Hi all,
Just wanted to share an issue and a quick workaround I found for it in case
anyone else has the same problem. I believe a cmd2 update is causing
pySim-shell to fail. After installing it on a fresh install of Ubuntu
Server 20.04 and getting the following error when I run "python3
pySim-shell -p0":
>Using PC/SC reader interface
>Autodetected card type: sysmoUSIM-SJS1
>AIDs on card:
> USIM: a0000000871002ffffffff8907090000
>Traceback (most recent call last):
> File "pySim-shell.py", line 512, in <module>
> app = PysimApp(card, rs, opts.script)
> File "pySim-shell.py", line 59, in __init__
> super().__init__(persistent_history_file='~/.pysim_shell_history',
allow_cli_args=False, use_ipython=True, auto_load_commands=False,
command_sets=basic_commands, >startup_script=script)
>TypeError: __init__() got an unexpected keyword argument 'use_ipython'
If you run into this you can fix it by uninstalling cmd2 and reinstalling
cmd2 with "pip3 install cmd2==1.5".
Best,
Bryan
Hi,
I had a problem placing MO GSM calls from a Siemens S11E: The calls
were dropped immediately; Osmo-MSC reports "Cannot compose Channel
Type from bearer capabilities"
After investigating the SETUP request from the S11E, the phone does
not use octet 3a (no extension bit set in IE 3). Wireshark decodes the
radio channel requirement as "Full rate support only MS/fullrate
speech version 1 supported", so I added a condition to the gsm48_ie.c
function of libosmocore to include at least GSM FR in the list of
available speech_ver in case octet 3 has no extension.
Attached to this message are the Abis-IP PCAP traces of MO calls, and
the patch for gsm48_ie.c.
Regards,
Lennart
Hi,
My name is Brackley Cassinga Form DRC, we run a community network called
pamoja net where we offer gsm services using osmocom open source software
and OC Base station.
Recently I have tried to install another base station as the same installed
but I could not find any resource guiding through all the steps to take to
run NIB on a base station.
I'm currently running Ubuntu and I will appreciate if you could guide me on
the installation of BSC,hlr,MSC , in order to run a basic gsm network.
Thank you. Regards
--
*Ir Brackley heshima Casinga **Pacifique*
*CEO and Founder of kwanzatechnologie*
KwanzaTechnologies ,GlobalElectronics
+243977265291 | +243977265291 | Pcassinga(a)gmail.com/
brackley(a)ensemblepourladifference.org
www.kwantechnologies.jimdosite.com <http://www.kwantechnologies.com/> |
Skype: Brackley cassinga <https://webapp.wisestamp.com/#>
Av Semliki N 43
Hi all!
I'm currently adding unit tests for the various pySim encoder/decoder classes
for the variouus SIM/UICC/USIM/ISIM files. [1]
In order to increase the test coverage, I would appreciate any help in obtaining test
data, particularly for the more "exotic" (or recently introduced) files, related to DF.5GS,
ADF.ISIM or even DF.WLAN or the like.
So if you have any SIM cards with related files populated, I would appreciate some test
data. You can simply send me a copy+paste of the respective 'read_binary' / 'read_records'
command, or a partial 'export'. In the latter case, please make sure to redact/remove your
IMSI/ICCID/MSISDN/Kc data to prevent leaking privacy related information.
Thanks in advance.
Regards,
Harald
[1] https://gerrit.osmocom.org/c/pysim/+/24012
--
- Harald Welte <laforge(a)gnumonks.org> https://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Hello GSM community,
I have a question for those who operate their own GSM networks (be it
for fun or for research or for any other purpose) in places that DO
have regular commercial cell service, i.e., NOT ship-at-sea, middle of
desert or Rhizomatica-type environments: how do you deal with, and
ideally prevent, the highly undesirable situation of other people's
phones, not related to your operation, "jumping ship" from being
registered to their regular commercial network to trying to register
to your test network instead?
I live and operate in an area where ONE commercial operator still
provides GSM/2G service (although only to "grandfathered" customers,
closed to new subscribers), plus there are super-strong 4G and 5G
signals from all 3 USA-wide carriers. I also operate my own "pirate"
GSM network on a test/experimental basis, meaning not always on, but
only turned on for brief intervals when I am playing with it.
