GTP session plugin

["POZUELO Gloria (BCS/PSD)" <gloria.pozuelo () bics com>]

Hi all,

I get in touch with you, since I would like to develop a new plugin for GTP protocol (V1 and V2 versions). This 
functionality would consists of looking for all messages that belongs to the same session.  For instance: you select 
from 1 to N Create Session Request or Create PDP Context and all the information about those sessions will be shown, 
this way you could export those specific packets.

I don't know if someone is developing this feature or maybe it's not possible to develop this utility. I know that the 
procedure would be something similar to this:

-          Create Session Request or Create PDP Context Request with IMSI = IMSI + date ranges

-          Grab the IP and sequence number. The response must be accepted

o   Grab IPs and TEIDs from all control/bearers => session FTEIDs

-          Look for all messages with:

o   IP dest + TEID Header in session FTEIDs

o   Grab Create Bearer/Modify Bearer/Update PDP context, etc and update session FTEIDs

o   When the message is a request, the response must be searched by IP + SN (Header TEID can be = 0) in a maximum 
period of time

o   When the session is closed...cancel it as of X seconds.

Some advice would be appreciated and if someone is developing or have had any experiences trying to develop it, would 
be useful.

Thank you and regards.

________________________________

**** DISCLAIMER****
http://www.bics.com/maildisclaimer/

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe