Terje Kristoffer Hybbestad Skow terjeks at
Tue Mar 1 11:56:00 UTC 2016

Thank you very much!!

I will have some work getting through this, but I recon I'll have some more
questions later.

Again thank you

2016-03-01 12:39 GMT+01:00 Neels Hofmeyr <nhofmeyr at>:

> On Tue, Mar 01, 2016 at 11:12:01AM +0100, Terje Kristoffer Hybbestad Skow
> wrote:
> > The "logfile /tmp/foo" did gave an error message saying "unrecognized
> > option".
> It seems the logfile option was added on 2014-03-23 with commit
> 9c0ff4fafe4276396125a52c89d36967566fe08c. It may make sense if you build
> your osmocom stack from the git sources to benefit from the latest fixes.
> See, specifically you'd probably want to clone and
> build
> git://
> git://
> The build steps being for example
>    autoreconf -fi
>    ./configure
>    make
>    sudo make install
> > I'm going to look at DNS packets going through a GGSN to try and find
> ways
> > to detect DNS tunnels, do you have any recommendations how to do this?
> > I do not have the time or resources to use real UE's so I hope to
> simulate
> > it on a computer using VMs or something like that.
> > I have looked at this:
> as
> The BTS is for communicating with a phone over the air interface. Abis and
> osmo-nitb are used for voice calls only. The SGSN is needed for real
> networks,
> you should be fine with the sgsnemu. So all you need is sgsnemu and
> openggsn.
> You want to figure out how to use the sgsnemu, starting with a route into
> the
> tunnel device that sgsnemu opens up. So you need to look at the 'ip route'
> commands (if you're on linux). I guess you won't need VMs; granted, it
> might
> make it easier to avoid circular routes (to IP addresses that should only
> be
> seen on the GGSN side), but certainly not a necessary prerequisite.
> I tried to ping through the sgsnemu tunnel once but saw, as I mentioned,
> that
> the GGSN thwarts GTP messages without a proper context being created
> first. It
> shouldn't be too hard, but I haven't investigated further. So you'd want to
> understand the GTP Ctrl & User messages to setup a PGP context (TEIs and
> stuff), and figure out how sgsnemu might make your life easier in that
> regard.
> You probably want to read ETSI 29.060 to figure out GTP:
> You may find attached pcap file interesting (open in wireshark and note
> that
> the DNS queries are transmitted over GTP between SGSN and GGSN even though
> wireshark tends to show only the DNS and src/dest enclosed in the GTP).
> And again, you may look at
> about simplistic code examples of composing a PGP context conversation.
> If you'd like any more answers to questions you didn't ask ;)
> just give us a shout...
> ~Neels
> --
> - Neels Hofmeyr <nhofmeyr at>
> =======================================================================
> * sysmocom - systems for mobile communications GmbH
> * Alt-Moabit 93
> * 10559 Berlin, Germany
> * Sitz / Registered office: Berlin, HRB 134158 B
> * Geschäftsführer / Managing Directors: Holger Freyther, Harald Welte
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the osmocom-net-gprs mailing list