When I do turn on my test GSM network, I squat on an ARFCN in the
middle of a 5 MHz wide "dead" spot (SA shows noise floor over the
whole 5 MHz block in question), and most of the time I set my power
output to the lowest possible setting: I set max_power_red to the
maximum of 20, which should result in 3 dBm output from the sysmoBTS
box. I also recently changed my MCC-MNC from 310-222 (an unallocated
MNC within MCC 310) to 001-325 (MCC meaning test network, MNC is a
feeble attempt to indicate that it's me - I got 00440325 as my test
IMEI range in my "other" capacity as ME manuf), but the problematic
behaviour of at least some phones erratically "jumping ship" from
T-Mobile GSM to the test network still occurs.
Here is a concrete example of inexplicable erratic behaviour I am
seeing:
* Last night I powered up my test network at around 19:41 local time.
My wife was with me the whole evening; her primary personal phone is
Nokia C3-00 (circa 2011, late in GSM terms, but still 2G-only in terms
of RAN support) with service on T-Mobile.
* About 3.5 hours later, at around 23:14 local time, my wife noticed
that her phone "went into the black hole" (our term for times when
phones show "no service" even though T-Mobile GSM signal is there just
fine), and she alerted me. I looked at OsmoCNI logs in syslog, and I
saw that just a little earlier, at around 22:38 local time, there was
an attempt from my wife's phone (her T-Mobile IMSI) to register to our
test network. Of course that registration attempt failed - I don't
have a roaming agreement with T-Mobile, there is no MAP roaming support
in OsmoCNI, I don't have any T-Mobile or other operators' IMSIs in my
OsmoHLR, and I am NOT running with "create sub on demand" feature.
* At around 23:14 local time, when my wife noticed that her phone went
into the black hole, she immediately proceeded to reboot it - such
reflexive reboots are now an "autopilot" action for her - and on its
next boot cycle, it immediately proceeded to make another attempt to
register to our test network instead of T-Mobile, as evidenced by
OsmoCNI logs!
* At that point I turned off the test network GSM signal, as there did
not appear to be any other way to convince my wife's Nokia phone to go
back to its rightful network of T-Mobile.
Now let me add some noteworthy details:
* The ARFCN on which I squat for my test network is NOT listed in the
neighbor cell list advertised by the sole and single commercial GSM/2G
operator we have around here.
* When I mentioned this issue previously in an OsmoDevCall USSE, I was
asked if perhaps the ARFCN I squat on might be listed as a 2G neighbor
in the neighbor list of some newer-G cell. I don't have any direct
way to disprove this idea, but my wife's phone, the one that exhibits
this inexplicable behaviour, is a 2G-only model, NOT supporting LTE or
even UMTS. And the last 3G/UMTS service in our area was shut down
last summer, leaving only LTE+5G for the masses and GSM for the tiny
sliver of "grandfathered" users who won't give it up until we die.
* In last night's episode, my wife's phone sat quite happily within
our dwelling, mere meters from the sysmoBTS antenna putting out its
3 dBm, for almost 3 hours before it made its first attempt to jump
ship. During the entirely of this almost-3-hours interval, the signal
from our test network as received by the phone was overwhelmingly
stronger than the commercial signal (being meters away from the BTS),
yet the phone behaved like it should (listened to its serving cell and
advertised neighbor cells, no searching around) for almost 3 h.
* The location update interval set by T-Mobile's network is 1 hour -
thus periodic LU could not have been the trigger that told Nokia's
bugger to abandon its serving cell and go into open-ended search of
all possible ARFCNs. So what in the world could have been the trigger
then, that caused the bugger to misbehave after almost 3 hours of
behaving properly and correctly?
* Aside from whatever the trigger might be, once that Nokia bugger
attempts to register to the test GSM network and fails, why in the
bloody hell is it not going back to the weaker (in terms of RSSI) but
working T-Mobile network, why does it "park" itself in no-service
state instead?
I have heard of other people operating test GSM cells/networks in
areas where commercial services do exist: I have heard that Neels, of
Sysmocom team, operates a test cell under a test license, and when
Keith gave an OsmoDevCall presentation on Rhizomatica back in 2021,
that presentation was done from an office in some "big" city in Oaxaca,
a place where test signals had to coexist peacefully with commercial
operators' signals. So how do you guys do it? What additional magic
are you doing, which I must be missing, to prevent the situation of
phones jumping ship from commercial networks to the test network when
the signal from the test network is much stronger due to proximity?
