Hi!
Collin Mulliner, Tobias Engel and myself have been meeting yesterday to
discuss a generic application interface for OpenBSC.
They are both doing security analysis and want to achieve a clean way
how an external application can get access to a more or less transparent
communication channel to the phone.
The purpose of this is to be able to send intentionally malformed
packets to the mobile phone GSM stack at various different levels within
the stack.
As of now, they have both hacked some custom code into openbsc that gets
them half way where they want to be - but not quite all the way.
The requirements can be summarized as follows:
1) Ability to establish a SDCCH or TCH channel by paging the phone
As of now, the 'silent call' feature from the VTY already does this.
2) Ability to send arbitrary layer3 protocol messages to the phone
Adding this is relatively easy (use rsl_sendmsg on the lchan from the
silent call)
3) Ability to receive responses from the phone, as well as error
conditions such as 'readio link failure'. We don't have a solution
for this yet, and we also have no clean way to identify what might
be a response from the phone to the external app, and what might
be a message from the phone to the normal network code in OpenBSC
4) Ability to selectively disable partial protocol handling in
OpenBSC. Let's say you want to play with the mobile phone call
control implementation. In this case, you want to make sure all CC
related messages go from/to the external program and not from the
regular OpenBSC network code.
So what I've been thinking of as a solution to the problem:
* store a bypass_flags bitmask related to the subscriber structure,
where we indicate values such as BYPASS_RR, BYPASS_MM, BYPASS_CC,
BYPASS_SAPI3.
* if we process an incoming message from the MS in gsm0408_rcvmsg(),
we check if a bypass flag matching the message is found. If yes,
forward the message to the external program
* if we want to send a message from our own protocol stack to the MS,
we check if a bypass flag matching the message is found. If yes,
we drop the message that we were about to send.
* any messages received from the application will be forwarded to the MS
The application interface protocol will likely have a close resemblance
to RSL RLL. We need to exchange the following primitives with the
application, like:
* ESTABLISH REQUEST -- app requests a channel be established to MS (by IMSI)
* ESTABLISH CONFIRM -- network confirms a channel has been established
* ESTABLISH INDICATION -- network tells app connection was made by MS
* [UNIT] DATA REQUEST -- app requests data to be sent to MS
* [UNIT] DATA INDICATION -- network indicates data was received from MS
* ERROR INDICATION -- network tells app something went wrong
* RELEASE REQUEST -- app asks network to release channel
* RELEASE CONFIRM -- net tells app that channel was released (as rqd)
* RELEASE INDICATION -- net tells app that channel was released (by MS)
The channel_number of RSL (indicating on-air timeslot) doesn't make much
sense in this context, of course.
The link_identifier on the other hand is great as it allows the app to
indicate SDCCH/FACCH or SACCH as well as the SAPI.
The actual RSL-like protocol would be encapsulated by UDP and available
on a socket of the MSC.
What do you think?
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Hi all!
This subject came to my attention again recently: Why not relicense
OpenBSC under AGPLv3?
Right now we are licensing under GPLv2+ (v2 or any later version). However,
if an operator was to make lots of private modifications and then operate
it on his own network, there would be no distribution and thus no need
for him to release his modified versions of the source code.
This may sound a bit strange to those who have been with the project
since its early days. But we are reaching production quality now, and
we already have the first number of production deployments of the software.
Companies like Netzing and On-waves have been FOSS-friendly and funding
parts of our development effort. They have no issues with the result being
Free Software again. However, there are definitely other companies out
there who are less fond of sharing...
So thus my idea is to put OpenBSC under AGPLv3. This way whoever uses
OpenBSC _in modified form_ to operate a communications network will
have to provide the source code to that modified form on a network
server at no charge.
The only controversial question to me is "your modified version must
prominently offer all users interacting with it remotely through a computer
network (if your version supports such interaction) an opportunity to receive
the Corresponding Source".
1) does a gsm network count as computer network? i'd say yes.
2) is using a gsm network 'interacting with it remotely'? I'd also say yes
3) what does 'prominently offer' mean in the context of GSM? We don't want
the operator to spam their users with advertisement SMS just to know
that they can get the soruce code, after all.
Notwithstanding those open questions, such a network operator would always
have the option of simply sending back his changes for integration in the
official project - and thus he would no longer use a modified version which
then means there is no need for the prominent notice / download at all.
We can make this very clear in the project documentation, putting further
encouragement
The actual relicensing should be less problematic than I thought, since AGPLv3
is compatible with GPLv3.
So I could re-license all parts that I own copyright on (which should be
the majority of the code base anyway) under AGPLv3, while the former GPLv2+
components (like VTY code from zebra, or contributions by other people)
then become GPLv3-or-later.
Of course I would want to encourage all developers/contributors to also
follow the re-licensing. Particularly Holger Freyther, Dieter Spaar, Andreas
Eversberg, Jan Luebbe, Sylvain Munaut, Daniel Willmann, Stefan Schmidt.
So let's start with a poll:
a) Do you think re-licensing to AGPLv3 is a good idea?
b) If you have contributed, would you re-license your code under AGPLv3?
If we have some kind of concesus in the community, I would approach
On-waves whether they would want to do the same for their share of the
copyright. As their "modifications" are all part of OpenBSC git repository,
they would not be subject to any different conditions than before.
Thanks in advance for your feedback,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Hello,
second try to add support to bs11_config for bport0/1 configuration. This
time with enum abis_bs11_line_cfg.
It seems sometimes creating bport1 fails, even LMT shows create obj
greyed out. Don't know why yet.
