (Handover Indication)", "gtpv2.hi",
4035 FT_BOOLEAN, 8, NULL, 0x20, NULL, HFILL}
4038 {"DFI (Direct Forwarding Indication)", "gtpv2.dfi",
4039 FT_BOOLEAN, 8, NULL, 0x10, NULL, HFILL}
4042 {"OI (Operation Indication)","gtpv2.oi",
4043 FT_BOOLEAN, 8, NULL, 0x08, NULL, HFILL}
4046 {"ISRSI (Idle mode Signalling Reduction Supported Indication)", "gtpv2.isrsi",
4047 FT_BOOLEAN, 8, NULL, 0x04, NULL, HFILL}
4050 {"ISRAI (Idle mode Signalling Reduction Activation Indication)", "gtpv2.israi",
4051 FT_BOOLEAN, 8, NULL, 0x02, NULL, HFILL}
4054 {"SGWCI (SGW Change Indication)", "gtpv2.sgwci",
4055 FT_BOOLEAN, 8, NULL, 0x01, NULL, HFILL}
4058 {"SQCI (Subscribed QoS Change Indication", "gtpv2.sqci",
4059 FT_BOOLEAN, 8, NULL, 0x80, NULL, HFILL}
4062 {"UIMSI (Unauthenticated IMSI)", "gtpv2.uimsi",
4063 FT_BOOLEAN, 8, NULL, 0x40, NULL, HFILL}
4066 {"CFSI (Change F-TEID support indication)", "gtpv2.cfsi",
4067 FT_BOOLEAN, 8, NULL, 0x20, NULL, HFILL}
4070 {"CRSI (Change Reporting support indication):", "gtpv2.crsi",
4071 FT_BOOLEAN, 8, NULL, 0x10, NULL, HFILL}
4074 {"PS (Piggybacking Supported).)", "gtpv2.ps",
4075 FT_BOOLEAN, 8, NULL, 0x08, NULL, HFILL}
4078 {"PT (Protocol Type)", "gtpv2.pt",
4079 FT_BOOLEAN, 8, NULL, 0x04, NULL, HFILL}
4082 {"SI (Scope Indication)", "gtpv2.si",
4083 FT_BOOLEAN, 8, NULL, 0x02, NULL, HFILL}
4086 {"MSV (MS Validated)", "gtpv2.msv",
4087 FT_BOOLEAN, 8, NULL, 0x01, NULL, HFILL}
4090 {"CCRSI (CSG Change Reporting support indication)", "gtpv2.ccrsi",
4091 FT_BOOLEAN, 8, NULL, 0x01, NULL, HFILL}
4093 { &hf_gtpv2_pdn_type,
4094 {"PDN Type", "gtpv2.pdn_type",
4095 FT_UINT8, BASE_DEC, VALS(gtpv2_pdn_type_vals), 0x07,
4098 { &hf_gtpv2_tra_info,
4099 {"Trace ID","gtpv2.tra_info",
4100 FT_STRING, BASE_NONE, NULL, 0x0,
4103 { &hf_gtpv2_tra_info_msc_momt_calls,
4104 {"MO and MT calls","gtpv2.tra_info_msc_momt_calls",
4105 FT_UINT8, BASE_DEC, NULL, 0x01,
4106 "MSC Server", HFILL}
4108 { &hf_gtpv2_tra_info_msc_momt_sms,
4109 {"MO and MT SMS","gtpv2.tra_info_msc_momt_sms",
4110 FT_UINT8, BASE_DEC, NULL, 0x02,
4111 "MSC Server", HFILL}
4113 { &hf_gtpv2_tra_info_msc_lu_imsi_ad,
4114 {"LU, IMSI attach, IMSI detach","gtpv2.tra_info_msc_lu_imsi_ad",
4115 FT_UINT8, BASE_DEC, NULL, 0x04,
4116 "MSC Server", HFILL}
4118 { &hf_gtpv2_tra_info_msc_handovers,
4119 {"Handovers","gtpv2.tra_info_msc_handovers",
4120 FT_UINT8, BASE_DEC, NULL, 0x08,
4121 "MSC Server", HFILL}
4123 { &hf_gtpv2_tra_info_msc_ss,
4124 {"SS","gtpv2.tra_info_msc_ss",
4125 FT_UINT8, BASE_DEC, NULL, 0x10,
4126 "MSC Server", HFILL}
4128 { &hf_gtpv2_tra_info_mgw_context,
4129 {"Context","gtpv2.tra_info_mgw_context",
4130 FT_UINT8, BASE_DEC, NULL, 0x01,
4133 { &hf_gtpv2_tra_info_sgsn_pdp_context,
4134 {"PDP context","gtpv2.tra_info_sgsn_pdp_context",
4135 FT_UINT8, BASE_DEC, NULL, 0x01,
4138 { &hf_gtpv2_tra_info_sgsn_momt_sms,
4139 {"MO and MT SMS","gtpv2.tra_info_sgsn_momt_sms",
4140 FT_UINT8, BASE_DEC, NULL, 0x02,
4143 { &hf_gtpv2_tra_info_sgsn_rau_gprs_ad,
4144 {"RAU, GPRS attach, GPRS detach","gtpv2.tra_info_sgsn_rau_gprs_ad",
4145 FT_UINT8, BASE_DEC, NULL, 0x04,
4148 { &hf_gtpv2_tra_info_sgsn_mbms,
4149 {"MBMS Context","gtpv2.tra_into_sgsn_mbms",
4150 FT_UINT8, BASE_DEC, NULL, 0x08,
4153 { &hf_gtpv2_tra_info_sgsn_reserved,
4154 {"Reserved","gtpv2.",
4155 FT_UINT8, BASE_DEC, NULL, 0x0,
4158 { &hf_gtpv2_tra_info_ggsn_pdp,
4159 {"PDP Cpntext","gtpv2.tra_info_ggsn_pdp",
4160 FT_UINT8, BASE_DEC, NULL, 0x01,
4163 { &hf_gtpv2_tra_info_ggsn_mbms,
4164 {"MBMS Context","gtpv2.tra_info_ggsn_mbms",
4165 FT_UINT8, BASE_DEC, NULL, 0x02,
4168 { &hf_gtpv2_tra_info_bm_sc,
4169 {"MBMS Multicast service activation","gtpv2.tra_info_bm_sc",
4170 FT_UINT8, BASE_DEC, NULL, 0x01,
4173 { &hf_gtpv2_tra_info_mme_sgw_ss,
4174 {"Session setup","gtpv2.tra_info_mme_sgw_ss",
4175 FT_UINT8, BASE_DEC, NULL, 0x01,
4178 { &hf_gtpv2_tra_info_mme_sgw_sr,
4179 {"Service Request","gtpv2.tra_info_mme_sgw_sr",
4180 FT_UINT8, BASE_DEC, NULL, 0x02,
4183 { &hf_gtpv2_tra_info_mme_sgw_iataud,
4184 {"Initial Attach, Tracking area update, Detach","gtpv2.tra_info_mme_sgw_iataud",
4185 FT_UINT8, BASE_DEC, NULL, 0x04,
4188 { &hf_gtpv2_tra_info_lne_msc_s,
4189 {"MSC-S","gtpv2.tra_info_lne_msc_s",
4190 FT_UINT8, BASE_DEC, NULL, 0x01,
4191 "List of NE Types", HFILL}
4193 { &hf_gtpv2_tra_info_lne_mgw,
4194 {"MGW","gtpv2.tra_info_lne_mgw",
4195 FT_UINT8, BASE_DEC, NULL, 0x02,
4196 "List of NE Types", HFILL}
4198 { &hf_gtpv2_tra_info_lne_sgsn,
4199 {"SGSN","gtpv2.tra_info_lne_sgsn",
4200 FT_UINT8, BASE_DEC, NULL, 0x04,
4201 "List of NE Types", HFILL}
4203 { &hf_gtpv2_tra_info_lne_ggsn,
4204 {"GGSN","gtpv2.tra_info_lne_ggsn",
4205 FT_UINT8, BASE_DEC, NULL, 0x08,
4206 "List of NE Types", HFILL}
4208 { &hf_gtpv2_tra_info_lne_rnc,
4209 {"RNC","gtpv2.tra_info_lne_rnc",
4210 FT_UINT8, BASE_DEC, NULL, 0x10,
4211 "List of NE Types", HFILL}
4213 { &hf_gtpv2_tra_info_lne_bm_sc,
4214 {"BM-SC","gtpv2.tra_info_lne_bm_sc",
4215 FT_UINT8, BASE_DEC, NULL, 0x20,
4216 "List of NE Types", HFILL}
4218 { &hf_gtpv2_tra_info_lne_mme,
4219 {"MME","gtpv2.tra_info_lne_mme",
4220 FT_UINT8, BASE_DEC, NULL, 0x40,
4221 "List of NE Types", HFILL}
4223 { &hf_gtpv2_tra_info_lne_sgw,
4224 {"SGW","gtpv2.tra_info_lne_sgw",
4225 FT_UINT8, BASE_DEC, NULL, 0x80,
4226 "List of NE Types", HFILL}
4228 { &hf_gtpv2_tra_info_lne_pdn_gw,
4229 {"PDN GW","gtpv2.tra_info_lne_pdn_gw",
4230 FT_UINT8, BASE_DEC, NULL, 0x01,
4231 "List of NE Types", HFILL}
4233 { &hf_gtpv2_tra_info_lne_enb,
4234 {"eNB","gtpv2.tra_info_lne_enb",
4235 FT_UINT8, BASE_DEC, NULL, 0x02,
4236 "List of NE Types", HFILL}
4238 { &hf_gtpv2_tra_info_tdl,
4239 {"Trace Depth Length","gtpv2.tra_info_tdl",
4240 FT_UINT8, BASE_DEC, NULL, 0x0,
4243 { &hf_gtpv2_tra_info_lmsc_a,
4244 {"A","gtpv2.tra_info_lmsc_a",
4245 FT_UINT8, BASE_DEC, NULL, 0x01,
4246 "MSC Server", HFILL}
4248 { &hf_gtpv2_tra_info_lmsc_lu,
4249 {"Iu","gtpv2.tra_info_lmsc_lu",
4250 FT_UINT8, BASE_DEC, NULL, 0x02,
4251 "MSC Server", HFILL}
4253 { &hf_gtpv2_tra_info_lmsc_mc,
4254 {"Mc","gtpv2.tra_info_lmsc_mc",
4255 FT_UINT8, BASE_DEC, NULL, 0x04,
4256 "MSC Server", HFILL}
4258 { &hf_gtpv2_tra_info_lmsc_map_g,
4259 {"MAP-G","gtpv2.tra_info_lmsc_map_g",
4260 FT_UINT8, BASE_DEC, NULL, 0x08,
4261 "MSC Server", HFILL}
4263 { &hf_gtpv2_tra_info_lmsc_map_b,
4264 {"MAP-B","gtpv2.tra_info_lmsc_map_b",
4265 FT_UINT8, BASE_DEC, NULL, 0x10,
