def parse_diag_ext_msg(self, pkt, radio_id):
# 79 | 00 | 00 | 00 | 00 00 1c fc 0f 16 e4 00 | e6 04 | 94 13 | 02 00 00 00
# cmd_code, ts_type, num_args, drop_cnt, TS, Line number, Message subsystem ID, ?
# Message: two null-terminated strings, one for log and another for filename
xdm_hdr = pkt[0:20]
xdm_hdr = struct.unpack('<BBBBQHHL', xdm_hdr)
pkt_ts = util.parse_qxdm_ts(xdm_hdr[4])
pkt_body = pkt[20 + 4 * xdm_hdr[2]:]
pkt_body = pkt_body.rstrip(b'\0').rsplit(b'\0', maxsplit=1)
if len(pkt_body) == 2:
src_fname = pkt_body[1]
log_content = pkt_body[0]
else:
src_fname = b''
log_content = pkt_body[0]
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp=pkt_ts,
subsys_name=str(xdm_hdr[6]).encode('utf-8'),
filename=src_fname,
line_number=xdm_hdr[5])
gsmtap_hdr = util.create_gsmtap_header(
version=2, payload_type=util.gsmtap_type.OSMOCORE_LOG)
self.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content,
radio_id, pkt_ts)
def parse_event_lte_rrc_ul_msg(self, radio_id, ts, arg1, arg2):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp=ts,
process_name=b'Event',
pid=1610,
)
gsmtap_hdr = util.create_gsmtap_header(
version=2, payload_type=util.gsmtap_type.OSMOCORE_LOG)
channel_ul_map = {5: "CCCH", 6: "DCCH"}
message_type_map = {
0x01: "RRCConnectionRequest",
0x84: "RRCConnectionSetupComplete",
0x89: "ULInformationTransfer",
}
if arg1 in channel_ul_map.keys():
channel = channel_ul_map[arg1]
else:
channel = "Unknown"
if arg2 in message_type_map.keys():
message_type = message_type_map[arg2]
else:
message_type = "Unknown ({:2x})".format(arg2)
log_content = "LTE_RRC_UL_MSG: channel={}, message_type={}".format(
channel, message_type).encode('utf-8')
self.parent.writer.write_cp(
gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_gprs_mac(self, pkt_ts, pkt, radio_id):
self.parent.logger.log(logging.WARNING,
"Unhandled XDM Header 0x5226: GPRS MAC Packet")
chan_type_dir = pkt[0]
msg_type = pkt[1]
msg_len = pkt[2]
l3_message = pkt[3:]
payload_type = util.gsmtap_type.UM
if len(l3_message) > msg_len:
l3_message = l3_message[0:msg_len]
arfcn = self.parent.gsm_last_arfcn[self.parent.sanitize_radio_id(
radio_id)]
# 0x80: downlink
if (chan_type_dir & 0x80) == 0x00:
arfcn = arfcn | (1 << 14)
chan = chan_type_dir & 0x7F
# 3: PACCH, 4: Unknown
channel_type = chan
ts_sec = calendar.timegm(pkt_ts.timetuple())
ts_usec = pkt_ts.microsecond
gsmtap_hdr = util.create_gsmtap_header(version=3,
payload_type=payload_type,
arfcn=arfcn,
sub_type=channel_type,
device_sec=ts_sec,
device_usec=ts_usec)
def parse_event_lte_rrc_state_change(self, radio_id, ts, arg1):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp=ts,
process_name=b'Event',
pid=1606,
)
gsmtap_hdr = util.create_gsmtap_header(
version=2, payload_type=util.gsmtap_type.OSMOCORE_LOG)
rrc_state_map = {
1: "RRC_IDLE_NOT_CAMPED",
2: "RRC_IDLE_CAMPED",
3: "RRC_CONNECTING",
4: "RRC_CONNECTED",
7: "RRC_CLOSING",
}
if arg1 in rrc_state_map.keys():
rrc_state = rrc_state_map[arg1]
else:
rrc_state = "{:02x}".format(arg1)
log_content = "LTE_RRC_STATE_CHANGE: rrc_state={}".format(
rrc_state).encode('utf-8')
self.parent.writer.write_cp(
gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_sim(self, pkt_ts, pkt, radio_id, sim_id):
ts_sec = calendar.timegm(pkt_ts.timetuple())
ts_usec = pkt_ts.microsecond
