Closed HansJack1999 closed 7 months ago
I also tested the official rules and found that the modification function did not work at all. For example, I used rule 10, but none of the values were changed. 5greplay forwards the entire test2.pcap directly. No new logs appear in the amf log
Hi @HansJack1999 ,
If you want to inject only the packets which are satisfait the FORWARD
rules, then you should use -Xforward.default=DROP
parameter. This parameter will tell 5Greplay to drop any packet which are not satisfait by any rule. The other packets, that are satisfait by a rule, will be dropped (or forwarded) if the rule type is DROP
(or FORWARD
respectively).
@nhnghia Thank you so much for your assistance!
I used the tool to replay messages from the initial registration to learn about 5G. When I replayed the InitialUEMessage Registration request
, 5GReplay indicated that the messages were successfully replayed, and I was able to capture them in wireshark loopback. However, I couldn't find any corresponding entries in the open5gs AMF log.
I utilized all the official rules and attempted to replay the test2.pcap file, which I captured and contains UE initial registration procedure. When I ran the command sudo./5greplay replay -t test2.pcap -Xforward.nb-copies=2000 -Xforward.default=FORWARD > log.txt 2>&1
, I encountered the same issue.
Similarly, using the official 5g-sa.pcap and executing the same command yielded no results in the AMF logs. I am uncertain whether the messages replayed by this tool should elicit a response from the 5GC, or if only certain types of messages might cause a system crash.
I'm puzzled about this issue and would greatly appreciate any guidance you could offer.
Hi @HansJack1999 ,
If you want to get the same results (e.g., crashed log of AMF), then you should use the same versions of 5Greplay and Open5Gs as the ones in this tutorial.
I did a test, and saw that the new version of Open5Gs AMF does not crash anymore. So I installed Open5GS from source.
Here the commands I used to install Open5GS v2.3.2 (somehow I cannot see v2.3.3 as I tested in the tutorial, but v2.3.2 crashed as well):
sudo apt install python3-pip python3-setuptools python3-wheel ninja-build build-essential flex bison git cmake libsctp-dev libgnutls28-dev libgcrypt-dev libssl-dev libidn11-dev libmongoc-dev libbson-dev libyaml-dev libnghttp2-dev libmicrohttpd-dev libcurl4-gnutls-dev libnghttp2-dev libtins-dev libtalloc-dev meson
git clone https://github.com/open5gs/open5gs.git
cd open5gs
git checkout v2.3.2
meson build --prefix=`pwd`/install
ninja -C build
./build/tests/app/5gc
Then I used 5Greplay v0.0.1
wget https://github.com/Montimage/5GReplay/releases/download/v0.0.1/5greplay-0.0.1_Linux_x86_64.tar.gz
tar -xzf 5greplay-0.0.1_Linux_x86_64.tar.gz
cd 5greplay-0.0.1/
wget https://github.com/Montimage/5GReplay/raw/main/docs/docs/tutorial/replay-open5gs/5g-sa.pcap
sudo ./5greplay replay -t 5g-sa.pcap -Xforward.nb-copies=2000 -Xforward.default=FORWARD
Log of 5Greplay (note: its version is v0.0.1)
Log of Open5Gs (note: its version is v2.3.2):
Note: I tested the above commands on Ubuntu server 20.04.6:
$ lsb_release -a
LSB Version: core-11.1.0ubuntu2-noarch:security-11.1.0ubuntu2-noarch
Distributor ID: Ubuntu
Description: Ubuntu 20.04.6 LTS
Release: 20.04
Codename: focal
@nhnghia
Thank you very much for your response!
I am currently using open5gs version v2.6.6. Based on the version you mentioned, I will conduct some additional tests.
I was writing an XML file to specifically replay an Authentication request in offline mode, using 'test2.pcap' as the input. However, upon inspecting the logs and using Wireshark, I noticed that 5greplay had replayed all the packets from the pcap file I provided(There are 1,942 messages in tset2.pcap, and log shows that it replays all 1,942 messages), instead of just the single packet I intended. I don't know what went wrong. Because neither open5gs nor 5greplay has reported any errors. I have no way to start.I would be deeply grateful to anyone who can provide insights or answers to my questions. I used the following command:
sudo ./5greplay replay -t test2.pcap -Xforward.nb-copies=1 -Xforward.default=FORWARD > log.txt 2>&1
Here are the rules I used, the log output from 5grepaly, and the input pcap files I used and the pcap files I captured on replay The xml file is as follows:
My 5greplay log is as follows:
The following is the pcap file: pcapfile.zip