4266 "MSC Server", HFILL}
4268 { &hf_gtpv2_tra_info_lmsc_map_e,
4269 {"MAP-E","gtpv2.tra_info_lmsc_map_e",
4270 FT_UINT8, BASE_DEC, NULL, 0x20,
4271 "MSC Server", HFILL}
4273 { &hf_gtpv2_tra_info_lmsc_map_f,
4274 {"MAP-F","gtpv2.tra_info_lmsc_map_f",
4275 FT_UINT8, BASE_DEC, NULL, 0x40,
4276 "MSC Server", HFILL}
4278 { &hf_gtpv2_tra_info_lmsc_cap,
4279 {"CAP","gtpv2.tra_info_lmsc_cap",
4280 FT_UINT8, BASE_DEC, NULL, 0x80,
4281 "MSC Server", HFILL}
4283 { &hf_gtpv2_tra_info_lmsc_map_d,
4284 {"MAP-D","gtpv2.tra_info_lmsc_map_d",
4285 FT_UINT8, BASE_DEC, NULL, 0x01,
4286 "MSC Server", HFILL}
4288 { &hf_gtpv2_tra_info_lmsc_map_c,
4289 {"MAP-C","gtpv2.tra_info_lmsc_map_c",
4290 FT_UINT8, BASE_DEC, NULL, 0x02,
4291 "MSC Server", HFILL}
4293 { &hf_gtpv2_tra_info_lmgw_mc,
4294 {"Mc","gtpv2.tra_info_lmgw_mc",
4295 FT_UINT8, BASE_DEC, NULL, 0x01,
4298 { &hf_gtpv2_tra_info_lmgw_nb_up,
4299 {"Nb-UP","gtpv2.tra_info_lmgw_nb_up",
4300 FT_UINT8, BASE_DEC, NULL, 0x2,
4303 { &hf_gtpv2_tra_info_lmgw_lu_up,
4304 {"Iu-UP","gtpv2.tra_info_lmgw_lu_up",
4305 FT_UINT8, BASE_DEC, NULL, 0x04,
4308 { &hf_gtpv2_tra_info_lsgsn_gb,
4309 {"Gb","gtpv2.tra_info_lsgsn_gb",
4310 FT_UINT8, BASE_DEC, NULL, 0x01,
4313 { &hf_gtpv2_tra_info_lsgsn_lu,
4314 {"Iu","gtpv2.tra_info_lsgsn_lu",
4315 FT_UINT8, BASE_DEC, NULL, 0x02,
4318 { &hf_gtpv2_tra_info_lsgsn_gn,
4319 {"Gn","gtpv2.tra_info_lsgsn_gn",
4320 FT_UINT8, BASE_DEC, NULL, 0x04,
4323 { &hf_gtpv2_tra_info_lsgsn_map_gr,
4324 {"MAP-Gr","gtpv2.tra_info_lsgsn_map_gr",
4325 FT_UINT8, BASE_DEC, NULL, 0x08,
4328 { &hf_gtpv2_tra_info_lsgsn_map_gd,
4329 {"MAP-Gd","gtpv2.tra_info_lsgsn_map_gd",
4330 FT_UINT8, BASE_DEC, NULL, 0x10,
4333 { &hf_gtpv2_tra_info_lsgsn_map_gf,
4334 {"MAP-Gf","gtpv2.tra_info_lsgsn_map_gf",
4335 FT_UINT8, BASE_DEC, NULL, 0x20,
4338 { &hf_gtpv2_tra_info_lsgsn_gs,
4339 {"Gs","gtpv2.tra_info_lsgsn_gs",
4340 FT_UINT8, BASE_DEC, NULL, 0x40,
4343 { &hf_gtpv2_tra_info_lsgsn_ge,
4344 {"Ge","gtpv2.tra_info_lsgsn_ge",
4345 FT_UINT8, BASE_DEC, NULL, 0x80,
4348 { &hf_gtpv2_tra_info_lggsn_gn,
4349 {"Gn","gtpv2.tra_info_lggsn_gn",
4350 FT_UINT8, BASE_DEC, NULL, 0x01,
4353 { &hf_gtpv2_tra_info_lggsn_gi,
4354 {"Gi","gtpv2.tra_info_lggsn_gi",
4355 FT_UINT8, BASE_DEC, NULL, 0x02,
4358 { &hf_gtpv2_tra_info_lggsn_gmb,
4359 {"Gmb","gtpv2.tra_info_lggsn_gmb",
4360 FT_UINT8, BASE_DEC, NULL, 0x04,
4363 { &hf_gtpv2_tra_info_lrnc_lu,
4364 {"Iu","gtpv2.tra_info_lrnc_lu",
4365 FT_UINT8, BASE_DEC, NULL, 0x01,
4368 { &hf_gtpv2_tra_info_lrnc_lur,
4369 {"Iur","gtpv2.tra_info_lrnc_lur",
4370 FT_UINT8, BASE_DEC, NULL, 0x02,
4373 { &hf_gtpv2_tra_info_lrnc_lub,
4374 {"Iub","gtpv2.tra_info_lrnc_lub",
4375 FT_UINT8, BASE_DEC, NULL, 0x04,
4378 { &hf_gtpv2_tra_info_lrnc_uu,
4379 {"Uu","gtpv2.tra_info_lrnc_uu",
4380 FT_UINT8, BASE_DEC, NULL, 0x08,
4383 { &hf_gtpv2_tra_info_lbm_sc_gmb,
4384 {"Gmb","gtpv2.tra_info_lbm_sc_gmb",
4385 FT_UINT8, BASE_DEC, NULL, 0x01,
4388 { &hf_gtpv2_tra_info_lmme_s1_mme,
4389 {"S1-MME","gtpv2.tra_info_lmme_s1_mme",
4390 FT_UINT8, BASE_DEC, NULL, 0x01,
4393 { &hf_gtpv2_tra_info_lmme_s3,
4394 {"S3","gtpv2.tra_info_lmme_s3",
4395 FT_UINT8, BASE_DEC, NULL, 0x02,
4398 { &hf_gtpv2_tra_info_lmme_s6a,
