Wireshark monitoring traffic inside YateBTS

From YateBTS
Jump to: navigation, search

GSM/GPRS radio traffic can be captured/analyzed with Wireshark in YateBTS. When using GSM roaming or GSM dataroam working modes it is also possible to capture core network traffic.

Enable capturing of GSM L3 frames

GSMTAP.GSM will capture GSM Layer 3 frames.
Enable GSMTAP.GSM capture from the Yate rmanager:

>> telnet 0 5037
mbts config Control.GSMTAP.GSM on

Enable capturing of GPRS L3 and RLC

GSMTAP.GPRS will capture GPRS frames.
Enable GSMTAP.GPRS capture from the Yate rmanager:

>> telnet 0 5037
mbts config Control.GSMTAP.GPRS on

Checking if GSMTAP is enabled

To check if GSMTAP is enabled type mbts config TAP in Yate rmanager.

>> telnet 0 5037
yate-sdr@ybts-UNCONFIG> mbts config TAP 
Control.GSMTAP.GPRS on
Control.GSMTAP.GSM on
Control.GSMTAP.TargetIP 127.0.0.1     [default]
yate-sdr@ybts-UNCONFIG> 

Capturing radio traffic

To capture traffic use tcpdump or Wireshark (already installed on the LatKit/SatSite) by adding a custom filter: udp port 4729.

Command for tcpdump:
>> tcpdump -i any udp port 4729 -w GSMTAP-yatebts.pcap

Capturing SIP and RTP packets

Since RTP is dynamic you need to capture all UDP ports. In dataroam mode this will also capture data (GTP) traffic:

>> tcpdump -i any udp -w UDP-yatebts.pcap

If you want to capture just SIP without actual voice:

>> tcpdump -i any udp port 5060 -w SIP-yatebts.pcap

Capturing GTP packets

In GSM dataroam mode YateBTS talks GTP v1 to the SGSN in YateUCN core.

To capture just GTP:

>> tcpdump -i any udp port 2123 or udp port 2152 -w GTP-yatebts.pcap