* keep track of site_id/bts_id in struct gsm_bts
* dynamically match incoming OML/RSL over TCP connections by BTS Unit ID
* introduce new debug category DINP (separate from DMI for hexdumps)
* remove ia_config() as it is no longer needed
*
* ensure that signalling links / E1 line information is correctly printed
* when bootstrapping RSL or OML, tell us for which BTS it is being doen
* separate bootstrap_bts() out from bootstrap_network()
* statically configure two ip.access BTS, one with unit id's 1800/0/0 and 1801/0/0
Patch by Andreas Eversberg to automatically release
layer2 on exit of the application. Made the naming of
the variables consistent (only release_l2 and not both
release_l2 and l2_release).
Kill mi_set_pcap_fd from the header, introduce e1_set_pcap_fd
and call it from bsc_hack.c. Hook into abis_rsl_sendmsg and
_abis_nm_sendmsg for sending and e1inp_rx_ts for reading. It compiles
and should not cause a regression.
* gsm_util now uses caller-allocated data (rather than callee-allocated)
* correctly parse destination address
* parse (but not transcode) non-default encodings of SMS
* reject SMS to unknown destination number
* resolve target subscriber id and store incoming SMS (without header) in 'sms' table
What we're now missing is the sending part, i.e. a regular task iterating over
all pending SMS and trying to deliver them. Also, check for pending SMS once
we get a LOCATION UPDATE.
* initialize some data structures before using them in RSL
* DATA_REQ is a transparent message
* more elaborate DEBUGP statements here and there
* don't call 04.08 with zero-length RSL DATA INDICATION
* reject 04.08 CC HOLD and RETRIEVE, as we don't support them yet
* correctly lchan_put the second lchan of a call at teardown
* map the RTP streams of ip.access onto each other
* fix bug that prevented a CONNECt message to ever reach the 'B' side
* initiate phone calls from one MS
* look-up the subscriber based on dialled extension
* page the called subscriber
* send the SETUP to the called subscriber, including CLIP/CLIR
* get ALERTING notification back to caller
* relay DISCONNECT from either side to the other
This is still far from being complete, but it at least works for the most common case
* introduce new notion of subsystem in addition to signal number
* no need for bitmasks of 'areas' (aka subsystems)
* pass subsystem/signal_nr/... per argument rather than by data structure
* implement TLV type descriptions for NM
* add operational/administrative/availability state keeping logic to abis_nm
* explicitly print all NACK's in abis_nm
* make sure we produce [not just for BS-11] valid channel attributes
This will be used for generic registration and dispatching
of any kind of event. We will have different areas (like
with the debug interface) and each layer can define their
own struct for the event message... This is not tested yet
Start with a large number of available slots. It is guranteed
that we will - at some point - get a paging load and will properly
update the counter and keep it updated.
channel to another one (simple voice call switching)
* add a way more generic E1 input layer, abstracting out the misdn
low-level interface. This also adds infrastructure for multiple TRX
in one BTS, as well as multiple BTS on one E1 link
* add a E1 subchannel multiplexer for sending multiple 16kbit sub-channels
one one 64kBps E1 channel
* add TRAU IDLE frame generation
* terminate bsc_hack in case there is a E1 / mISDN init error
* introduce 'e1_config.c' file with static configuration of our
E1 setup (which TRX/BTS is configured for which TEI/SAPI/E1). This should
later become a config file rather than a compiled C file.
WARNING: all this compiles but is not tested yet. Expect fix-up committs over
the next hours or so
After auto releasing a channel the next paging request will
not be immediately answered. The hypothesis was that we do
not release the channel properly. Implementing Channel Release
of GSM 04.08 should have fixed it, but it didn't. According
to the wireshark dissectors the message is correct though.
- Add the RR cause values to gsm_04_08.
- Implement the Channel Release message
- Invoke the release channel function before deallocating
the lchan.
There is a 1:1 relationship between gsm_bts and the paging
operation. Move the paging state into the gsm_bts which is
simplfying the code a lot. This was hinted by LaF0rge.
(I'm not happy with the names of the structs)
- The paging block calculation is wrong but I have a hard time finding
the right information. The table of 05.02 (Table 5 of 9) looks good
but my phone is not happy with that group...
- Initialize Control Channel Description of SI3
- Patch the table
- Setting ATT now is easy
- Paging can now extract all required information... to determine
the right paging group.
For finding the right paging group one needs to know various
settings that are broadcasted as part of system settings 3. This
includes the CCCH Conf, the BS_PA_MFRMS, BS_AG_BLKS_RES.... The
next step will be to move away from the hardcoded System Settings 3
so one can calculate the paging group...
* new abis_nm_bs11_bsc_disconnect() function to disconnect BSC/BTS link
* add support for 'forced load' of BS-11 software to abis_nm.c and bs11_config
* remove lots of debug output
* print progress during software load
* add more BS11 specific attributes
* define all valid BS11 PA power classes
* add callback function to software load
* introduce SWL load function for BS-11 style SWL file lists
* separate activation of software from loading of software
* add function to obtain BS-11 serial number
Be able to send Accept/Reject the Service Request. Use mi_string
instead of the the msgb buffer (even if it is memsetted and such)...