4399 {"S6a","gtpv2.tra_info_lmme_s6a",
4400 FT_UINT8, BASE_DEC, NULL, 0x04,
4403 { &hf_gtpv2_tra_info_lmme_s10,
4404 {"S10","gtpv2.tra_info_lmme_s10",
4405 FT_UINT8, BASE_DEC, NULL, 0x08,
4408 { &hf_gtpv2_tra_info_lmme_s11,
4409 {"S11","gtpv2.tra_info_lmme_s11",
4410 FT_UINT8, BASE_DEC, NULL, 0x10,
4413 { &hf_gtpv2_tra_info_lsgw_s4,
4414 {"S4","gtpv2.tra_info_lsgw_s4",
4415 FT_UINT8, BASE_DEC, NULL, 0x01,
4418 { &hf_gtpv2_tra_info_lsgw_s5,
4419 {"S5","gtpv2.tra_info_lsgw_s5",
4420 FT_UINT8, BASE_DEC, NULL, 0x02,
4423 { &hf_gtpv2_tra_info_lsgw_s8b,
4424 {"S8b","gtpv2.tra_info_lsgw_s8b",
4425 FT_UINT8, BASE_DEC, NULL, 0x04,
4428 { &hf_gtpv2_tra_info_lsgw_s11,
4429 {"S11","gtpv2.tra_info_lsgw_s11",
4430 FT_UINT8, BASE_DEC, NULL, 0x08,
4433 { &hf_gtpv2_tra_info_lpdn_gw_s2a,
4434 {"S2a","gtpv2.tra_info_lpdn_gw_s2a",
4435 FT_UINT8, BASE_DEC, NULL, 0x01,
4438 { &hf_gtpv2_tra_info_lpdn_gw_s2b,
4439 {"S2b","gtpv2.tra_info_lpdn_gw_s2b",
4440 FT_UINT8, BASE_DEC, NULL, 0x02,
4443 { &hf_gtpv2_tra_info_lpdn_gw_s2c,
4444 {"S2c","gtpv2.tra_info_lpdn_gw_s2c",
4445 FT_UINT8, BASE_DEC, NULL, 0x04,
4448 { &hf_gtpv2_tra_info_lpdn_gw_s5,
4449 {"S5","gtpv2.tra_info_lpdn_gw_s5",
4450 FT_UINT8, BASE_DEC, NULL, 0x08,
4453 { &hf_gtpv2_tra_info_lpdn_gw_s6c,
4454 {"S6c","gtpv2.tra_info_lpdn_gw_s6c",
4455 FT_UINT8, BASE_DEC, NULL, 0x10,
4458 { &hf_gtpv2_tra_info_lpdn_gw_gx,
4459 {"Gx","gtpv2.tra_info_lpdn_gw_gx",
4460 FT_UINT8, BASE_DEC, NULL, 0x20,
4463 { &hf_gtpv2_tra_info_lpdn_gw_s8b,
4464 {"S8b","gtpv2.tra_info_lpdn_gw_s8b",
4465 FT_UINT8, BASE_DEC, NULL, 0x40,
4468 { &hf_gtpv2_tra_info_lpdn_gw_sgi,
4469 {"SGi","gtpv2.tra_info_lpdn_gw_sgi",
4470 FT_UINT8, BASE_DEC, NULL, 0x80,
4473 { &hf_gtpv2_tra_info_lenb_s1_mme,
4474 {"S1-MME","gtpv2.tra_info_lenb_s1_mme",
4475 FT_UINT8, BASE_DEC, NULL, 0x01,
4478 { &hf_gtpv2_tra_info_lenb_x2,
4479 {"X2","gtpv2.tra_info_lenb_x2",
4480 FT_UINT8, BASE_DEC, NULL, 0x02,
4483 { &hf_gtpv2_tra_info_lenb_uu,
4484 {"Uu","gtpv2.tra_info_lenb_uu",
4485 FT_UINT8, BASE_DEC, NULL, 0x04,
4488 { &hf_gtpv2_pdn_ipv4,
4489 {"PDN Address and Prefix(IPv4)", "gtpv2.pdn_addr_and_prefix.ipv4",
4490 FT_IPv4, BASE_NONE, NULL, 0x0,
4493 { &hf_gtpv2_pdn_ipv6_len,
4494 {"IPv6 Prefix Length", "gtpv2.pdn_ipv6_len",
4495 FT_UINT8, BASE_DEC, NULL, 0x0,
4498 { &hf_gtpv2_pdn_ipv6,
4499 {"PDN Address and Prefix(IPv6)", "gtpv2.pdn_addr_and_prefix.ipv6",
4500 FT_BYTES, BASE_NONE, NULL, 0x0,
4503 {&hf_gtpv2_bearer_qos_pvi,
4504 {"PVI (Pre-emption Vulnerability)", "gtpv2.bearer_qos_pvi",
4505 FT_BOOLEAN, 8, NULL, 0x01,
4508 {&hf_gtpv2_bearer_qos_pl,
4509 {"PL (Priority Level)", "gtpv2.bearer_qos_pl",
4510 FT_UINT8, BASE_DEC, NULL, 0x3c,
4513 {&hf_gtpv2_bearer_qos_pci,
4514 {"PCI (Pre-emption Capability)", "gtpv2.bearer_qos_pci",
4515 FT_BOOLEAN, 8, NULL, 0x40,
4518 {&hf_gtpv2_bearer_qos_label_qci,
4519 {"Label (QCI)", "gtpv2.bearer_qos_label_qci",
4520 FT_UINT8, BASE_DEC, NULL, 0x0,
4523 {&hf_gtpv2_bearer_qos_mbr_up,
4524 {"Maximum Bit Rate For Uplink", "gtpv2.bearer_qos_mbr_up",
4525 FT_UINT64, BASE_DEC, NULL, 0x0,
4528 {&hf_gtpv2_bearer_qos_mbr_down,
4529 {"Maximum Bit Rate For Downlink", "gtpv2.bearer_qos_mbr_down",
4530 FT_UINT64, BASE_DEC, NULL, 0x0,
