Difference between revisions of "OpenLI Testing Tools"
From neil.tappsville.com
Jump to navigationJump to searchm |
m |
||
Line 8: | Line 8: | ||
===Pretending to be an LEA=== | ===Pretending to be an LEA=== | ||
− | + | ====OpenLI / WAND Libtrace==== | |
+ | Supports both HI2 and HI3 | ||
+ | |||
Warning: Shares the same code as OpenLI - Validate against the standards / a third party tool | Warning: Shares the same code as OpenLI - Validate against the standards / a third party tool | ||
<pre> | <pre> | ||
Line 60: | Line 62: | ||
</pre> | </pre> | ||
− | Cyberprobe | + | ====Cyberprobe ==== |
We only use a small part of the tool - but it will accept all HI3 IP CC packets and pipe it out in pcap format. | We only use a small part of the tool - but it will accept all HI3 IP CC packets and pipe it out in pcap format. | ||
<pre> | <pre> |
Revision as of 20:27, 26 November 2019
Contents
OpenLI Testing Tools
General Tools
yum install nc tcpdump
Pretending to be an LEA
OpenLI / WAND Libtrace
Supports both HI2 and HI3
Warning: Shares the same code as OpenLI - Validate against the standards / a third party tool
yum install libtrace4-tools sudo tracepktdump etsilive:[IPADDRESS]:[PORT]
HI2 Sample:
Fri Nov 15 15:15:46 2019 Capture: Packet Length: 193/193 Direction Value: -1 ETSILI: pS-PDU: ETSILI: PSHeader: ETSILI: li-psDomainId: 0.4.0.2.2.5.1.17.0 ETSILI: lawfulInterceptionIdentifier: isplabneil2 ETSILI: authorizationCountryCode: NZ ETSILI: communicationIdentifier: ETSILI: networkIdentifier: ETSILI: operatorIdentifier: RSP123 ETSILI: networkElementIdentifier: ABC ETSILI: communicationIdentifier: 781285540 ETSILI: deliveryCountryCode: NZ ETSILI: sequenceNumber: 17 ETSILI: interceptionPointID: liprov1 ETSILI: microSecondTimeStamp: ETSILI: seconds: 1573784146 ETSILI: microSeconds: 257600 ETSILI: timeStampQualifier: timeOfInterception ETSILI: Payload: ETSILI: iRIPayloadSequence: ETSILI: IRIPayload: ETSILI: iRIType: IRI-Continue ETSILI: iRIContents: ETSILI: iPIRI: ETSILI: iPIRIObjId: .5.3.10.1 ETSILI: iPIRIContents: ETSILI: accessEventType: interimUpdate ETSILI: targetUsername: CUSTOMER12345768 ETSILI: internetAccessType: Fiber ETSILI: pOPPortNumber: 816 ETSILI: octetsReceived: 78442 ETSILI: octetsTransmitted: 78280 ETSILI: pOPIdentifier: ETSILI: printableIDType: isp-bng-2 ETSILI: pOPIPAddress: ETSILI: iP-type: IPv4 ETSILI: iP-value: ETSILI: iPBinaryAddress: 100.100.10.10 ETSILI: iP-assignment: Not Known ETSILI: iPv4SubnetMask: 255.255.255.255
Cyberprobe
We only use a small part of the tool - but it will accept all HI3 IP CC packets and pipe it out in pcap format.
wget https://github.com/cybermaggedon/cyberprobe/releases/download/v1.9.11/centos-cyberprobe-1.9.11-1.el7.centos.x86_64.rpm yum install centos-cyberprobe-1.9.11-1.el7.centos.x86_64.rpm etsi-rcvr 44444 | tcpdump -n -r