Fun with GSM…
In the last couple of weeks I was traveling, searching a flat (a total failure so far), working on the Android Project, something else and of course GSM. I am having fun kicking another blackbox and try to figure out why it is catching fire and starts burning.
We assume this is related to GPRS (that got recently added to OpenBSC thanks to the sponsoring of On Waves) and something within the UDP messages we send. Now the GPRS protocol sandwhich can compete with the Whopper 7. We do have UDP, then NS, then BSSGP, then LLC and as the BTS is crashing it has failures handling UDP, NS or BSSGP. Of course we are using the excellent Wireshark and filter the packet dump for malformed but there is nothing that Wireshark is considering malformed… Now Wireshark allows to write dissectors, taps and more with LUA. So my next step was to write some LUA scripts to analyze a stream that makes the BTS crash and one not. The LUA Script can be found inside the OpenBSC git repository.
Today I tried to continue with the BSC/MSC split but there is quite some stuff to fix inside the code before this will become a reality, e.g. in the SMS code we have no place where we consider the task of sending SMS to a subscriber as “done”. Also looking at the many places where we stop a “transaction” makes it highly likely that we do have leaks there…