Perplexed,
Mother Mychaela
Hi All,
I was working a few months back on some LCLS implementation with
bts-loop and I got it working, including that the pbx can use SIP
Re-INVITES to get in and out of the audio loop during calls.
However, I only ever tested it with one call, that is with two phones.
When I tested it on alive site, immediately there where problems so I
reverted and left it. Looking at it again now, there's a very obvious
problem which is that osmo-msc generates the same GCR for (almost) every
call. I had noticed this before but for some reason I thought I had seen
it generating different GCR for a second simultaneous call, but no.
Anyway, the above is extraneous info to the question:
Could somebody take a look at this:
https://gitea.osmocom.org/cellular-infrastructure/osmo-msc/src/branch/maste…
where we have:
osmo_store32be(trans->callref, lcls->gcr.cr);
osmo_store16be(use_lac ? trans->msc_a->via_cell.lai.lac :
trans->msc_a->via_cell.cell_identity, lcls->gcr.cr + 3);
Now, If I change the order, such that would seem logical:
osmo_store16be(use_lac ? trans->msc_a->via_cell.lai.lac :
trans->msc_a->via_cell.cell_identity, lcls->gcr.cr + 3);
osmo_store32be(trans->callref, lcls->gcr.cr);
Then I get a different GCR, reflecting the trans->callref for each call.
But am I then maybe overwriting the LAC/CI ?
Would seem to make sense, but I'm just not sure if that is all there is
to it, as I don't really grok osmo_store_xxxx
for(i = 0; i < n; q[i] = (x >> ((n - 1 - i) * 8)) & 0xFF, i++);
Is it just a simple order error, and is everything OK with lcls->gcr.cr
+ 3 as the pointer *p passed to osmo_store32be_ext() ?
given that:
struct osmo_lcls *lcls;
where:
struct osmo_lcls {
struct osmo_gcr_parsed gcr;
};
struct osmo_gcr_parsed {
uint8_t cr[5];
};
I guess I'm still not really 100% on the char/uint8_t thing and
advancing pointers.
Thanks!
k.
Dear Osmocom community,
we're happy to announce the next incarnation of OsmoDevCall.
when:
January 18, 2023 at 20:00 CET
where:
https://osmocom.org/OsmoDevCall
This time, @tnt will be presenting on
ice40-usbtrace OSHW USB protocol tracer
In case you never heard about ice40-usbtrace before: It's a low-cost
full-speed USB protocol tracer built around the iCE40 FPGA.
This meeting will have the following schedule:
20:00 meet + greet
20:10 presentation as outlined above
21:00 unstructured supplementary social event [*]
Attendance is free of charge and open to anyone with an interest
in Osmocom or open source cellular technologies.
More information about OsmoDevCall, including the schedule
for further upcoming events can be found at
https://osmocom.org/projects/osmo-dev-con/wiki/OsmoDevCall
Looking forward to meeting you soon!
Best regards,
Harald
[*] this is how we started to call the "unstructured" part of osmocom
developer conferences in the past, basically where anyone can talk about
anything, no formal schedule or structure.
--
- Harald Welte <laforge(a)osmocom.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Hi all,
I was thinking about how to deal with the so called "evil twins" in the
distributed hlr, and also how to have a subscriber-create-on-demand
situation at the same time as a having an mslookup client.
The problem being that if we have mslookup client + fallback to
create-on-demand if no HLR responds for an IMSI, we will eventually
create a duplicate because the HLR that owns the IMSI is not contactable
at the time of an IMSI ATTACH attempt.
Anyway, just in terms of investigating the situation on my HLRs, I added
features [1] - so far, an ability to do a gsup.hlr lookup and not exit
on the first age:0 - so that I can see all HLRs that respond as having
the imsi in local HLR, and also to ask via mDNS for HLRs that have an
IMSI, but only if it's active on that HLR, that is, it has nam_cs/nam_ps
So this is really asking about what people feel about expanding the
D-GSM features in osmo-hlr, as I think it may be the case that
rhizomatica/TIC are the only people that use it?
[1] https://gitlab.tic-ac.org/rhizomatica/osmo-hlr