Hi all,
I get in touch with you, since I would like to develop a new plugin for GTP protocol (V1 and V2 versions). This functionality would consists of looking for all messages that belongs to the same session. For instance: you select from 1
to N Create Session Request or Create PDP Context and all the information about those sessions will be shown, this way you could export those specific packets.
I don’t know if someone is developing this feature or maybe it’s not possible to develop this utility. I know that the procedure would be something similar to this:
-
Create Session Request or Create PDP Context Request with IMSI = IMSI + date ranges
-
Grab the IP and sequence number. The response must be accepted
o
Grab IPs and TEIDs from all control/bearers => session FTEIDs
-
Look for all messages with:
o
IP dest + TEID Header in session FTEIDs
o
Grab Create Bearer/Modify Bearer/Update PDP context, etc and update session FTEIDs
o
When the message is a request, the response must be searched by IP + SN (Header TEID can be = 0) in a maximum period of time
o
When the session is closed…cancel it as of X seconds.
Some advice would be appreciated and if someone is developing or have had any experiences trying to develop it, would be useful.
Thank you and regards.
