使用SGSNemu来测试PDP上下文激活的技巧

admin

很好的一篇文档，还没来得及翻译。先与大家分享。需使用openggsn工具。我也还没学会，希望大家一起来学习交流哈。

1 Activating pdp context using sgsnemu

1) Check that you can reach GTP vips of GGSN (ping, traceroute). If you plan to use default route for reaching network via PDP context, remember to add more speficic route for GTP addresses in order to avoid recursive routing:

route add -net 192.168.75.0/24 gw 192.168.73.65

2) Create a script for sgsnemu (or optionally give all parameters to command line).

cat sgsnemu_script1.sh

#!/bin/sh sgsnemu --listen 192.168.73.69 --remote 192.168.75.161 --gtpversion=1 --msisdn=46702823458 --imsi=240021523456689 --createif --apn=apntest& sleep 3

#These are addresses we want reach via PDP context. Could also be a default route. route add -net 192.168.0.0 netmask 255.255.255.0 tun0 route add -net 192.168.74.0 netmask 255.255.255.0 tun0 route add -net 172.31.0.0 netmask 255.255.0.0 tun0

3) Activate PDP context using sgsnemu

./sgsnemu_script1.sh

4) Do what ever you need to do, ping, ftp, browsing, port scanning...

2 Activating PDP context over a PDP context

Sometimes operators forget that Gn network and GTP addresses must not be reachable from Gi side, ie those networks MUST be separated.  Following is an example how to test traffic separation remotely, over a PDP context.

Note that if it's possible to activate PDP context over a PDP context, you can also choose APNs not defined to your subcriber profile. If activating PDP context over a PDP context succeeds, there's no traffic separation and network configuration is insecure.

1) Activate PDP context normally with a phone or using GPRS/UMTS modem, USB dongle etc.

wvdial gprs

2) Add routes for GTP addresses via PDP context (ppp interface) route add -net 192.168.75.0 netmask 255.255.255.240 ppp0  

3) Activate PDP context by using sgsnemu, using existing PDP context to reach the GGSN

  3 How to activate PDP context in Linux (using bluetooth):

1) Enable Bluetooth in your laptop and in your phone

2) Find your phone (and it’s blutetooth device address): hcitool scan

3) connect and authorize the phone:

hcitool cc 00:12:EE:30:1D:3C hcitool auth 00:12:EE:30:1D:3C

4) Find the channel for dial-up services Sdptool browse 00:12:EE:30:1D:3C

5) bind the modem to rfcomm rfcomm bind 0 00:12:EE:30:1D:3C 2

6) Activate PDP context wvdial gprs

Below is a sample wvdial.conf that is needed in order to get the wvdial working OK:

cat /etc/wvdial.conf [Modem0] Modem = /dev/rfcomm0 Baud = 115200 SetVolume = 0 Dial Command = ATDT Init1 = ATZ Init3 = ATM0 FlowControl = crtscts

[Dialer gprs] Username = Password = Phone = *99***4# Stupid Mode = 1 Inherits = Modem0

In the sample config it is assumed that the apn is configured to the phone and it's using CID 4. More details and documentation can be found from man pages or from internet. Keywords "gprs bluetooth linux" in google gives lot of hits to different config guidelines, both using wvdial and the older method, chat scripts.

4 Where to obtain sgsnemu

Sgsnemu is old (no updates since 2004) but it is still a usefull tool for testing. Sgsnemu is part of openggsn package and the source can be downloaded from here: http://sourceforge.net/project/showfiles.php?group_id=68956 openggsn can also installed as package to most common linux distributions, such as fedora, ubuntu, debian.

gprssanling

模拟的GGSN，有些局限，用着不舒服啊。