To capture traffic inside YateENB, the Mobility Management Entity (MME), eNodeB and UE must use EPS encryption algorithm EEA0. This algorithm must be supported by all sides.
EEA0 (EPS Encryption Algorithm 0) doesn’t use ciphering at all.
When ciphering and integrity checking are activated, the UE, MME and eNodeB can select an appropriate EPS Encryption Algorithm (eea0, eea1, eea2, eea3) and an EPC Integrity Algorithm (eia1, eia2) from a list of algorithms that are supported by both sides.
YateUCN MME configuration
In [mme] section of yateucn.conf file add the following lines:
[mme] ; UCN tells the eNodeB to use EEA0 cipher_algos=EEA0 ; eNodeB will tell the UE to use EEA0 enb_cipher_algos=EEA0
To activate the changes reload yateucn from rmanager or restart yate-ucn.service and reattach UE to the eNodeB.
ssh yatebts@YOUR_LABKIT_IP -p 54321
The password is the serial number printed on the front plate on your LabKit.
This step is necessary in order to subsequently get the capture file on your workstation. (You only need to do this step once.)
2.1. Go to the Web root:
2.2 Switch to root (same password as the yatebts user) and create a directory with a meaningful name, such as pcap or wireshark, in your web root. Go to the directory, to create the capture file there,
su mkdir YOUR_DIRECTORY cd YOUR_DIRECTORY
telnet localhost 5037
enb capture start mac 23234
This will route the radio traffic to UDP port 23234. You should get an OK answer from the rmanager.
Exit Telnet (
CONTROL + C). Change user to root to be able to initiate the capture:
su on LabKit’s, with the same password as the yatebts user.
tcpdump -i any not tcp -w YOUR_FILENAME.pcap
Start using the UE. When you’re done, abort the capture with
CONTROL + C. The capture should be in the root of your LabKit Web server.
In order to be able to perform the analysis you have to transfer the capture file to your workstation.
To do so, type YOUR_LABKIT_IP:2080/YOUR_DIRECTORY in your WWW browser location bar.
Now you should be able to click on your file and download it on your workstation.
- Source of LCID -> drb channel settings: check From configuration protocol
- Which layer info to show in info column: check RLC info