4533 {&hf_gtpv2_bearer_qos_gbr_up,
4534 {"Guaranteed Bit Rate For Uplink", "gtpv2.bearer_qos_gbr_up",
4535 FT_UINT64, BASE_DEC, NULL, 0x0,
4538 {&hf_gtpv2_bearer_qos_gbr_down,
4539 {"Guaranteed Bit Rate For Downlink", "gtpv2.bearer_qos_gbr_down",
4540 FT_UINT64, BASE_DEC, NULL, 0x0,
4543 {&hf_gtpv2_flow_qos_label_qci,
4544 {"Label (QCI)", "gtpv2.flow_qos_label_qci",
4545 FT_UINT8, BASE_DEC, NULL, 0x0,
4548 {&hf_gtpv2_flow_qos_mbr_up,
4549 {"Maximum Bit Rate For Uplink", "gtpv2.flow_qos_mbr_up",
4550 FT_UINT64, BASE_DEC, NULL, 0x0,
4553 {&hf_gtpv2_flow_qos_mbr_down,
4554 {"Maximum Bit Rate For Downlink", "gtpv2.flow_qos_mbr_down",
4555 FT_UINT64, BASE_DEC, NULL, 0x0,
4558 {&hf_gtpv2_flow_qos_gbr_up,
4559 {"Guaranteed Bit Rate For Uplink", "gtpv2.flow_qos_gbr_up",
4560 FT_UINT64, BASE_DEC, NULL, 0x0,
4563 {&hf_gtpv2_flow_qos_gbr_down,
4564 {"Guaranteed Bit Rate For Downlink", "gtpv2.flow_qos_gbr_down",
4565 FT_UINT64, BASE_DEC, NULL, 0x0,
4568 { &hf_gtpv2_rat_type,
4569 {"RAT Type", "gtpv2.rat_type",
4570 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_rat_type_vals_ext, 0x0,
4573 { &hf_gtpv2_uli_ecgi_flg,
4574 {"ECGI Present Flag)", "gtpv2.uli_ecgi_flg",
4575 FT_BOOLEAN, 8, NULL, GTPv2_ULI_ECGI_MASK,
4578 { &hf_gtpv2_uli_lai_flg,
4579 {"LAI Present Flag)", "gtpv2.uli_lai_flg",
4580 FT_BOOLEAN, 8, NULL, GTPv2_ULI_LAI_MASK,
4583 { &hf_gtpv2_uli_tai_flg,
4584 {"TAI Present Flag)", "gtpv2.uli_tai_flg",
4585 FT_BOOLEAN, 8, NULL, GTPv2_ULI_TAI_MASK,
4588 { &hf_gtpv2_uli_rai_flg,
4589 {"RAI Present Flag)", "gtpv2.uli_rai_flg",
4590 FT_BOOLEAN, 8, NULL, GTPv2_ULI_RAI_MASK,
4593 { &hf_gtpv2_uli_sai_flg,
4594 {"SAI Present Flag)", "gtpv2.uli_sai_flg",
4595 FT_BOOLEAN, 8, NULL, GTPv2_ULI_SAI_MASK,
4598 { &hf_gtpv2_uli_cgi_flg,
4599 {"CGI Present Flag)", "gtpv2.uli_cgi_flg",
4600 FT_BOOLEAN, 8, NULL, GTPv2_ULI_CGI_MASK,
4603 { &hf_gtpv2_uli_cgi_lac,
4604 {"Location Area Code", "gtpv2.uli_cgi_lac",
4605 FT_UINT16, BASE_DEC, NULL, 0x0,
4608 { &hf_gtpv2_uli_cgi_ci,
4609 {"Cell Identity", "gtpv2.uli_cgi_ci",
4610 FT_UINT16, BASE_DEC, NULL, 0x0,
4613 { &hf_gtpv2_uli_sai_lac,
4614 {"Location Area Code", "gtpv2.uli_sai_lac",
4615 FT_UINT16, BASE_DEC, NULL, 0x0,
4618 { &hf_gtpv2_uli_sai_sac,
4619 {"Service Area Code", "gtpv2.uli_sai_sac",
4620 FT_UINT16, BASE_DEC, NULL, 0x0,
4623 { &hf_gtpv2_uli_rai_lac,
4624 {"Location Area Code", "gtpv2.uli_rai_lac",
4625 FT_UINT16, BASE_DEC, NULL, 0x0,
4628 { &hf_gtpv2_uli_rai_rac,
4629 {"Routing Area Code", "gtpv2.uli_rai_rac",
4630 FT_UINT16, BASE_DEC, NULL, 0x0,
4633 { &hf_gtpv2_uli_tai_tac,
4634 {"Tracking Area Code", "gtpv2.uli_tai_tac",
4635 FT_UINT16, BASE_DEC, NULL, 0x0,
4638 {&hf_gtpv2_uli_ecgi_eci,
4639 {"ECI (E-UTRAN Cell Identifier)", "gtpv2.uli_ecgi_eci",
4640 FT_UINT32, BASE_HEX, NULL, 0x0,
4643 {&hf_gtpv2_uli_lai_lac,
4644 {"Location Area Code (LAC)", "gtpv2.uli_lai_lac",
4645 FT_UINT16, BASE_HEX, NULL, 0x0,
4648 {&hf_gtpv2_uli_ecgi_eci_spare,
4649 {"Spare", "gtpv2.uli_ecgi_eci_spare",
4650 FT_UINT8, BASE_DEC, NULL, 0x0,
4654 {"NSAPI", "gtpv2.nsapi",
4655 FT_UINT8, BASE_DEC, NULL, 0x0f,
4658 {&hf_gtpv2_f_teid_v4,
4659 {"V4", "gtpv2.f_teid_v4",
