* initialize some data structures before using them in RSL
* DATA_REQ is a transparent message
* more elaborate DEBUGP statements here and there
* don't call 04.08 with zero-length RSL DATA INDICATION
* reject 04.08 CC HOLD and RETRIEVE, as we don't support them yet
- Fix the length (almost)
- Move the second part by 8 - b_off
e.g. with (ba) 0x62 0x61 the first bit of
0x61 goes to the highest on the first byte and
the second word contains 0x110000...
- The simple test case is almost passed... just a missing
character at the end.
- created for the creation of the SMS
- sent the time the message was submitted
- sender_id the subscriber for the return path/report
- receiver_id the subscriber
- header the (optional) SMS PDU header
- payload the payload (utf8), raw data
Apparently the BS-11 sends soem undocumented cause 0x18 as part of a CONN FAIL IND message
shortly after we establish the call. If we close the channel, the voice call
is aborted. If we ignore the message, everything just continues to work.
* add the concept of commands in addition to options
* add commands for querying essential configuration
* add command for explicit create/delete of TRX1
* software download is now an explicit operation
* correctly lchan_put the second lchan of a call at teardown
* map the RTP streams of ip.access onto each other
* fix bug that prevented a CONNECt message to ever reach the 'B' side
* initiate phone calls from one MS
* look-up the subscriber based on dialled extension
* page the called subscriber
* send the SETUP to the called subscriber, including CLIP/CLIR
* get ALERTING notification back to caller
* relay DISCONNECT from either side to the other
This is still far from being complete, but it at least works for the most common case
with the signals, but I think paging always has one reason and thus one caller wants to
get notified about completion, including a caller-specific context, etc)
* introduce TLV parser definitions for GSM 04.08
* parse and generate BCD number IE's for 04.08 call control
* introduce new notion of subsystem in addition to signal number
* no need for bitmasks of 'areas' (aka subsystems)
* pass subsystem/signal_nr/... per argument rather than by data structure
* remove old code
* ensure that the default BTS type really is BS-11
* document the '-t' commandline argument in the --help message
With this commit, I can get the nanoBTS 900 working with OML and RSL, register
to the network from phones. Paging is not tested yet, and voice traffic handling
is completely missing..
* implement TLV type descriptions for NM
* add operational/administrative/availability state keeping logic to abis_nm
* explicitly print all NACK's in abis_nm
* make sure we produce [not just for BS-11] valid channel attributes
This is removing a memleak, saving some mallocs and a crash
in the timer expired function that attempted to remove the
paging_request from a list it was not in....
Assign the GSM subscriber to the lchan and then inform
the paging layer and dispatch a signal. This makes sure
that lchan is updated with the right kind of information.
This will be used for generic registration and dispatching
of any kind of event. We will have different areas (like
with the debug interface) and each layer can define their
own struct for the event message... This is not tested yet
Set the threshold to 0% for the load indication. The paging buffer
space will be used by the paging notifications and we will ignore
the racch usage notification for now.
Start with a large number of available slots. It is guranteed
that we will - at some point - get a paging load and will properly
update the counter and keep it updated.
channel to another one (simple voice call switching)
* add a way more generic E1 input layer, abstracting out the misdn
low-level interface. This also adds infrastructure for multiple TRX
in one BTS, as well as multiple BTS on one E1 link
* add a E1 subchannel multiplexer for sending multiple 16kbit sub-channels
one one 64kBps E1 channel
* add TRAU IDLE frame generation
* terminate bsc_hack in case there is a E1 / mISDN init error
* introduce 'e1_config.c' file with static configuration of our
E1 setup (which TRX/BTS is configured for which TEI/SAPI/E1). This should
later become a config file rather than a compiled C file.
WARNING: all this compiles but is not tested yet. Expect fix-up committs over
the next hours or so
After auto releasing a channel the next paging request will
not be immediately answered. The hypothesis was that we do
not release the channel properly. Implementing Channel Release
of GSM 04.08 should have fixed it, but it didn't. According
to the wireshark dissectors the message is correct though.
- Add the RR cause values to gsm_04_08.
- Implement the Channel Release message
- Invoke the release channel function before deallocating
the lchan.
