OpenLI Testing Tools
From neil.tappsville.com
Jump to navigationJump to searchContents
OpenLI Testing Tools
General Tools
yum install nc tcpdump
Pretending to be an LEA
OpenLI / WAND Libtrace
Supports both HI2 and HI3
Warning: Shares the same code as OpenLI - Validate against the standards / a third party tool
yum install libtrace4-tools sudo tracepktdump etsilive:[IPADDRESS]:[PORT]
HI2 Sample:
Fri Nov 15 15:15:46 2019 Capture: Packet Length: 193/193 Direction Value: -1 ETSILI: pS-PDU: ETSILI: PSHeader: ETSILI: li-psDomainId: 0.4.0.2.2.5.1.17.0 ETSILI: lawfulInterceptionIdentifier: isplabneil2 ETSILI: authorizationCountryCode: NZ ETSILI: communicationIdentifier: ETSILI: networkIdentifier: ETSILI: operatorIdentifier: RSP123 ETSILI: networkElementIdentifier: ABC ETSILI: communicationIdentifier: 781285540 ETSILI: deliveryCountryCode: NZ ETSILI: sequenceNumber: 17 ETSILI: interceptionPointID: liprov1 ETSILI: microSecondTimeStamp: ETSILI: seconds: 1573784146 ETSILI: microSeconds: 257600 ETSILI: timeStampQualifier: timeOfInterception ETSILI: Payload: ETSILI: iRIPayloadSequence: ETSILI: IRIPayload: ETSILI: iRIType: IRI-Continue ETSILI: iRIContents: ETSILI: iPIRI: ETSILI: iPIRIObjId: .5.3.10.1 ETSILI: iPIRIContents: ETSILI: accessEventType: interimUpdate ETSILI: targetUsername: CUSTOMER12345768 ETSILI: internetAccessType: Fiber ETSILI: pOPPortNumber: 816 ETSILI: octetsReceived: 78442 ETSILI: octetsTransmitted: 78280 ETSILI: pOPIdentifier: ETSILI: printableIDType: isp-bng-2 ETSILI: pOPIPAddress: ETSILI: iP-type: IPv4 ETSILI: iP-value: ETSILI: iPBinaryAddress: 100.100.10.10 ETSILI: iP-assignment: Not Known ETSILI: iPv4SubnetMask: 255.255.255.255
Cyberprobe
We only use a small part of the tool - but it will accept all HI3 IP CC packets and pipe it out in pcap format.
wget https://github.com/cybermaggedon/cyberprobe/releases/download/v1.9.11/centos-cyberprobe-1.9.11-1.el7.centos.x86_64.rpm yum install centos-cyberprobe-1.9.11-1.el7.centos.x86_64.rpm etsi-rcvr 44444 | tcpdump -n -r