Hi Cristian, It's been a (long) while but from what I remember, it was basically unheard of to not have SSNs in the Called/Calling party addresses. Pretty much everything (that I remember) was set up with this assumption in place. This includes the user table which, as you noticed, requires the SSN.
I would think that once TCAP is decoded (with the default payload set) then the MAP parts should be decoded too. That might be worth a bug report if you can share a sample PCAP. Regards, -Jeff On Mon, Dec 29, 2025 at 6:24 AM Cristian Constantin via Wireshark-dev < [email protected]> wrote: > Hi, > > It looks like Wireshark has some problems decoding TCAP/MAP payloads > of SCCP UDTs when there is no SSN in the CgPA, CdPA... > > What I have tried... > > 1. "Decode as..."; however, for SCCP payloads this works only on some > specific SSN. And SSN is not present in the CgPA, CdPA... > 2. Preferences/Protocols/SCCP/User Table; again SSN is explicitly > required. Is it possible to configure it _without_ an explicit SSN > (based on the PC, NI aso?) > 3. Preferences/Protocols/SCCP/Default Payload: TCAP. This one works > for _most_ of the TCAP/MAP payloads. However there are SCCP UDTs for > which Wireshark is decoding only the TCAP information (i.e. Continue, > End, the tids aso) but it cannot decode the MAP component. Any idea > why? > > Version information: > Version 4.6.2. on Linux/Ubuntu 22.04 > > Thanks a lot, > Cristian > _______________________________________________ > Wireshark-dev mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ Wireshark-dev mailing list -- [email protected] To unsubscribe send an email to [email protected]