4660 FT_BOOLEAN, 8, TFS(>pv2_f_teid_v4_vals), 0x80,
4663 {&hf_gtpv2_f_teid_v6,
4664 {"V6", "gtpv2.f_teid_v6",
4665 FT_BOOLEAN, 8, TFS(>pv2_f_teid_v6_vals), 0x40,
4668 {&hf_gtpv2_f_teid_interface_type,
4669 {"Interface Type", "gtpv2.f_teid_interface_type",
4670 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_f_teid_interface_type_vals_ext, 0x1f,
4673 {&hf_gtpv2_f_teid_gre_key,
4674 {"TEID/GRE Key", "gtpv2.f_teid_gre_key",
4675 FT_UINT32, BASE_DEC, NULL, 0x0,
4678 { &hf_gtpv2_f_teid_ipv4,
4679 {"F-TEID IPv4", "gtpv2.f_teid_ipv4",
4680 FT_IPv4, BASE_NONE, NULL, 0x0,
4683 { &hf_gtpv2_f_teid_ipv6,
4684 {"F-TEID IPv6", "gtpv2.f_teid_ipv6",
4685 FT_IPv6, BASE_NONE, NULL, 0x0,
4689 {"TMSI", "gtpv2.tmsi",
4690 FT_UINT32, BASE_HEX, NULL, 0x0,
4693 { &hf_gtpv2_hsgw_addr_f_len,
4694 {"HSGW Address for forwarding Length", "gtpv2.hsgw_addr_f_len",
4695 FT_UINT8, BASE_DEC, NULL, 0x0,
4698 { &hf_gtpv2_hsgw_addr_ipv4,
4699 {"HSGW Address for forwarding", "gtpv2.hsgw_addr_ipv4",
4700 FT_IPv4, BASE_NONE, NULL, 0x0,
4703 { &hf_gtpv2_hsgw_addr_ipv6,
4704 {"HSGW Address for forwarding", "gtpv2.hsgw_addr_ipv6",
4705 FT_IPv6, BASE_NONE, NULL, 0x0,
4708 { &hf_gtpv2_gre_key,
4709 {"GRE Key", "gtpv2.gre_key",
4710 FT_UINT32, BASE_DEC, NULL, 0x0,
4713 { &hf_gtpv2_sgw_addr_ipv4,
4714 {"Serving GW Address", "gtpv2.sgw_addr_ipv4",
4715 FT_IPv4, BASE_NONE, NULL, 0x0,
4718 { &hf_gtpv2_sgw_addr_ipv6,
4719 {"Serving GW Address", "gtpv2.sgw_addr_ipv6",
4720 FT_IPv6, BASE_NONE, NULL, 0x0,
4723 { &hf_gtpv2_sgw_s1u_teid,
4724 {"Serving GW S1-U TEID", "gtpv2.sgw_s1u_teid",
4725 FT_UINT32, BASE_HEX, NULL, 0x0,
4728 {&hf_gtpv2_delay_value,
4729 {"Delay Value (In integer multiples of 50 milliseconds or zero)", "gtpv2.delay_value",
4730 FT_UINT8, BASE_DEC, NULL, 0x0,
4733 {&hf_gtpv2_charging_id,
4734 {"Charging id", "gtpv2.charging_id",
4735 FT_UINT32, BASE_DEC, NULL, 0x0,
4738 {&hf_gtpv2_charging_characteristic,
4739 {"Charging Characteristic", "gtpv2.charging_characteristic",
4740 FT_UINT16, BASE_HEX, NULL, 0xffff,
4743 {&hf_gtpv2_bearer_flag_ppc,
4744 {"PPC (Prohibit Payload Compression)", "gtpv2.bearer_flag.ppc",
4745 FT_BOOLEAN, 8, NULL, 0x01,
4748 {&hf_gtpv2_bearer_flag_vb,
4749 {"VB (Voice Bearer)", "gtpv2.bearer_flag.vb",
4750 FT_BOOLEAN, 8, NULL, 0x02,
4754 {"Procedure Transaction Id", "gtpv2.pti",
4755 FT_UINT8, BASE_DEC, NULL, 0x0,
4759 { &hf_gtpv2_mm_context_sm,
4760 {"Security Mode", "gtpv2.mm_context_sm",
4761 FT_UINT8, BASE_DEC, VALS(gtpv2_mm_context_security_mode), 0xe0,
4764 { &hf_gtpv2_mm_context_nhi,
4765 {"NHI(Next Hop Indicator)", "gtpv2.mm_context_nhi",
4766 FT_BOOLEAN, 8, TFS(>pv2_nhi_vals), 0x10,
4769 { &hf_gtpv2_mm_context_drxi,
4770 {"DRXI", "gtpv2.mm_context_drxi",
4771 FT_UINT8, BASE_DEC, NULL, 0x08,
4774 { &hf_gtpv2_mm_context_cksn,
4775 {"CKSN", "gtpv2.mm_context_cksn",
4776 FT_UINT8, BASE_DEC, NULL, 0x07,
4779 { &hf_gtpv2_mm_context_cksn_ksi,
4780 {"CKSN/KSI", "gtpv2.mm_context_cksn_ksi",
4781 FT_UINT8, BASE_DEC, NULL, 0x07,
4784 { &hf_gtpv2_mm_context_ksi_a,
4785 {"KSI_asme", "gtpv2.mm_context_ksi_a",
4786 FT_UINT8, BASE_DEC, NULL, 0x07,
4789 { &hf_gtpv2_mm_context_nr_tri,
4790 {"Number of Triplet", "gtpv2.mm_context_nr_tri",