msg_content = pkt
# msg[0]: length
pos = 1
rx_buf = b''
tx_buf = b''
while pos < len(msg_content):
if msg_content[pos] == 0x10:
# 0x10: TX (to SIM)
tx_buf += bytes([msg_content[pos + 1]])
pos += 2
elif msg_content[pos] == 0x80:
# 0x80: RX (from SIM)
rx_buf += bytes([msg_content[pos + 1]])
pos += 2
elif msg_content[pos] == 0x01:
# 0x01: Timestamp
pos += 9
else:
self.parent.logger.log(
logging.WARNING,
'Not handling unknown type 0x%02x' % msg_content[pos])
break
gsmtap_hdr = util.create_gsmtap_header(
version=2, payload_type=util.gsmtap_type.SIM)
if len(self.last_tx[sim_id]) == 0:
if len(tx_buf) > 0:
self.last_tx[sim_id] = tx_buf
return
else:
self.parent.writer.write_cp(gsmtap_hdr + rx_buf, radio_id,
pkt_ts)
elif len(self.last_tx[sim_id]) > 0:
if len(rx_buf) > 0:
self.parent.writer.write_cp(
gsmtap_hdr + self.last_tx[sim_id] + rx_buf, radio_id,
pkt_ts)
self.last_tx[sim_id] = b''
return
else:
self.parent.writer.write_cp(gsmtap_hdr + self.last_tx[sim_id],
radio_id, pkt_ts)
self.last_tx[sim_id] = b''
self.parent.writer.write_cp(gsmtap_hdr + tx_buf, radio_id,
pkt_ts)
def parse_event_lte_rrc_state_change_trigger(self, radio_id, ts, arg1):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1994,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
log_content = "LTE_RRC_STATE_CHANGE_TRIGGER: {:02x}".format(arg1).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_lte_rrc_timer_status(self, radio_id, ts, arg_bin):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1605,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
log_content = "LTE_RRC_TIMER_STATUS: {}".format(' '.join('{:02x}'.format(x) for x in arg_bin)).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_lte_ml1_phr_report(self, radio_id, ts, arg1, arg2):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1938,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
log_content = "LTE_ML1_PHR_REPORT: {:02x} {:02x}".format(arg1, arg2).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_lte_emm_timer_expiry(self, radio_id, ts, arg1):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1632,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
log_content = "LTE_RRC_EMM_TIMER_EXPIRY: {:02x}".format(arg1).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_lte_emm_outgoing_msg(self, radio_id, ts, arg1):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1630,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
log_content = "LTE_RRC_EMM_OUTGOING_MSG: {}".format(arg1).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_lte_rrc_paging_drx_cycle(self, radio_id, ts, arg1, arg2):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1614,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
log_content = "LTE_RRC_PAGING_DRX_CYCLE: {:02x} {:02x}".format(arg1, arg2).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_diag_process_name_id(self, radio_id, ts, arg_bin):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 2866,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
diag_id = arg_bin[0]
diag_process_name = arg_bin[1:].decode('utf-8')
log_content = "DIAG_PROCESS_NAME: diag_id={}, diag_process_name={}".format(diag_id, diag_process_name).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_lte_emm_incoming_msg(self, radio_id, ts, arg1):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1629,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
