Project

General

Profile

Feature #2841

VTY command to list unauthorized BTSs

Added by laforge 10 months ago. Updated 17 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
-
Start date:
01/18/2018
Due date:
% Done:

100%

Spec Reference:

Description

It would be useful in practical deployments to have a "show ..." command in the vty that shows a list of BTSs that recently tried to connect, even if they were rejected. IT should indicated their IP + Unit ID.

History

#1 Updated by laforge about 2 months ago

  • Assignee set to osmith

So the point here is that there may be BTSs with unit-ids that are not known to / configured in the BSC. The BSC so far simply closes the TCP connection and logs this somehow.

From a UI point of view it would be nice to have something like "ring buffer" of the last N (let's say 25?) unknown BTSs that tried to connect, and have a VTY command to "show" that.

So basically I'd suggest linked list (llist_head) of records containing source-ip, unit-id and timestamp. The list should be limited in length, expiring the oldest record first. And if a record for the given unit-id+IP tuple already exists, only the timestamp is updated. But the details are up to you!

#2 Updated by osmith 24 days ago

  • Status changed from New to In Progress

#3 Updated by osmith 24 days ago

It would probably be useful to have the list sorted by the timestamp in the output.

From what I understand, llist is taken from the Linux source code. Linux has list_sort():

https://github.com/torvalds/linux/blob/master/include/linux/list_sort.h
https://github.com/torvalds/linux/blob/master/lib/list_sort.c

How about we add that to libosmocore?

#4 Updated by laforge 23 days ago

On Tue, Oct 23, 2018 at 02:46:07PM +0000, osmith [REDMINE] wrote:

It would probably be useful to have the list sorted by the timestamp in the output.

possibly.

From what I understand, llist is taken from the Linux source code. Linux has list_sort():

Rather than sorting the list every time you show it, I would simply do a sorted insert. So basically, on every new connection:

  • iterate list to find if existing entry.
    • if yes: unlink it
    • if not: allocate new entry
  • update timestamp of entry
  • do sorted insert by walking the list from front or back, and comparing timestamps

#5 Updated by osmith 23 days ago

  • % Done changed from 0 to 50

Rather than sorting the list every time you show it, I would simply do a sorted insert.

Right, I could just always unlink the entry from the list, when it already exists. Then I don't need sorting at all, because I can always put the new entries on top of the list :)

I'm making good progress, saving the rejected BTS information, keeping the list short and printing it is already working (see output below, the max. entry count is set to 3 here, so the last entry got removed).

Before this is ready, I think we will need a different IP format. Right now I'm using osmo_sock_get_name(), which outputs source and target IP and ports. But to the user, only the IP of the BTS is interesting here. Besides, when the BTS tries to connect again with a different port, then strcmp() on the two IP strings of course reports that they are different, so the duplicate detection doesn't work anymore.

neels proposed osmo_sock_get_name2(), which only returns the IP and does not need to be freed up (how would that work, is the string freed up when the socket is closed?). How about I implement that and use it here?

OsmoBSC> show rejected
Timestamp           Site ID BTS ID IP
------------------- ------- ------ ---------------
2018-10-24 13:24:08    1234      0 (r=192.168.1.178:42798<->l=192.168.1.37:3002)
2018-10-24 13:23:55    1234      0 (r=192.168.1.178:42796<->l=192.168.1.37:3002)
2018-10-24 13:23:44    1234      0 (r=192.168.1.178:42794<->l=192.168.1.37:3002)
OsmoBSC> show rejected
Timestamp           Site ID BTS ID IP
------------------- ------- ------ ---------------
2018-10-24 13:24:19    1234      0 (r=192.168.1.178:42800<->l=192.168.1.37:3002)
2018-10-24 13:24:08    1234      0 (r=192.168.1.178:42798<->l=192.168.1.37:3002)
2018-10-24 13:23:55    1234      0 (r=192.168.1.178:42796<->l=192.168.1.37:3002)

WIP branch: osmith/show-unauthorized-bts

#6 Updated by laforge 23 days ago

On Wed, Oct 24, 2018 at 01:45:25PM +0000, osmith [REDMINE] wrote:

neels proposed osmo_sock_get_name2(), which only returns the IP and does not need to be freed up (how would that work, is the string freed up when the socket is closed?). How about I implement that and use it here?

I would suggest to use osmo_sock_get_local_ip() and osmo_sock_get_remote_ip() which is more descriptive in
terms of naming. While at it, it may make sense to also create get_{local,remote}_ip_port() functions in the same spirit.

#7 Updated by osmith 22 days ago

  • % Done changed from 50 to 80

Good idea, I went with your naming. In order to not have the same code four times I wrapped it around an internal function though.
https://gerrit.osmocom.org/#/c/libosmocore/+/11455

When this patch is merged, the patch for this issue can be submitted.

#8 Updated by osmith 18 days ago

  • % Done changed from 80 to 90

Here's the patch for "show rejected":
https://gerrit.osmocom.org/#/c/osmo-bsc/+/11493/

#9 Updated by neels 18 days ago

laforge wrote:

On Wed, Oct 24, 2018 at 01:45:25PM +0000, osmith [REDMINE] wrote:

neels proposed osmo_sock_get_name2(), which only returns the IP and does not need to be freed up (how would that work, is the string freed up when the socket is closed?). How about I implement that and use it here?

I would suggest to use osmo_sock_get_local_ip() and osmo_sock_get_remote_ip() which is more descriptive in
terms of naming. While at it, it may make sense to also create get_{local,remote}_ip_port() functions in the same spirit.

To answer the question, we just use static char[] buffers to return string. And yes, that's neither threadsafe nor can we use that function twice within one printf(); that's "intended".
See for example osmo_plmn_name().

Those other names are better, but so far osmo_sock_get_name() composes a complete description like "l=1.2.3.4:5<->r=6.7.8.9:10", which is handy ... with the more descriptive names the caller would write out the format manually, also fine and more flexible API (as long as each use separate static char buffers; ... return the ports as uint16_t though of course).

#10 Updated by osmith 17 days ago

  • Status changed from In Progress to Resolved
  • % Done changed from 90 to 100

patch was merged. The VTY command is called show rejected-bts now.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)