Difference between revisions of "Wireshark monitoring traffic inside YateBTS"

From YateBTS
Jump to: navigation, search
("TAP" is wrong in mbts config commands.)
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
  
Traffic can be captured/analized with Wireshark in YateBTS when using '''GSM roaming''' or '''GSM dataroam''' working modes.
+
GSM/GPRS radio traffic can be captured/analyzed with Wireshark in YateBTS. When using '''GSM roaming''' or '''GSM dataroam''' working modes it is also possible to capture core network traffic.
  
Do do so:
+
==Enable capturing of GSM L3 frames==
* Enable GSMTAP.GSM capture from the Yate rmanager  
+
 
 +
GSMTAP.GSM will capture '''GSM Layer 3 frames'''.<br/>
 +
Enable GSMTAP.GSM capture from the Yate rmanager:
 
  >> telnet 0 5037
 
  >> telnet 0 5037
  mbts config TAP Control.GSMTAP.GSM on  
+
  mbts config Control.GSMTAP.GSM on
  
GSMTAP.GSM will capture '''SIP and RTP packages'''.
+
==Enable capturing of GPRS L3 and RLC==
  
* Enable GSMTAP.GPRS capture from the Yate rmanager  
+
GSMTAP.GPRS will capture '''GPRS frames'''.<br/>
 +
Enable GSMTAP.GPRS capture from the Yate rmanager:
  
 
  >> telnet 0 5037
 
  >> telnet 0 5037
  mbts config TAP Control.GSMTAP.GPRS on  
+
  mbts config Control.GSMTAP.GPRS on
  
GSMTAP.GPRS will capture '''GTP-C and GTP-U packages'''.
+
==Checking if GSMTAP is enabled==
  
* To check if GSMTAP is enabled type '''mbts config TAP''' in Yate rmanager.
+
To check if GSMTAP is enabled type '''mbts config TAP''' in Yate rmanager.
 
<pre>
 
<pre>
 +
>> telnet 0 5037
 
yate-sdr@ybts-UNCONFIG> mbts config TAP  
 
yate-sdr@ybts-UNCONFIG> mbts config TAP  
 
Control.GSMTAP.GPRS on
 
Control.GSMTAP.GPRS on
Line 25: Line 29:
 
</pre>
 
</pre>
  
* To capture traffic use:
+
==Capturing radio traffic==
  >> tcpdump: '''tcpdump -i any udp port 4729 -w GSMTAP-yatebts.pcap'''  
+
 
+
To capture traffic use '''tcpdump''' or '''Wireshark''' (already installed on the LatKit/SatSite) by adding a custom filter: '''udp port 4729'''.
Or Wireshark (already installed on the LatKit/SatSite) by adding a custom filter: '''udp port 4729'''.
+
 
 +
  Command for tcpdump:
 +
>> '''tcpdump -i any udp port 4729 -w GSMTAP-yatebts.pcap'''
 +
 
 +
==Capturing SIP and RTP packets==
 +
Since RTP is dynamic you need to capture all UDP ports. In dataroam mode this will also capture data (GTP) traffic:
 +
>> '''tcpdump -i any udp -w UDP-yatebts.pcap'''
 +
 
 +
If you want to capture just SIP without actual voice:
 +
>> '''tcpdump -i any udp port 5060 -w SIP-yatebts.pcap'''
 +
 
 +
==Capturing GTP packets==
 +
In '''GSM dataroam''' mode YateBTS talks GTP v1 to the SGSN in YateUCN core.
 +
 
 +
To capture just GTP:
 +
>> '''tcpdump -i any udp port 2123 or udp port 2152 -w GTP-yatebts.pcap'''

Latest revision as of 15:34, 19 January 2018

GSM/GPRS radio traffic can be captured/analyzed with Wireshark in YateBTS. When using GSM roaming or GSM dataroam working modes it is also possible to capture core network traffic.

Enable capturing of GSM L3 frames

GSMTAP.GSM will capture GSM Layer 3 frames.
Enable GSMTAP.GSM capture from the Yate rmanager:

>> telnet 0 5037
mbts config Control.GSMTAP.GSM on

Enable capturing of GPRS L3 and RLC

GSMTAP.GPRS will capture GPRS frames.
Enable GSMTAP.GPRS capture from the Yate rmanager:

>> telnet 0 5037
mbts config Control.GSMTAP.GPRS on

Checking if GSMTAP is enabled

To check if GSMTAP is enabled type mbts config TAP in Yate rmanager.

>> telnet 0 5037
yate-sdr@ybts-UNCONFIG> mbts config TAP 
Control.GSMTAP.GPRS on
Control.GSMTAP.GSM on
Control.GSMTAP.TargetIP 127.0.0.1     [default]
yate-sdr@ybts-UNCONFIG> 

Capturing radio traffic

To capture traffic use tcpdump or Wireshark (already installed on the LatKit/SatSite) by adding a custom filter: udp port 4729.

Command for tcpdump:
>> tcpdump -i any udp port 4729 -w GSMTAP-yatebts.pcap

Capturing SIP and RTP packets

Since RTP is dynamic you need to capture all UDP ports. In dataroam mode this will also capture data (GTP) traffic:

>> tcpdump -i any udp -w UDP-yatebts.pcap

If you want to capture just SIP without actual voice:

>> tcpdump -i any udp port 5060 -w SIP-yatebts.pcap

Capturing GTP packets

In GSM dataroam mode YateBTS talks GTP v1 to the SGSN in YateUCN core.

To capture just GTP:

>> tcpdump -i any udp port 2123 or udp port 2152 -w GTP-yatebts.pcap