if type(arg1) == bytes:
log_content = "LTE_RRC_EMM_INCOMING_MSG: {}".format(binascii.hexlify(arg1)).encode('utf-8')
else:
log_content = "LTE_RRC_EMM_INCOMING_MSG: {:02x}".format(arg1).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_lte_rrc_dl_msg(self, radio_id, ts, arg1, arg2):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 1609,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
channel_dl_map = {
1: "BCCH",
2: "PCCH",
3: "CCCH",
4: "DCCH"
}
message_type_map = {
0x00: "MasterInformationBlock",
0x01: "SystemInformationBlockType1",
0x02: "SystemInformationBlockType2",
0x03: "SystemInformationBlockType3",
0x04: "SystemInformationBlockType4",
0x05: "SystemInformationBlockType5",
0x06: "SystemInformationBlockType6",
0x07: "SystemInformationBlockType7",
0x40: "Paging",
0x4b: "RRCConnectionSetup",
0x81: "DLInformationTransfer",
0x85: "RRCConnectionRelease",
}
if arg1 in channel_dl_map.keys():
channel = channel_dl_map[arg1]
else:
channel = "Unknown"
if arg2 in message_type_map.keys():
message_type = message_type_map[arg2]
else:
message_type = "Unknown ({:2x})".format(arg2)
log_content = "LTE_RRC_DL_MSG: channel={}, message_type={}".format(channel, message_type).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_event_diag_qshrink_id(self, radio_id, ts, arg_bin):
osmocore_log_hdr = util.create_osmocore_logging_header(
timestamp = ts,
process_name = b'Event',
pid = 2865,
)
gsmtap_hdr = util.create_gsmtap_header(
version = 2,
payload_type = util.gsmtap_type.OSMOCORE_LOG)
diag_id = arg_bin[0]
diag_uuid = arg_bin[1:]
diag_uuid_real = uuid.UUID(bytes_le=b'\x00'*16)
if len(diag_uuid) == 16:
diag_uuid_real = uuid.UUID(bytes_le=diag_uuid)
log_content = "DIAG_QSHRINK_ID: diag_id={}, diag_uuid={}".format(diag_id, diag_uuid_real).encode('utf-8')
self.parent.writer.write_cp(gsmtap_hdr + osmocore_log_hdr + log_content, radio_id, ts)
def parse_umts_ue_ota(self, pkt_ts, pkt, radio_id):
msg_hdr = pkt[0:5]
msg_content = pkt[5:]
msg_hdr = struct.unpack('<BL', msg_hdr) # 1b direction, 4b length
arfcn = self.parent.umts_last_uarfcn_dl[self.parent.sanitize_radio_id(radio_id)]
if msg_hdr[0] == 1:
# Uplink
arfcn = self.parent.umts_last_uarfcn_ul[self.parent.sanitize_radio_id(radio_id)]
ts_sec = calendar.timegm(pkt_ts.timetuple())
ts_usec = pkt_ts.microsecond
# msg_hdr[1] == L3 message length
# Rest of content: L3 message
gsmtap_hdr = util.create_gsmtap_header(
version = 3,
payload_type = util.gsmtap_type.ABIS,
arfcn = arfcn,
device_sec = ts_sec,
device_usec = ts_usec)
self.parent.writer.write_cp(gsmtap_hdr + msg_content, radio_id, pkt_ts)
def parse_gprs_ota(self, pkt_ts, pkt, radio_id):
msg_dir = pkt[0]
msg_type = pkt[1]
msg_len = (pkt[3] << 8) | pkt[2]
l3_message = pkt[4:]
arfcn = self.parent.gsm_last_arfcn[self.parent.sanitize_radio_id(
radio_id)]
# 0: uplink, 1: downlink
if (msg_dir) == 0x00:
arfcn = arfcn | (1 << 14)
ts_sec = calendar.timegm(pkt_ts.timetuple())
ts_usec = pkt_ts.microsecond
gsmtap_hdr = util.create_gsmtap_header(
version=3,
payload_type=util.gsmtap_type.ABIS,
arfcn=arfcn,
device_sec=ts_sec,
device_usec=ts_usec)
self.parent.writer.write_cp(gsmtap_hdr + l3_message, radio_id, pkt_ts)
def process_lte_data(self, pkt):