The TMSI allocation seems to be a bit problematic and needs some
further checking. The rough idea is that we try to find the subscriber
for a CM Service Request and then decide based on the subscriber
if we want to handle the call.
Wrote and test code to add and remove paging requests... This
will be using the fact that the linux list is building a circle
on each tick we can send one/x paging requests and continue round
robin...
You can request to open a channel to a MS and the paging layer
will call you once the channel is allocated. Internally the CCCH
Load Indication will be handled and retry to page a terminal.
Remove the callbacks from gsm_network for now. A set of different
callbacks will be back. E.g. when the paging is completed, when the
Q.931 like call handling is there...
Remove var's or move them into #if 0, remove unused stuff that looks
like we do not need it anytime soon or #if 0 them, move stuff around.
Allow to change the refcount for a given channel. Store which
bts is our primary bts. A command to switch the primary bts will
be added as well. This makes entering and parsing of commands more
easy.
Really compare pointers to check if the one gsm_subscriber
is equal to the other... gsm_subscriber should be unique for
a given IMSI so comparing the pointers should be fine.
Make sure that del_timer succeeds and removes an entry from the list. Currently
sending the LOCATION UPDATING REJECT from within the timer will not remove the
list element as ->active gets set to 0 in the timer updating before calling the
callback. Fix the segfault and allow the timer to be removed from within its
own callback.
This might turn into a complete wire protocol with special
client software. For now it will be a simple client interface
that you can use with telnet to do certain things.
This is using flex to implement the parsing. Implementation
and more commands will follow.
When using ISDN as network type and using a fake LAPD encapsulation
wireshark should be able to recognize some bits if dump.
Append a dummy LAPD header. It is not clear to me if the Control field
of the LAPD frame is part of the msg or if we need to add it as well.
TODO:
- Do the same for the B Channel
- Write out time
- Check if more of the LAPD frame needs to be prepended. The
information from the mISDNhead comes into mind. Maybe it makes
sense to start a custom wireshark mISDN dissector.
gsm_subscriber is now refcounted, the db backend is leaking
a lot less, db_get_subscriber will allocate the subscr record
now, subscr_* will look up a subscriber in the list of currently
active subscribers and add an ref to this one.
The db test cases pass, more testing will be when next to the bts
Call use_lchan early in allocate_loc_updating_req, do not directly call
rsl_chan_release but go through channel alloc to take the use_count into
account.
We are going to have logical operations like Phone Call, SMS,
Paging, Updating Request on a logical channel and for each of
these operations we might need to store state. For now pointers
in gsm_lchan look like the best way of doing this and we start
by introducing an operation for the location updating request.
The new flow of things are:
- We get the location updating request and update/create
the subscriber and maybe send the identity requests to
the mobile station
- We start the updating timer, if it times out we will
reject the mobile station.
- Once we get the Identity Responses we have asked for
and the reject timer did not fire yet we might accept
the user.
When a channel is allocated, start a timeout, when a lchan_use
is used the timer will be restarted, when the timeout fires
we will try to recycle or restart the timer.
gsm_data.h add new callbacks, add some parameters, update bsc_hack and
other call sites.
Remember that we need to ACCEPT/REJECT the LOCATION UPDATE REQUEST and
then send the ACCEPT or schedule the sending of the reject. Currently
it is possible that for a new subscriber that we do not have a !subscbr
yet, we will trigger an IDENTITY REQUEST and schedule the reject timer.
This may lead to rejecting AND accepting (a new subscriber). This issue
is triggered when allowing everyone to connect to the network.
On channel allocation the bsc_hack added a cookie to the lchan on
ack and nack we will take a look and then assume it is the channel
we have allocated. This can be easily exploited by a MS sending fake
responses to paging commands. After the channel has been acked we would
have to ask for the tmsi or find the information on the channel
allocation. For now we will guess.
Currently it is not possible to know for which tmsi the channel
is going to be allocated. The bsc_hack will guess.. in the future
it might be forced to ask for the tmsi after the channel has been
opened...
Add a callback to the gsm_network. When updating the location and
assigning a new tmsi callback into the bsc_hack.c and have a queue
of mobile stations to page, allocate a channel for and ultimately
dial.
system information type 4 is a bit tricky as it has
a variable length and is terminated by a manadantory field.
System Information Type 6 has a mandantory SI 6 Reset Octet
but our BTS is happy with not receiving it. Make it optional
by the adding a 'pointer'.
System Information Type 5 and System Information Type 6 are
send through rsl_sacch_filling and it looks like we do not
need to send the L2 pseudo length. So far we have not found
the documentation confirming this. This is why the header
from Type 1 to Type 4 is not used.
Use strdup to be able to use strtok on the category string and add
a test case. Also safe some more information to be able to use color
in the print statement.
One can use add_timer or schedule_timer to add a timer. After
the timeout time has been reached the callback will be called.
One can call add_time/schedule_timer and del_timer from within
the callback.
* initialize OML and RSL based on TEI establish (ACTIVATE_IND) events
* fix abis_nm_raw_msg() to not overwrite the OML header with payload
* fix debug print statements
* fix msgb_dequeue: actually dequeue it from the list ;)