1. for ranap, need adding the following headers (2 pcap data examples)
sctp data chunk
0000 00 03 00 98 00 00 00 00 00 00 00 00 00 00 00 02
0000 00 03 00 54 00 00 00 00 00 00 00 00 00 00 00 02
98 = all data length (sctp + m3 + m2 + sccp)
88 = m3 + m2 + sccp
80 = m3 + m2 + sccp - m3 header (01 00 06 01 00 00 00 88)
m2ua
0000 01 00 06 01 00 00 00 88 03 00 00 80
0000 01 00 06 01 00 00 00 44 03 00 00 3c
mtp3
0000 83 09 88 04 04
0000 83 09 88 04 04
sccp
0000 09 00 03 07 0b 04 43 09 08 8e 04 43 12 10 8e 67
0000 09 00 03 07 0b 04 43 09 08 8e 04 43 12 10 8e 23
2. for map/tcap, need to add the following headers,
sctp data chunk
0000 00 03 00 84 00 00 00 00 00 00 00 00 00 00 00 02
0000 00 03 00 a8 00 00 00 00 00 00 00 00 00 00 00 02
m2ua
0000 01 00 06 01 00 00 00 74 03 00 00 6c
0000 01 00 06 01 00 00 00 98 03 00 00 8d
mtp3
0000 83 09 88 04 04
0000 83 09 88 04 04
sccp
0000 09 00 03 07 0b 04 43 09 08 08 04 43 12 10 06 53
0000 09 00 03 07 0b 04 43 09 08 08 04 43 12 10 06 74
3. then use cmd 'text2pcap -s 2904,2904,0 -o hex a a.pcap' to generate the pcap from with the RANAP/TCAP data.