# 0x00: LTE PHY Status
# 0x01: LTE PHY Cell Search Measurement
# 0x04: LTE PHY System Info
# 0x05: LTE PHY Channel Quality Info
# 0x06: LTE PHY Parameter
# 0x07: LTE PHY PHICH Info
# 0x10: LTE L1 RF
# 0x11: LTE L1 Sync
# 0x12: LTE L1 Downlink
# 0x13: LTE L1 Uplink
# 0x18: LTE L1 Measurement Config
# 0x30: LTE L2 UL Specific Param
# 0x31: LTE L2 DL-SCH Config
# 0x32: LTE L2 UL-SCH Config
# 0x33: LTE L2 Time Alignment Timer (N_TA uint16 / FFFF == invalid?)
# 0x34: LTE L2 PHR Config (periodicPHR-Timer uint16, prohibitPHR-Timer uint16, dl-PathlossChange uint16) RRCConnectionSetup
# 0x35: LTE L2 Preamble Info (numberOfRA-Preambles uint16, sizeofRA-PreamblesGroupA uint16) SIB2
# 0x36: LTE L2 Power Ramping Step (powerRampingStep uint8, preambleInitialRXTargetPower int8) SIB2
# 0x37: LTE L2 RA Supervision Info (preambleTransMax uint8, ra-ResponseWindowSize uint8, mac-ContentionResolutionTimer uint8) SIB2
# 0x38: LTE L2 Max HARQ Msg 3 Tx (maxHARQ-Msg3Tx uint8) SIB2
# 0x39: LTE L2 RACH Info
# 0x3A: LTE L2 RNTI Info
# 0x3C: LTE L2 UL Sync Stat Info
# 0x40: LTE L2 RB Info
# 0x41: LTE L2 RLS Status Info
# 0x42: LTE L2 PDCP UL Info
# 0x43: LTE L2 PDCP DL Info
# 0x50: LTE RRC Serving Cell
# 0x51: LTE RRC Status Variable (00 - IDLE, 01 - CONNECTING, 02 - CONNECTED)
# 0x52: LTE RRC OTA Packet
# 0x53: LTE RRC Timer
# 0x54: LTE RRC ASN Version
# 0x58: LTE NAS SIM Data
# 0x59: LTE NAS Status Variable
# 0x5A: LTE NAS EMM Message
# 0x5B: LTE NAS PLMN Selection
# 0x5C: LTE NAS Security
# 0x5D: LTE NAS PDP
# 0x5E: LTE NAS IP
# 0x5F: LTE NAS ESM Message
# 0x60: LTE Data Throughput Info
# 0x61: LTE Data Timing Info
pkt = pkt[10:-1]
arfcn = 0
if pkt[0] == 0x52:
# 0x52: LTE RRC OTA Packet
# pkt[1] - pkt[4]: TS
channel = pkt[5]
direction = pkt[6] # 0: DL, 1: UL
rrc_len = pkt[7] | (pkt[8] << 8)
rrc_msg = pkt[9:]
rrc_subtype_dl = {
0: util.gsmtap_lte_rrc_types.DL_CCCH,
1: util.gsmtap_lte_rrc_types.PCCH,
2: util.gsmtap_lte_rrc_types.BCCH_BCH,
3: util.gsmtap_lte_rrc_types.BCCH_DL_SCH,
4: util.gsmtap_lte_rrc_types.DL_DCCH
}
rrc_subtype_ul = {
0: util.gsmtap_lte_rrc_types.UL_CCCH,
4: util.gsmtap_lte_rrc_types.UL_DCCH
}
subtype = 0
try:
if direction == 0:
subtype = rrc_subtype_dl[channel]
else:
subtype = rrc_subtype_ul[channel]
except KeyError:
print("Unknown LTE RRC channel type %d" % channel)
util.xxd(pkt)
if direction == 0:
arfcn = self.lte_last_earfcn_dl
else:
arfcn = self.lte_last_earfcn_ul
gsmtap_hdr = util.create_gsmtap_header(
version=2,
payload_type=util.gsmtap_type.LTE_RRC,
arfcn=arfcn,
sub_type=subtype)
return gsmtap_hdr + rrc_msg
elif pkt[0] == 0x55:
# TODO: RACH Preamble/Response
# pkt[1] - pkt[4]: TS
direction = pkt[5] # 0 - UL, 1 - DL
rach_vals = struct.unpack('<HIIH', pkt[6:18])
if direction == 0:
# UL: RACH cause, Preamble ID, ?, ?
pass
elif direction == 1:
# DL: ?, Preamble ID, TA, T-C-RNTI
# MAC-LTE: RAR Header, TA, UL Grant, T-C-RNTI
pass
else:
assert False, "Invalid RACH direction"
return b''
elif pkt[0] == 0x5a or pkt[0] == 0x5f:
