ProtocolTracing » History » Version 7
laforge, 11/16/2016 05:00 PM
1 | 7 | laforge | {{>toc}} |
---|---|---|---|
2 | 1 | ||
3 | 6 | laforge | |
4 | 5 | laforge | h1. PCAP and protocol analysis |
5 | |||
6 | 7 | laforge | You can take protocol traces of the communication bewtwween OpenBSC and your BTS. This includes the signalling between BTS and BSC, |
7 | but also includes the sognalling with all the subscribers/phones currently using the OpenBSC instance. |
||
8 | 5 | laforge | |
9 | 2 | laforge | pcap is a data format for captured packets of communication protocols. It is used by a library called libpcap, which in turn is |
10 | used by popular network protocol analyzer projects such as tcpdump and wireshark. |
||
11 | |||
12 | In the Ethernet/Internet world, you typically capture packets from your ethernet card using RAW sockets and promiscuous mode. |
||
13 | |||
14 | 1 | With GSM protocols such as A-bis, it is obviously not that simple - since they are at least traditionally not transported over IP. |
|
15 | |||
16 | |||
17 | h1. Recording and viewing A-bis communication |
||
18 | |||
19 | |||
20 | 5 | laforge | h2. Recording |
21 | 1 | ||
22 | 7 | laforge | h3. Method 1: Using tcpdump |
23 | 1 | ||
24 | 7 | laforge | If you're using an _A-bis over IP_ based BTS such as any [[OsmoBTS:]] based BTS or the [nanoBTS], then you can use a regular tool like |
25 | @tcpdump@ to create a pcap file |
||
26 | <pre> |
||
27 | tcpdump -ni eth0 -s 0 -w networking.pcap |
||
28 | </pre> |
||
29 | where _eth0_ is the name of the network device connected to the same network as the nanoBTS. |
||
30 | 5 | laforge | |
31 | 1 | ||
32 | 7 | laforge | h3. Method 2: [[osmo-nitb]] PCAP option (obsolete) |
33 | 1 | ||
34 | 7 | laforge | The [[osmo-nitb]] application inside openbsc provides a command line option to automatically create a PCAP file. |
35 | |||
36 | This method is the standard method when using any E1/T1 based A-bis interface, such as mISDN or DAHDI. |
||
37 | |||
38 | If you're using the kernel-based mISDN LAPD implementation, the resulting dump is only a subset of what is actually transmitted over the wire. Currently only Link Access Protol D-Channel (LAPD) messages are logged, the actual LAPD header is spoofed and only the TEI and SAPI information is valid. This is mostly due mISDN not providing us with a LAPD header/frame and the encapsulation we use for wiretap/pcap. |
||
39 | |||
40 | For the libosmocore based userspace LAPD implementation (always for DAHDI, in mISDN optional), you will see the full LAPD header. |
||
41 | |||
42 | 5 | laforge | To write the protocol dump simply invoke [[osmo-nitb]]: |
43 | 1 | <pre> |
|
44 | ./osmo-nitb -p networking.pcap |
||
45 | 5 | laforge | </pre> |
46 | |||
47 | 7 | laforge | h3. Method 3: Using misdn_log |
48 | 1 | ||
49 | 5 | laforge | This is the preferred method in case you are using the mISDN input driver for [[OpenBSC]], e.g. with a BS-11 BTS. |
50 | 1 | ||
51 | 5 | laforge | In order to obtain a A-bis capture and save it in a pcap file, please use the _misdn_log_ tool (part of mISDNuser) |
52 | 6 | laforge | the following way: |
53 | 1 | <pre> |
|
54 | 5 | laforge | misdn_log -c0 -w networking.pcap |
55 | 1 | </pre> |
|
56 | 5 | laforge | Please make sure to *first start [[osmo-nitb]]* and only then start _misdn_log_ |
57 | |||
58 | 2 | laforge | |
59 | 3 | laforge | |
60 | 5 | laforge | h2. Viewing |
61 | |||
62 | |||
63 | 2 | laforge | Wireshark already provides dissectors for the various protocols we use (LAPD, RSL, GSM-A, GSM-SMS...). The LAPD protocol dissector needs some minor configuration though. Go to Edit -> Preferences -> Protocols -> LAPD and check the checkbox saying "Use GSM Sapi Values". Afterwards wireshark will be able to display a lot of the A-bis protocol. There are some glitches in the protocol analysis, some missing features and dissection of OML is completely missing. |
64 | 1 | ||
65 | 5 | laforge | Also, only the most recent wireshark development versions contain a dissector for the _ip.access A-bis over IP protocol_. |
66 | 2 | laforge | We recommend you to build wireshark from the latest source code, or alternatively apply the patch that is found in the wireshark |
67 | directory of our git repository. |
||
68 | |||
69 | |||
70 | 5 | laforge | h3. A-bis OML dissector |
71 | |||
72 | |||
73 | To add a dissector for the GSM 12.21 A-bis Organization and Maintenance Layer (OML), you can use the _abis_oml.patch_ file |
||
74 | 2 | laforge | from the wireshark directory of our git repository. This will be submitted for inclusion into wireshark soon. |
75 | 1 | ||
76 | 5 | laforge | |
77 | h2. Dumps for you |
||
78 | |||
79 | 1 | ||
80 | Here are some dumps that might be useful. Make sure that you only provide data from your own network and equipment (no IMSI/IMEI you do not know...) |