There is a 1:1 relationship between gsm_bts and the paging
operation. Move the paging state into the gsm_bts which is
simplfying the code a lot. This was hinted by LaF0rge.
(I'm not happy with the names of the structs)
In our setup (1xCCCH combined, BS_AG_BLKS_RES=0,
BS_PA_MFRMS=0x3 -> 5) we have MAX(1,3-0) * 5 paging
sub-channels. Using this 15 I was able to successfully page
my phone/IMSI (934%15 -> 4).
My confusion is coming from the terms used for paging throughout
the documentation. GSM05.02 6.5.2 talks about "N = number of
paging blocks 'available' on one CCCH = (number of paging blocks
'available' in a 51-multiframe on one CCCH)xBS_PA_MFRMS" which
is already misguiding and GSM04.08 is talking about number of
different paging subchannels on the CCCH and is providing a
formula.
I deduct that N == number of different paging subchannels on the CCCH
as of GSM04.08 and will simply test this with different IMSIs and
see if I can page them as well.
- The paging block calculation is wrong but I have a hard time finding
the right information. The table of 05.02 (Table 5 of 9) looks good
but my phone is not happy with that group...
- Initialize Control Channel Description of SI3
- Patch the table
- Setting ATT now is easy
- Paging can now extract all required information... to determine
the right paging group.
* new abis_nm_bs11_bsc_disconnect() function to disconnect BSC/BTS link
* add support for 'forced load' of BS-11 software to abis_nm.c and bs11_config
* remove lots of debug output
* print progress during software load
* add more BS11 specific attributes
* define all valid BS11 PA power classes
* add callback function to software load
* introduce SWL load function for BS-11 style SWL file lists
* separate activation of software from loading of software
* add function to obtain BS-11 serial number
* disable serial port POST processing
* default delay is 0
* make window size user-configurable (default: 8)
* add missing help line for the --delay option
* don't forget to create the CCLK object as part of minimal config
The TMSI encoding is up to us but generate_mid_from_tmsi and mi_to_string
did not agree on the encoding. Adjust mi_to_string to properly decode the
TMSI generated by generate_mid_from_tmsi. Check that the four bits are '1111'
and that the length is five. Memcpy the bytes to tmsi (to work with ARM or such)
and convert the number to host order...
Implement the CM Service Request. Try to get the subscriber from the TMSI and
assign it to the gsm_lchan. There is a small issue that will be fixed in the
next commit.
(done by z.)
Be able to send Accept/Reject the Service Request. Use mi_string
instead of the the msgb buffer (even if it is memsetted and such)...
The TMSI allocation seems to be a bit problematic and needs some
further checking. The rough idea is that we try to find the subscriber
for a CM Service Request and then decide based on the subscriber
if we want to handle the call.
It is possible that the BTS is closing the channel even when
our upper layers are doing work. Reset the use_count add a fixme
to call cancellations for pending operations. Cancellation of the
call state (state machines in general) and such come into mind...
Increase when the refcount of the lchan when we initiate a call,
get a SETUP message and put it when we want to release the call...
Once we have proper Q.931 support the use/put needs to be improved,
e.g. we currently do not allow to hangup from the network, and it
will ring until the end of time...
Wrote and test code to add and remove paging requests... This
will be using the fact that the linux list is building a circle
on each tick we can send one/x paging requests and continue round
robin...
You can request to open a channel to a MS and the paging layer
will call you once the channel is allocated. Internally the CCCH
Load Indication will be handled and retry to page a terminal.
It looks like that certain phones that send their old TMSI from
a different network and we assign them a new one with LOCATION
UPDATING ACCEPT will send us a TMSI Reallocation Complete. Print out
the the imsi.
Add the -f option to use a different channel. This is done
by patching the various tables before the OML and RSL is brought
up. It looks like it is working...
Patch by Harald, moving of the patch_tables invocation by zecke
Remove the callbacks from gsm_network for now. A set of different
callbacks will be back. E.g. when the paging is completed, when the
Q.931 like call handling is there...
Remove var's or move them into #if 0, remove unused stuff that looks
like we do not need it anytime soon or #if 0 them, move stuff around.
Allow to change the refcount for a given channel. Store which
bts is our primary bts. A command to switch the primary bts will
be added as well. This makes entering and parsing of commands more
easy.