# 0x5A: LTE NAS EMM Message
# 0x5F: LTE NAS ESM Message
# pkt[1] - pkt[4]: TS?
direction = pkt[5] # 0 - DL, 1 - UL
nas_len = pkt[6] | (pkt[7] << 8)
# pkt[8] - duplicate?
nas_msg = pkt[9:]
if direction == 0:
arfcn = self.lte_last_earfcn_dl
else:
arfcn = self.lte_last_earfcn_ul
gsmtap_hdr = util.create_gsmtap_header(
version=2, payload_type=util.gsmtap_type.LTE_NAS, arfcn=arfcn)
return gsmtap_hdr + nas_msg
else:
#if len(pkt) < 0x60:
# util.xxd(pkt)
return b''
def parse_gsm_rr(self, pkt_ts, pkt, radio_id):
chan_type_dir = pkt[0]
msg_type = pkt[1]
msg_len = pkt[2]
l3_message = pkt[3:]
if len(l3_message) > msg_len:
l3_message = l3_message[0:msg_len]
arfcn = self.parent.gsm_last_arfcn[self.parent.sanitize_radio_id(
radio_id)]
# 0x80: downlink
if (chan_type_dir & 0x80) == 0x00:
arfcn = arfcn | (1 << 14)
chan = chan_type_dir & 0x7F
# 0: DCCH, 1: BCCH, 3: CCCH, 4: SACCH
# DCCH, SACCH requires pseudo length
rr_channel_map = [
8, util.gsmtap_channel.BCCH, 0, util.gsmtap_channel.CCCH, 0x88
]
channel_type = rr_channel_map[chan]
ts_sec = calendar.timegm(pkt_ts.timetuple())
ts_usec = pkt_ts.microsecond
# Attach L2 pseudo length
#if chan == 0 or chan == 4:
# l3_message = bytes([(msg_len << 2) | 0x01]) + l3_message
if chan == 0:
# SDCCH/8 expects LAPDm header
# Address field
lapdm_address = b'\x01'
# Control field
lapdm_control = b'\x03'
# length field
if msg_len > 63:
self.parent.logger.log(
logging.WARNING,
'message length longer than 63 ({})'.format(msg_len))
return
lapdm_len = bytes([(msg_len << 2) | 0x01])
l3_message = lapdm_address + lapdm_control + lapdm_len + l3_message
elif chan == 4:
# SACCH/8 expects SACCH L1/LAPDm header
# SACCH L1 header
sacch_l1 = b'\x00\x00'
# Address field
lapdm_address = b'\x01'
# Control field
lapdm_control = b'\x03'
# length field
if msg_len > 63:
self.parent.logger.log(
logging.WARNING,
'message length longer than 63 ({})'.format(msg_len))
return
lapdm_len = bytes([(msg_len << 2) | 0x01])
l3_message = sacch_l1 + lapdm_address + lapdm_control + lapdm_len + l3_message
# SACCH DL/Measurement Information: Short PD format
gsmtap_hdr = util.create_gsmtap_header(
version=3,
payload_type=util.gsmtap_type.UM,
arfcn=arfcn,
sub_type=channel_type,
device_sec=ts_sec,
device_usec=ts_usec)
self.parent.writer.write_cp(gsmtap_hdr + l3_message, radio_id, pkt_ts)
def process_common_data(self, pkt):
pkt = pkt[10:-1]
arfcn = 0
if pkt[0] == 0x03: # Common Signalling Info
#util.xxd(pkt)
# pkt[1] - pkt[4] == ts
chan_type = pkt[5]
chan_subtype = pkt[6]
direction = pkt[7] # 2 - DL, 1 - UL
msg_len = pkt[8] | (pkt[9] << 8)
msg_content = pkt[10:]
if chan_type == 0x30: # UMTS RRC
chan_map_ul = {
0x30: util.gsmtap_umts_rrc_types.UL_CCCH,
0x31: util.gsmtap_umts_rrc_types.UL_DCCH
}
chan_map_dl = {
0x30: util.gsmtap_umts_rrc_types.DL_CCCH,