Regards,
Daniel Willmann
Daniel Willmann (1):
Add {create,delete}-bport1 and bport0-{star,multidrop} to bs11-config
openbsc/include/openbsc/abis_nm.h | 10 +++++++++-
openbsc/src/abis_nm.c | 31 +++++++++++++++++++++++++++++--
openbsc/src/bs11_config.c | 26 ++++++++++++++++++++++++++
3 files changed, 64 insertions(+), 3 deletions(-)
hello
my name is thomas and i study communication engineering at tfh berlin. i
write my bachelor this semester. the task is to program a handover
funktion between 2 bs11, openbsc runs on a pc with e1 interface. but
there are major problems. i can't login with my 2 handys that i use for
that. nokia 3310c and 6650. the network is found, but the login fails,
with both handys. it worked only one time, with the 6650. i backuped the
hlr-file. i assume it's this file that makes problems. when i delete the
hlr, it is new created, and none of my handys can login. when i restore
this special hlr, the 6650 connect without problems, but only this one.
is there a tool to edit hlr.sqlite3, windows-based if possible?
where are the protocoll files stored, for error search, or must i make a
screenshot ?
thanx
thomas
p.s.: answers in german prefered :-)
--
Wer Rechtschreibfehler findet, darf sie behalten
> This sounds wrong. What does 'which pkg-config' return?
> Did you really set PKG_CONFIG, and is the pkg-config binary not in
your
> PATH?
root@fuckup ~ # which pkg-config
/usr/bin/pkg-config
i think i had set PKG_CONFIG_PATH, since i have no pkg-config under
/usr/local/bin/.
>Yes, you have said that in the previous mail. I wonder _why_ you need
to
>set it and if our documentation is not accurate. Have you really set
>PKG_CONFIG? Does it mean that you do not have pkg-config available in
>your PATH?
my pkg-config is under /usr/lib/pkgconfig (gentoo). but libosmocore and
others are installed under /usr/local/lib/pkgconfig.
hi holger,
it works now. i set PKG_CONFIG and everything compiles. also the linux-call-router now compiles with opensbsc, after fixing some api issues.
regards,
andreas
-----Ursprüngliche Nachricht-----
Von: openbsc-bounces(a)lists.gnumonks.org [mailto:openbsc-bounces@lists.gnumonks.org] Im Auftrag von Holger Freyther
Gesendet: Montag, 31. Mai 2010 05:25
An: openbsc(a)lists.gnumonks.org
Betreff: Re: linking problems
On 05/28/2010 07:40 PM, Andreas.Eversberg wrote:
> with setting PKG_CONFIG it works. it was a layer-8 problem. still i don't understand why the linker finds symbols in "lib.so" but not in "lib.a"
Hi Andreas,
I looked into our build howto and I try to understand how it failed for
you. Have you passed a --prefix to the build of libosmocore?
regards
holger
with setting PKG_CONFIG it works. it was a layer-8 problem. still i don't understand why the linker finds symbols in "lib.so" but not in "lib.a".
-----Ursprüngliche Nachricht-----
Von: openbsc-bounces(a)lists.gnumonks.org [mailto:openbsc-bounces@lists.gnumonks.org] Im Auftrag von Holger Hans Peter Freyther
Gesendet: Freitag, 28. Mai 2010 10:45
An: openbsc(a)lists.gnumonks.org
Betreff: Re: linking problems
On 05/28/2010 04:02 PM, Andreas.Eversberg wrote:
> hi again,
>
> libosmocore.a has a reference to 'log_init', but the linker will not
> find it somehow. any idea?
Yes, you attempt static linking... which appears to not work. Build the
libosmocore as DSO and try linking again.
Hello,
OnWaves would like to get/set the status from OpenBSC via SNMP. I would
like to kick off the discussion about how we can best achieve that
while keeping everyone happy. :-)
There are two possibilities that have been discussed so far:
* Implement a subagent in OpenBSC. With this method OpenBSC would
directly connect to snmpd through the agentx protocol.
* Write a proxy that relays the snmp requests to OpenBSC. The proxy
would have to implement the snmp interface and talk to OpenBSC through
some protocol.
There are upsides and downsides with both approaches. One arguably
doesn't want to have the net-snmp library linked to OpenBSC (though I'm
not sure what the exact reasons are, I just heard it from different
people). On the other hand designing a new protocol to speak between
proxy and OpenBSC poses problems of its own. Furthermore, if you write
the proxy in C you'll be using net-snmp anyway.
You could use python to implement the proxy, but my local python expert
tells me that the python snmp library is far from nice to use.
Please share your thoughts, ideas, etc.
Regards,
Daniel Willmann
Hi,
I have two BS-11 here, which both show the same strange problem:
PHASE: 2 Load MBCCU MBCCU0: No Load MBCCU1: No Load Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: Load BTSCAC MBCCU1: No Load Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: Load BTSCAC MBCCU1: Load BTSCAC Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: No Load MBCCU1: Load BTSCAC Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: No Load MBCCU1: Load BTSCAC Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: No Load MBCCU1: Load BTSDRX Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: No Load MBCCU1: Load BTSBBX Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: No Load MBCCU1: Load BTSARC Abis-link: Down
PHASE: 2 Load MBCCU MBCCU0: No Load MBCCU1: Load Abis-link: Down
I.e. MBCCU0 aborts the software load process during BTSCAC phase, while MBCCU1
continues like usual.
Has anybody else seen this yet? I've already re-installed the firmware without
any success. If they are really broken, has anyone yet tried to switch some of the internal components? A BTS that only has TRX0 is still useful.. but
one without TRX0 but TRX1 is pretty useless :/
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)