Really compare pointers to check if the one gsm_subscriber
is equal to the other... gsm_subscriber should be unique for
a given IMSI so comparing the pointers should be fine.
Removing the P Bit from the fake LAPD frame will make wireshark
run the data through the GSM RSL dissector with the right SAPI
and LAPD preference setting.
We need to append the Linux LAPD header for wireshark. This means
that we currently can not support B Channels or such. Maybe we will
need to add another LAPD header.
Make sure that del_timer succeeds and removes an entry from the list. Currently
sending the LOCATION UPDATING REJECT from within the timer will not remove the
list element as ->active gets set to 0 in the timer updating before calling the
callback. Fix the segfault and allow the timer to be removed from within its
own callback.
This might turn into a complete wire protocol with special
client software. For now it will be a simple client interface
that you can use with telnet to do certain things.
This is using flex to implement the parsing. Implementation
and more commands will follow.
The current LAPD control field for indication/disconnect/etc
is wrong and currently we are only interested in the actual
A-Bis data spoken between the BTS and BSC and not on the indication
of the physical line (connection, disconnect, release..)
When using ISDN as network type and using a fake LAPD encapsulation
wireshark should be able to recognize some bits if dump.
Append a dummy LAPD header. It is not clear to me if the Control field
of the LAPD frame is part of the msg or if we need to add it as well.
TODO:
- Do the same for the B Channel
- Write out time
- Check if more of the LAPD frame needs to be prepended. The
information from the mISDNhead comes into mind. Maybe it makes
sense to start a custom wireshark mISDN dissector.
gsm_subscriber is now refcounted, the db backend is leaking
a lot less, db_get_subscriber will allocate the subscr record
now, subscr_* will look up a subscriber in the list of currently
active subscribers and add an ref to this one.
The db test cases pass, more testing will be when next to the bts
Call use_lchan early in allocate_loc_updating_req, do not directly call
rsl_chan_release but go through channel alloc to take the use_count into
account.
As reported by the operator the rejecting didn't work after the
first fix (wrong logic/missing negation). The hypothesis is that
that the lchan was released before the reject timeout was fired.
Fix it by getting a reference on the lchan when allocating a
logical operation and release the reference when the operation
is finished or timed out.
We are going to have logical operations like Phone Call, SMS,
Paging, Updating Request on a logical channel and for each of
these operations we might need to store state. For now pointers
in gsm_lchan look like the best way of doing this and we start
by introducing an operation for the location updating request.
The new flow of things are:
- We get the location updating request and update/create
the subscriber and maybe send the identity requests to
the mobile station
- We start the updating timer, if it times out we will
reject the mobile station.
- Once we get the Identity Responses we have asked for
and the reject timer did not fire yet we might accept
the user.
When a channel is allocated, start a timeout, when a lchan_use
is used the timer will be restarted, when the timeout fires
we will try to recycle or restart the timer.
I removed gsm48_sendmsg(msg) when removing the send_sms from the
_acc method. This is obviously wrong. Fix the regression, spotted
while testing with LaF0rge. This regression was introduced in r120.
gsm_data.h add new callbacks, add some parameters, update bsc_hack and
other call sites.
Remember that we need to ACCEPT/REJECT the LOCATION UPDATE REQUEST and
then send the ACCEPT or schedule the sending of the reject. Currently
it is possible that for a new subscriber that we do not have a !subscbr
yet, we will trigger an IDENTITY REQUEST and schedule the reject timer.
This may lead to rejecting AND accepting (a new subscriber). This issue
is triggered when allowing everyone to connect to the network.
On channel allocation the bsc_hack added a cookie to the lchan on
ack and nack we will take a look and then assume it is the channel
we have allocated. This can be easily exploited by a MS sending fake
responses to paging commands. After the channel has been acked we would
have to ask for the tmsi or find the information on the channel
allocation. For now we will guess.
Currently it is not possible to know for which tmsi the channel
is going to be allocated. The bsc_hack will guess.. in the future
it might be forced to ask for the tmsi after the channel has been
opened...
Add a callback to the gsm_network. When updating the location and
assigning a new tmsi callback into the bsc_hack.c and have a queue
of mobile stations to page, allocate a channel for and ultimately
dial.