0x31: util.gsmtap_umts_rrc_types.DL_DCCH,
0x32: util.gsmtap_umts_rrc_types.BCCH_BCH,
0x34: util.gsmtap_umts_rrc_types.PCCH
}
subtype = 0
if direction == 2:
subtype = chan_map_dl[chan_subtype]
arfcn = self.umts_last_uarfcn_dl
elif direction == 1:
subtype = chan_map_ul[chan_subtype]
arfcn = self.umts_last_uarfcn_ul
else:
print('Unknown direction %02x' % direction)
return b''
gsmtap_hdr = util.create_gsmtap_header(
version=2,
payload_type=util.gsmtap_type.UMTS_RRC,
arfcn=arfcn,
sub_type=subtype)
return gsmtap_hdr + msg_content
elif chan_type == 0x01: # UMTS NAS
if direction == 2:
arfcn = self.umts_last_uarfcn_dl
elif direction == 1:
arfcn = self.umts_last_uarfcn_ul
gsmtap_hdr = util.create_gsmtap_header(
version=2, payload_type=util.gsmtap_type.ABIS, arfcn=arfcn)
return gsmtap_hdr + msg_content
elif chan_type == 0x20: # GSM RR
# TODO: CCCH and SACCH are not distinguished by headers!
# Some values are RR message, some are RR_short_PD
if direction == 2: # RR DL w/ pseudo length
lapdm_address = b'\x01'
# Control field
lapdm_control = b'\x03'
# length field
if msg_len > 63:
util.warning('message length longer than 63 (%s)' %
msg_len)
return b''
lapdm_len = bytes([(msg_len << 2) | 0x01])
#msg_content = lapdm_address + lapdm_control + lapdm_len + msg_content
gsmtap_hdr = util.create_gsmtap_header(
version=2,
payload_type=util.gsmtap_type.UM,
sub_type=util.gsmtap_channel.CCCH
) # Subtype (XXX: All CCCH)
return gsmtap_hdr + msg_content
elif direction == 1: # Only RR
gsmtap_hdr = util.create_gsmtap_header(
version=2, payload_type=util.gsmtap_type.ABIS)
return gsmtap_hdr + msg_content
elif chan_type == 0x21: # GSM RLC/MAC
arfcn = 1
if direction == 1:
arfcn = arfcn | (1 << 14)
gsmtap_hdr = util.create_gsmtap_header(
version=2,
payload_type=util.gsmtap_type.UM,
arfcn=arfcn,
sub_type=util.gsmtap_channel.PACCH
) # Subtype (PACCH dissects as MAC)
#return gsmtap_hdr + msg_content
return b''
else:
print('Unknown channel type %02x for subcommand 0x03' %
chan_type)
return b''
else:
print('Unknown subcommand %02x for command 0x21' % pkt[0])
#util.xxd(pkt)
return b''
return b''
def parse_wcdma_rrc(self, pkt_ts, pkt, radio_id):
channel_type, rbid, msg_len = struct.unpack('<BBH', pkt[0:4])
sib_class = -1
arfcn = 0
msg_content = b''
channel_type_map = {
0: util.gsmtap_umts_rrc_types.UL_CCCH,
1: util.gsmtap_umts_rrc_types.UL_DCCH,
2: util.gsmtap_umts_rrc_types.DL_CCCH,
3: util.gsmtap_umts_rrc_types.DL_DCCH,
4: util.gsmtap_umts_rrc_types.BCCH_BCH, # Encoded
5: util.gsmtap_umts_rrc_types.BCCH_FACH, # Encoded
6: util.gsmtap_umts_rrc_types.PCCH,
7: util.gsmtap_umts_rrc_types.MCCH,
8: util.gsmtap_umts_rrc_types.MSCH,
10: util.gsmtap_umts_rrc_types.System_Information_Container,
}
channel_type_map_extended_type = {
9: util.gsmtap_umts_rrc_types.BCCH_BCH, # Extension SIBs
