I would like to extract only the SMS messages sent to me and save the text only automatically from within my modified ccch_scan, without using external monitoring tools like wireshark.

1. From what I have figured out so far, I need to catch the L2 packets at the point where they are sent on gsmtap_send(), and then apply my own decode to filter out SMS messages and extract data. Is this correct so far?

2. What reference material would you recommend for L2 packet formats? I checked the 3gpp website, but there are so many versions of all specs that I cannot figure what to use, and could not figure out where the format definitions are given. Is there a better site generally for GSM specs? Or should I be able to figure this out from the mobile app code alone? (I tried that but kind of got lost in the call setup process. I will try again anyway!)

On Sun, Dec 30, 2012 at 6:06 PM, Sylvain Munaut <246tnt@gmail.com> wrote:

Hi,

> Would it not be more useful to save burst data after local_burst_decode?

After local_burst_decode they are not bursts anymore, they are L2
packets and that call only works if either it's unciphered or if you
know the key.

If you want to save the cleartext decoded burst, use tcpdump or wireshark.

> Is there some utility in storing it in its raw form? Looks like I am missing
> something?

They're stored by by ccch_scan ... but there are no utility to use
those data, you have to write an utility to use those data in any way
you'd like.

Cheers,

Sylvain