I searched for LTE and found two posts. I want to capture LTE packets (I'm trying to put up a cheap lab for my students) I read some articles, googling around, and found print screens of lte packets captured. I bought a mini modem 4G, enabled lte (rrc, mac, rlc) protocols in Wireshark, but captured no LTE packet. Do I need a special dongle hardware? asked 08 Oct '14, 11:36 Albuquerque converted to question 08 Oct '14, 13:14 grahamb ♦ |
2 Answers:
A commercial LTE modem will only provide a standard network interface and will never allow you to capture LTE packets. To be able to see them, you will need to have access to the proprietary debug tool from the LTE baseband provider, or to purchase a tool like Accuser XCAP, Anite Nemo or any other similar tool. answered 08 Oct '14, 15:44 Pascal Quantin |
The short answer is yes, you need special tools or hardware to capture the radio interface into a .pcap file (eg: I believe Qualcomm QXDM can do it, and some vendor eNodeBs can do it). A USB modem won't work though because the information it passes to the computer is normal PPP traffic. Is the question specific to the radio side? For a lab like that, to do it justice a trace that includes the whole EPS call flow would be ideal I think, to put the radio in context. It's frustrating on my part because I have a wealth of such packet captures but an inability to actually distribute any of them. I did most of a video series on that stuff on Youtube (eg: https://www.youtube.com/watch?v=1h-hyQeqg2Q), but even there I was very limited in terms of actual captures I could use for it. answered 08 Oct '14, 15:56 Quadratic I read about open source LTE HW and SW Do you know any? Maybe airmon-ng people will deploy a new version with LTE, included. Any news about it? Tks, (11 Nov '14, 08:46) Albuquerque I'm not aware of any open source LTE SW stack or HW (while working in the domain since years). I would not put too much hope in such a solution for now. (11 Nov '14, 10:45) Pascal Quantin I'm not aware of any either. In my experience all these tools are very closed source and very expensive. (11 Nov '14, 11:07) Quadratic For a SW LTE stack have a look at: http://www.openairinterface.org/ (16 Jan '15, 04:22) sebastianheld Note that it's a quite lite implementation of an eNB L2/3 (more a demonstration) as the project is more focusing on the PHY aspects. (16 Jan '15, 04:53) Pascal Quantin I am also looking for an alternative to baseband capture without the commitment to Accuser XCAP or Anite Nemo. (27 Mar '17, 13:33) EvelBoDevil showing 5 of 6 show 1 more comments |
Speaking of WiFi, I can capture radio packet headers configuring the card to Monitor Mode.
I thought it would be possible, also, with LTE.
I saw print screens of LTE packets (published on the wiki.wireshark by MartinMathieson) but I don't know what's his e-mail to contact him and ask what hardware/software he used.
I contacted Accuver and Anite, asking for more info and prices. Waiting for their answers.
Thanks for the infos.
Martin works with test tools for LTE eqipment providers I beleve and thuss have access to the signaling trough the tools or the operators.
Encryption might also pose a problem when trying to look at public "radio signaling data"
I would guess at the traces you have seen comes from labs set up to test LTE equipment where the signaling is more optainable and encryption keys are known or encryption not activated.
As Anders says, your best bets are either logging PDUs from test equipment, or use PDUs logged by real equipment, although this may be developer-private and not available to general customers.
Hi Martin. What have you used to capture those LTE protocol packets?
Hi, You are missing the point, we have acces to the network equipment in the LTE network. As you don't it will be very hard to do what you want, if not impossible.