0xFE: util.gsmtap_umts_rrc_types.BCCH_BCH, # Decoded
0xFF: util.gsmtap_umts_rrc_types.BCCH_FACH # Decoded
}
sib_type_map = {
0: util.gsmtap_umts_rrc_types.MasterInformationBlock,
1: util.gsmtap_umts_rrc_types.SysInfoType1,
2: util.gsmtap_umts_rrc_types.SysInfoType2,
3: util.gsmtap_umts_rrc_types.SysInfoType3,
4: util.gsmtap_umts_rrc_types.SysInfoType4,
5: util.gsmtap_umts_rrc_types.SysInfoType5,
6: util.gsmtap_umts_rrc_types.SysInfoType6,
7: util.gsmtap_umts_rrc_types.SysInfoType7,
8: util.gsmtap_umts_rrc_types.SysInfoType8,
9: util.gsmtap_umts_rrc_types.SysInfoType9,
10: util.gsmtap_umts_rrc_types.SysInfoType10,
11: util.gsmtap_umts_rrc_types.SysInfoType11,
12: util.gsmtap_umts_rrc_types.SysInfoType12,
13: util.gsmtap_umts_rrc_types.SysInfoType13,
14: util.gsmtap_umts_rrc_types.SysInfoType13_1,
15: util.gsmtap_umts_rrc_types.SysInfoType13_2,
16: util.gsmtap_umts_rrc_types.SysInfoType13_3,
17: util.gsmtap_umts_rrc_types.SysInfoType13_4,
18: util.gsmtap_umts_rrc_types.SysInfoType14,
19: util.gsmtap_umts_rrc_types.SysInfoType15,
20: util.gsmtap_umts_rrc_types.SysInfoType15_1,
21: util.gsmtap_umts_rrc_types.SysInfoType15_2,
22: util.gsmtap_umts_rrc_types.SysInfoType15_3,
23: util.gsmtap_umts_rrc_types.SysInfoType16,
24: util.gsmtap_umts_rrc_types.SysInfoType17,
25: util.gsmtap_umts_rrc_types.SysInfoType15_4,
26: util.gsmtap_umts_rrc_types.SysInfoType18,
27: util.gsmtap_umts_rrc_types.SysInfoTypeSB1,
28: util.gsmtap_umts_rrc_types.SysInfoTypeSB2,
29: util.gsmtap_umts_rrc_types.SysInfoType15_5,
30: util.gsmtap_umts_rrc_types.SysInfoType5bis,
31: util.gsmtap_umts_rrc_types.SysInfoType11bis,
# Extension SIB
66: util.gsmtap_umts_rrc_types.SysInfoType11bis,
67: util.gsmtap_umts_rrc_types.SysInfoType19
}
channel_type_map_new = {
0x80: util.gsmtap_umts_rrc_types.UL_CCCH,
0x81: util.gsmtap_umts_rrc_types.UL_DCCH,
0x82: util.gsmtap_umts_rrc_types.DL_CCCH,
0x83: util.gsmtap_umts_rrc_types.DL_DCCH,
0x84: util.gsmtap_umts_rrc_types.BCCH_BCH, # Encoded
0x85: util.gsmtap_umts_rrc_types.BCCH_FACH, # Encoded
0x86: util.gsmtap_umts_rrc_types.PCCH,
0x87: util.gsmtap_umts_rrc_types.MCCH,
0x88: util.gsmtap_umts_rrc_types.MSCH,
}
channel_type_map_new_extended_type = {
0x89: util.gsmtap_umts_rrc_types.BCCH_BCH, # Extension SIBs
0xF0: util.gsmtap_umts_rrc_types.BCCH_BCH, # Decoded
}
sib_type_map_new = {
0: util.gsmtap_umts_rrc_types.MasterInformationBlock,
1: util.gsmtap_umts_rrc_types.SysInfoType1,
2: util.gsmtap_umts_rrc_types.SysInfoType2,
3: util.gsmtap_umts_rrc_types.SysInfoType3,
4: util.gsmtap_umts_rrc_types.SysInfoType4,
5: util.gsmtap_umts_rrc_types.SysInfoType5,
6: util.gsmtap_umts_rrc_types.SysInfoType6,
7: util.gsmtap_umts_rrc_types.SysInfoType7,
8: util.gsmtap_umts_rrc_types.SysInfoType8,
9: util.gsmtap_umts_rrc_types.SysInfoType9,
10: util.gsmtap_umts_rrc_types.SysInfoType10,