4791 FT_UINT8, BASE_DEC, NULL, 0xe0,
4794 { &hf_gtpv2_mm_context_unipa,
4795 {"Used NAS integrity protection algorithm", "gtpv2.mm_context_unipa",
4796 FT_UINT8, BASE_DEC, VALS(gtpv2_mm_context_unipa_vals), 0x70,
4800 { &hf_gtpv2_mm_context_unc,
4801 {"Used NAS Cipher", "gtpv2.mm_context_unc",
4802 FT_UINT8, BASE_DEC, VALS(gtpv2_mm_context_unc_vals), 0x0f,
4805 { &hf_gtpv2_mm_context_nas_dl_cnt,
4806 {"NAS Downlink Count", "gtpv2.mm_context_nas_dl_cnt",
4807 FT_UINT24, BASE_DEC, NULL, 0x0,
4810 { &hf_gtpv2_mm_context_nas_ul_cnt,
4811 {"NAS Uplink Count", "gtpv2.mm_context_nas_ul_cnt",
4812 FT_UINT24, BASE_DEC, NULL, 0x0,
4816 { &hf_gtpv2_mm_context_ksi,
4817 {"KSI", "gtpv2.mm_context_ksi",
4818 FT_UINT8, BASE_DEC, NULL, 0x07,
4821 { &hf_gtpv2_mm_context_nr_qui,
4822 {"Number of Quintuplets", "gtpv2.mm_context_nr_qui",
4823 FT_UINT8, BASE_DEC, NULL, 0xe0,
4827 { &hf_gtpv2_mm_context_nr_qua,
4828 {"Number of Quadruplet", "gtpv2.mm_context_nr_qua",
4829 FT_UINT8, BASE_DEC, NULL, 0x1c,
4832 {&hf_gtpv2_ue_time_zone_dst,
4833 {"Daylight Saving Time","gtpv2.ue_time_zone_dst",
4834 FT_UINT8, BASE_DEC, VALS(gtpv2_ue_time_zone_dst_vals),0x03,
4837 { &hf_gtpv2_fq_csid_type,
4838 {"Node-ID Type", "gtpv2.fq_csid_type",
4839 FT_UINT8, BASE_DEC, NULL, 0xf0,
4842 { &hf_gtpv2_fq_csid_nr,
4843 {"Number of CSIDs", "gtpv2.fq_csid_nr",
4844 FT_UINT8, BASE_DEC, NULL, 0x0f,
4847 { &hf_gtpv2_fq_csid_ipv4,
4848 {"Node-ID (IPv4)", "gtpv2.fq_csid_ipv4",
4849 FT_IPv4, BASE_NONE, NULL, 0x0,
4852 { &hf_gtpv2_fq_csid_ipv6,
4853 {"Node-ID (IPv6)", "gtpv2.fq_csid_ipv6",
4854 FT_IPv6, BASE_NONE, NULL, 0x0,
4857 { &hf_gtpv2_fq_csid_id,
4858 {"CSID", "gtpv2.fq_csid_id",
4859 FT_UINT16, BASE_DEC, NULL, 0x0,
4862 { &hf_gtpv2_complete_req_msg_type,
4863 {"Complete Request Message Type","gtpv2.complete_req_msg_type",
4864 FT_UINT8, BASE_DEC, VALS(gtpv2_complete_req_msg_type_vals),0x0,
4867 {&hf_gtpv2_mme_grp_id,
4868 {"MME Group ID","gtpv2.mme_grp_id",
4869 FT_UINT16, BASE_DEC, NULL,0x0,
4872 { &hf_gtpv2_mme_code,
4873 {"MME Code","gtpv2.mme_code",
4874 FT_UINT8, BASE_DEC, NULL,0x0,
4878 {"M-TMSI","gtpv2.m_tmsi",
4879 FT_BYTES, BASE_NONE, NULL,0x0,
4882 { &hf_gtpv2_container_type,
4883 {"Container Type","gtpv2.container_type",
4884 FT_UINT8, BASE_DEC, VALS(gtpv2_container_type_vals),0x0f,
4887 { &hf_gtpv2_cause_type,
4888 {"Cause Type","gtpv2.cause_type",
4889 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_cause_type_vals_ext,0x0f,
4892 { &hf_gtpv2_CauseRadioNetwork,
4893 {"Radio Network Layer Cause","gtpv2.CauseRadioNetwork",
4894 FT_UINT8, BASE_DEC, VALS(s1ap_CauseRadioNetwork_vals),0x0,
4897 { &hf_gtpv2_CauseTransport,
4898 {"Transport Layer Cause","gtpv2.CauseTransport",
4899 FT_UINT8, BASE_DEC, VALS(s1ap_CauseTransport_vals),0x0,
4902 { &hf_gtpv2_CauseNas,
4903 {"NAS Cause","gtpv2.CauseNas",
4904 FT_UINT8, BASE_DEC, VALS(s1ap_CauseNas_vals),0x0,
4907 { &hf_gtpv2_CauseMisc,
4908 {"Miscellaneous Cause","gtpv2.CauseMisc",
4909 FT_UINT8, BASE_DEC, VALS(s1ap_CauseMisc_vals),0x0,
4912 { &hf_gtpv2_target_type,
4913 {"Target Type","gtpv2.target_type",
4914 FT_UINT8, BASE_DEC|BASE_EXT_STRING, >pv2_target_type_vals_ext,0x0,
4917 {&hf_gtpv2_macro_enodeb_id,
