Ask Your Question
0

How can I capture and analyse LTE packets using Wireshark and LTE modem ?

asked 2018-09-16 16:39:53 +0000

this post is marked as community wiki

This post is a wiki. Anyone with karma >750 is welcome to improve it.

Is it possible to analyse LTE packets using Wireshark. I'm having trouble using Wireshark to capture mobile LTE traffic. I ma using MacBook also and LTE modem.

Do I need specific configuration to capture LTE traffic on Wireshark. Or is it possible this, any idea.

edit retag flag offensive close merge delete

Comments

By "LTE packets" do you mean "IP packets that happen to be transmitted over LTE" or do you mean "packets for the LTE protocols themselves"?

Guy Harris gravatar imageGuy Harris ( 2018-09-16 19:11:52 +0000 )edit

Hi @Guy Harris, thank you for your support. Yes I'm trying to capture LTE packets that are transmited from LTE modem. But I don't see any LTE protocol appeared in Wireshark Protocol list. Just other protocols like TCP, TLSv.1, ICMP, Http. I can't detect protocols like: rlc-lte, mac-lte, pdcpu-lte.

pajtimid gravatar imagepajtimid ( 2018-09-18 18:21:17 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2021-07-28 16:25:02 +0000

Hi I know this is an old post from roughly three (3) years ago but I thought I should weigh in anyhow. :) To capture LTE packets from a UE (mobile cell phone), you can use the Qualcomm tools like the previous person mentioned. You will need to make a direct USB connection to the mobile device from a PC or laptop and use the suite of Qualcomm tools If you are using a LTE modem, this will only be at the OSI lower layer 1 & any sublayers, primarily the physical layer (PHY). This is why you are not seeing the layer 2 protocol stack components (MAC, RLC, PDCP, RRC) for the radio communications between the UE and the eNodeB (base station controller or BBU). The LTE modem is just the connection between the transceiver of the UE and the transceiver of the eNodeB or gNodeB (RRH or RU). Again that is all layer 1. To capture from the MAC layer and higher (Ethernet layer to IP/UDP/GTP-U/IP layers) then you would need access to the S1-U interface (between the eNB and Serving Gateway (S-GW)) for the user plane traffic. For the control plane traffic on the S1-MME interface (between the eNB and Mobility Management Entity (MME)), you need access to the service provider's internal network. If you have access, then you can use Wireshark to read TCPdump captures or tap into the Ethernet traffic promiscuously and capture traffic within Wireshark. Also, be sure to have the latest 3GPP LTE decoder installed and enabled within Wireshark. I hope this clarifies why you LTE modem is not producing the information that you are interested in.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2018-09-16 16:39:53 +0000

Seen: 5,781 times

Last updated: Sep 16 '18