Appendix C. Capturing Traffic
Two sources can be used to capture activity on an OpenBTS installation. The IP side of the network can be recorded for debugging or analysis, as can the raw GSM and GPRS radio frames. Unified into a single stream, it provides a very powerful research tool for baseband developers, application authors, and network engineers.
IP Traffic
The first source is the raw IP packets being sent between the individual components of OpenBTS. In addition to VoIP signaling and media streams, there are a multitude of other ports exchanging data. A list of these ports, their settings, and their types can be found in Table A-3.
To capture data from these ports, a small utility named tcpdump
is needed.
It can listen to any network interface on your system and display and/or record the traffic to a file.
Install it now:
$ sudo apt-get install tcpdump
The exact usage of tcpdump is outside of the scope of this book so only a few examples will be presented.
To learn more about it, use the man
(manual) command:
$ man tcpdump
To display (-s0 -A
) all SIP signaling (portrange 5060–5069
) on the console from the local loopback interface (-i lo
), execute the following:
$ sudo tcpdump -i lo -n -s0 -A portrange 5060-5069
Instead of displaying the traced traffic, you can record it in a pcap (packet capture) formatted file.
The Wireshark GUI tool, which is outlined below, uses the pcap format. To record all RTP media (portrange 16484–16584
) to a file (-w rtp.pcap
), execute the following:
$ sudo ...
Get Getting Started with OpenBTS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.