APCO Project 25 Common Air Interface (P25)

APCO Project 25 is the digital communications standard used by many police and emergency services throughout the world. Most notably the US, Canada and Australia deploy systems based on P25. Compared to existing analogue systems P25 offers improved spectrum use, coverage and flexibility. Provision is made to ensure the confidentiality of traffic, to allow the use of trunking and the provision of data in addition to voice services.

History

XXX - add a brief description of PROTO history

Protocol dependencies

• UDP: There is a protocol for transporting P25 packets over UDP. It appears that this usually uses UDP port 23456.

Example traffic

XXX - Add example decoded traffic for this protocol here (as plain text or Wireshark screenshot).

Wireshark

Wireshark does not natively have a P25 dissector but one has been developed by others. The source code is available here; there is also a wik about it.

Preference Settings

(XXX add links to preference settings affecting how PROTO is dissected).

Example capture file

XXX - Add a simple example capture file to the SampleCaptures page and link from here (see below).

Display Filter

XXX

Capture Filter

You cannot directly filter P25 protocols while capturing. However, if you know the UDP port used (see above), you can filter on that one.

Capture only the P25 traffic over the default port (23456):

 udp port 23456 

External links

• P25 dissector source code

• P25 wiki

Discussion

The osmocom.org Wiki discusses hardware to natively capture P25 packets; perhaps getting a LINKTYPE_/DLT_ value, and adding a libpcap module to talk to that hardware, might be useful (it'd let you capture P25 traffic inside tcpdump, TShark, and Wireshark).

Imported from https://wiki.wireshark.org/P25 on 2020-08-11 23:17:45 UTC