11: util.gsmtap_umts_rrc_types.SysInfoType11,
12: util.gsmtap_umts_rrc_types.SysInfoType12,
13: util.gsmtap_umts_rrc_types.SysInfoType13,
14: util.gsmtap_umts_rrc_types.SysInfoType13_1,
15: util.gsmtap_umts_rrc_types.SysInfoType13_2,
16: util.gsmtap_umts_rrc_types.SysInfoType13_3,
17: util.gsmtap_umts_rrc_types.SysInfoType13_4,
18: util.gsmtap_umts_rrc_types.SysInfoType14,
19: util.gsmtap_umts_rrc_types.SysInfoType15,
20: util.gsmtap_umts_rrc_types.SysInfoType15_1,
21: util.gsmtap_umts_rrc_types.SysInfoType15_2,
22: util.gsmtap_umts_rrc_types.SysInfoType15_3,
23: util.gsmtap_umts_rrc_types.SysInfoType16,
24: util.gsmtap_umts_rrc_types.SysInfoType17,
25: util.gsmtap_umts_rrc_types.SysInfoType15_4,
26: util.gsmtap_umts_rrc_types.SysInfoType18,
27: util.gsmtap_umts_rrc_types.SysInfoTypeSB1,
28: util.gsmtap_umts_rrc_types.SysInfoTypeSB2,
29: util.gsmtap_umts_rrc_types.SysInfoType15_5,
30: util.gsmtap_umts_rrc_types.SysInfoType5bis,
31: util.gsmtap_umts_rrc_types.SysInfoType19,
# Extension SIB
66: util.gsmtap_umts_rrc_types.SysInfoType11bis,
67: util.gsmtap_umts_rrc_types.SysInfoType19
}
if channel_type in channel_type_map.keys():
arfcn = self.parent.umts_last_uarfcn_dl[
self.parent.sanitize_radio_id(radio_id)]
if channel_type == 0 or channel_type == 1:
arfcn = self.parent.umts_last_uarfcn_ul[
self.parent.sanitize_radio_id(radio_id)]
subtype = channel_type_map[channel_type]
msg_content = pkt[4:]
elif channel_type in channel_type_map_extended_type.keys():
arfcn = self.parent.umts_last_uarfcn_dl[
self.parent.sanitize_radio_id(radio_id)]
# uint8 subtype, uint8 msg[]
if pkt[4] in sib_type_map.keys():
subtype = sib_type_map[pkt[4]]
msg_content = pkt[5:]
else:
self.parent.logger.log(
logging.WARNING,
"Unknown WCDMA SIB Class {}".format(pkt[4]))
return
elif channel_type in channel_type_map_new.keys():
# uint16 uarfcn, uint16 psc, uint8 msg[]
arfcn, psc = struct.unpack('<HH', pkt[4:8])
subtype = channel_type_map_new[channel_type]
msg_content = pkt[8:]
elif channel_type in channel_type_map_new_extended_type.keys():
# uint16 uarfcn, uint16 psc, uint8 subtype, uint8 msg[]
arfcn, psc = struct.unpack('<HH', pkt[4:8])
if pkt[8] in sib_type_map_new.keys():
subtype = sib_type_map_new[pkt[8]]
msg_content = pkt[9:]
else:
self.parent.logger.log(
logging.WARNING,
"Unknown WCDMA new SIB Class {}".format(pkt[8]))
return
else:
self.parent.logger.log(
logging.WARNING,
"Unknown WCDMA RRC channel type {}".format(pkt[0]))
self.parent.logger.log(logging.DEBUG, util.xxd(pkt))
return
ts_sec = calendar.timegm(pkt_ts.timetuple())
ts_usec = pkt_ts.microsecond
gsmtap_hdr = util.create_gsmtap_header(
version=3,
payload_type=util.gsmtap_type.UMTS_RRC,
arfcn=arfcn,
sub_type=subtype,
device_sec=ts_sec,
device_usec=ts_usec)
self.parent.writer.write_cp(gsmtap_hdr + msg_content, radio_id, pkt_ts)
