Fair enough. Thanks for your time and comments. El 22/3/2016 15:15, "Harald Welte" laforge@gnumonks.org escribió:
Hi Manuel,
On Tue, Mar 22, 2016 at 02:18:48AM +0100, Manuel José Muñoz Calero wrote:
Well, the idea was to use libipsec to integrate IPSec functionality into OpenGGSN code, so OpenGGSN itself could set IPSec parameters and start connection.
I don't think this is a good idea at all, sorry.
IPsec is a feature provided by the operating system, and it is very well (and efficiently) handled by doing all the per-packet operations inside the kernel itself. Only the control (key handshake) is done in userspace, and three are several implementations of the IKEv1/IKEv2 protocols out there. There's no need to replicat that functionality in OpenGGSN.
What about writting a GTP traffic open source analyzer? I started writting it a couple of years ago. I used tcpdump output and parsed it with awk and got statistics about
many
things (especially errors, packets per protocols counting...). It could be written in C this time.
I suggest you to have a look at the wireshark infastructure in the 'Statistics' / 'Telephony' menus. They do pretty nice for other protocols like TCP or SIP.
--
- Harald Welte laforge@gnumonks.org
============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)