4918 {"Macro eNodeB ID","gtpv2.macro_enodeb_id",
4919 FT_UINT24, BASE_HEX, NULL,0x0fffff,
4922 { &hf_gtpv2_CauseProtocol,
4923 {"Protocol Cause","gtpv2.CauseProtocol",
4924 FT_UINT8, BASE_DEC, VALS(s1ap_CauseProtocol_vals),0x0,
4927 {&hf_gtpv2_apn_rest,
4928 {"APN Restriction", "gtpv2.apn_rest",
4929 FT_UINT8, BASE_DEC, NULL, 0x0,
4932 {&hf_gtpv2_selec_mode,
4933 {"Selection Mode","gtpv2.selec_mode",
4934 FT_UINT8, BASE_DEC, VALS(gtpv2_selec_mode_vals),0x03,
4937 { &hf_gtpv2_source_type,
4938 {"Source Type", "gtpv2.source_type",
4939 FT_UINT8, BASE_DEC, NULL, 0x0,
4942 {&hf_gtpv2_bearer_control_mode,
4943 {"Bearer Control Mode","gtpv2.bearer_control_mode",
4944 FT_UINT8, BASE_DEC, VALS(gtpv2_bearer_control_mode_vals),0x0,
4947 { &hf_gtpv2_cng_rep_act,
4948 {"Change Reporting Action", "gtpv2.cng_rep_act",
4949 FT_UINT8, BASE_DEC, VALS(gtpv2_cng_rep_act_vals), 0x0,
4952 { &hf_gtpv2_node_type,
4953 {"Node Type", "gtpv2.node_type",
4954 FT_UINT8, BASE_DEC, VALS(gtpv2_node_type_vals), 0x0,
4958 {"FQDN", "gtpv2.fqdn",
4959 FT_STRING, BASE_NONE, NULL, 0x0,
4962 { &hf_gtpv2_enterprise_id,
4963 {"Enterprise ID", "gtpv2.enterprise_id",
4964 FT_UINT16, BASE_DEC|BASE_EXT_STRING, &sminmpec_values_ext, 0x0,
4967 { &hf_gtpv2_address_digits,
4968 { "Address digits", "gtpv2.address_digits",
4969 FT_STRING, BASE_NONE, NULL, 0,
4973 {"Transaction Identifier", "gtpv2.ti",
4974 FT_BYTES, BASE_NONE, NULL, 0x0,
4980 static gint *ett_gtpv2_array[] = {
4984 &ett_gtpv2_uli_flags,
4985 &ett_gtpv2_uli_field,
4986 &ett_gtpv2_bearer_ctx,
4987 &ett_gtpv2_PDN_conn,
4988 &ett_gtpv2_mm_context_flag,
4989 &ett_gtpv2_pdn_numbers_nsapi,
4990 &ett_gtpv2_tra_info_trigg,
4991 &ett_gtpv2_tra_info_trigg_msc_server,
4992 &ett_gtpv2_tra_info_trigg_mgw,
4993 &ett_gtpv2_tra_info_trigg_sgsn,
4994 &ett_gtpv2_tra_info_trigg_ggsn,
4995 &ett_gtpv2_tra_info_trigg_bm_sc,
4996 &ett_gtpv2_tra_info_trigg_sgw_mme,
4997 &ett_gtpv2_tra_info_interfaces,
4998 &ett_gtpv2_tra_info_interfaces_imsc_server,
4999 &ett_gtpv2_tra_info_interfaces_lmgw,
5000 &ett_gtpv2_tra_info_interfaces_lsgsn,
5001 &ett_gtpv2_tra_info_interfaces_lggsn,
5002 &ett_gtpv2_tra_info_interfaces_lrnc,
5003 &ett_gtpv2_tra_info_interfaces_lbm_sc,
5004 &ett_gtpv2_tra_info_interfaces_lmme,
5005 &ett_gtpv2_tra_info_interfaces_lsgw,
5006 &ett_gtpv2_tra_info_interfaces_lpdn_gw,
5007 &ett_gtpv2_tra_info_interfaces_lpdn_lenb,
5008 &ett_gtpv2_tra_info_ne_types,
5012 &ett_gtpv2_supp_codec_list,
5015 proto_gtpv2 = proto_register_protocol("GPRS Tunneling Protocol V2", "GTPv2", "gtpv2");
5016 proto_register_field_array(proto_gtpv2, hf_gtpv2, array_length(hf_gtpv2));
5017 proto_register_subtree_array(ett_gtpv2_array, array_length(ett_gtpv2_array));
5018 /* AVP Code: 22 3GPP-User-Location-Info */
5019 dissector_add_uint("diameter.3gpp", 22, new_create_dissector_handle(dissect_diameter_3gpp_uli, proto_gtpv2));
5021 register_dissector("gtpv2", dissect_gtpv2, proto_gtpv2);
5025 proto_reg_handoff_gtpv2(void)
5027 nas_eps_handle = find_dissector("nas-eps");
5036 * indent-tabs-mode: nil
5039 * ex: set shiftwidth=4 tabstop=8 expandtab
5040 * :indentSize=4:tabSize=8:noTabs=true:
git.samba.org / obnox / wireshark / wip.git / blob