Commit 68e4138e authored by canterburym's avatar canterburym

Merge branch '2020-06-15T12_25_26_171555' into 'master'

2020 06 15 t12 25 26 171555

See merge request !9
parents a5f7f81e 98f74ed3
Pipeline #4471 failed with stage
in 6 seconds
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
L2AccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)
li-ps(5) l2Access(4) version7(7)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
-- ============================
-- Object Identifier Definition
-- ============================
l2IRIObjId RELATIVE-OID ::= {li-ps(5) l2Access(4) version7(7) iRI(1)}
l2CCObjId RELATIVE-OID ::= {li-ps(5) l2Access(4) version7(7) cC(2)}
l2IRIOnlyObjId RELATIVE-OID ::= {li-ps(5) l2Access(4) version7(7) iRIOnly(3)}
-- all three definitions relative to {itu-t(0) identified-organization(4)
-- etsi(0) securityDomain(2) lawfulintercept(2)}
-- ==========================
-- L2 Communications Contents
-- ==========================
L2CC ::= SEQUENCE
{
l2CCObjId [0] RELATIVE-OID,
l2CCContents [1] CHOICE
{
l2TP [1] OCTET STRING,
-- The L2TP protocol is used
l2F [2] OCTET STRING,
-- The L2F protocol is used
pPTP [3] OCTET STRING,
-- The PPTP protocol is used
pPP [4] OCTET STRING,
-- The PPP protocol is used
ethernet [5] OCTET STRING,
-- The ethernet protocol is used
...,
l2ATM2684 [6] OCTET STRING,
-- The protocol RFC 2684, method "LLC Encapsulation for Bridged Protocols` [16] is used
l2FR2427 [7] OCTET STRING
-- The protocol RFC 2427 “Multiprotocol Interconnect over Frame Relay” [18] is used
}
}
-- ===================================================
-- Intercept-related information for general L2-Access
-- ===================================================
L2IRI ::= SEQUENCE
{
l2IRIObjId [0] RELATIVE-OID,
l2IRIContents [1] L2IRIContents,
...
}
L2IRIContents ::= SEQUENCE
{
accessEventType [0] AccessEventType,
internetAccessType [2] InternetAccessType OPTIONAL,
targetNetworkID [5] UTF8String (SIZE (1..128)) OPTIONAL,
-- Target network ID (e.g. MAC address, PSTN number, additional information from
-- network elements)
targetCPEID [6] UTF8String (SIZE (1..128)) OPTIONAL,
-- CPEID (e.g. Relay Agent info, computer name)
targetLocation [7] UTF8String (SIZE (1..64))OPTIONAL,
-- <for further study>
nASPortNumber [8] INTEGER (0..4294967295) OPTIONAL,
-- The NAS port number used by the target
callBackNumber [9] UTF8String (SIZE (1..20)) OPTIONAL,
-- The number used to call-back the target
startTime [10] GeneralizedTime OPTIONAL,
-- The start date-time of the session or lease
endTime [11] GeneralizedTime OPTIONAL,
-- The end date-time of the session or lease
endReason [12] EndReason OPTIONAL,
-- The reason for the session to end
octetsReceived [13] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target received
octetsTransmitted [14] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target transmitted
rawAAAData [15] OCTET STRING OPTIONAL,
-- Content of the raw AAA record
...,
authenticationType [16] AuthenticationType OPTIONAL
-- Field used to identify the authentication type to assist with LEMF data validation
}
AccessEventType ::= ENUMERATED
{
accessAttempt(0),
-- A target requests access to the IAS
accessAccept(1),
-- IAS access is granted to the target, the session begins
accessReject(2),
-- IAS access is refused to the target
accessFailed(3),
-- The accessAttempt timed-out or failed otherwise
sessionStart(4),
-- A target starts using the IAS; not in use anymore from version 4(4).
sessionEnd(5),
-- A target stops using the IAS; not in use anymore from version 4(4).
interimUpdate(6),
-- Intermediate status report on service status or usage
unknown(7),
...,
startOfInterceptionWithSessionActive(8),
-- LI is started on a target who already has an active session
accessEnd(9),
-- A target stops using the IAS, the session ends.
endOfInterceptionWithSessionActive(10)
-- LI is ended on a target who still has an active session
}
InternetAccessType ::= ENUMERATED
{
undefined(0),
dialUp(1),
-- IAS via DialUp access
xDSL(2),
-- IAS via DSL access
cableModem(3),
-- IAS via Cable access
lAN(4),
-- IAS via LAN access
...,
wirelessLAN(5),
-- IAS via Wireless LAN access
fTTx(6),
-- IAS via Fiber access
wIMAX-HIPERMAN(7),
-- IAS via WIMAX/HIPERMAN (fixed access)
satellite(8)
-- IAS via Satellite access
-- (when it is not covered by any 3GPP or ETSI mobile Lawful Interception specifications)
}
EndReason ::= ENUMERATED
{
undefined(0),
regularLogoff(1),
-- The target logged off
connectionLoss(2),
-- The connection was lost
connectionTimeout(3),
-- The connection timed-out
leaseExpired(4),
-- The DHCP lease expired
...
}
AuthenticationType ::= ENUMERATED
{
unknown(0),
-- AAA function for the target service is unknown
static(1),
-- The target service is assigned a static IP address & no AAA expected
radiusAAA(2),
-- AAA function for the target service is provided by RADIUS
dhcpAAA(3),
-- AAA function for the target service is provided by DHCP
diameterAAA(4),
-- AAA function for the target service is provided by DIAMETER
...
}
-- =====================================================
-- Intercept-related information for IRI-Only intercepts
-- =====================================================
L2IRIOnly ::= SEQUENCE
{
l2IRIOnlyObjId [0] RELATIVE-OID,
l2protocolInformation [2] L2ProtocolInformation,
l2AggregatedNbrOfPackets [3] INTEGER OPTIONAL,
l2AggregatedNbrOfBytes [4] INTEGER OPTIONAL,
...
}
L2ProtocolInformation ::= ENUMERATED
{
l2ProtocolL2tp(1),
-- The L2TP protocol is used
l2ProtocolL2f(2),
-- The L2F protocol is used
l2ProtocolPptp(3),
-- The PPTP protocol is used
l2ProtocolPpp(4),
-- The PPP protocol is used
ethernetProtocol(5),
-- The ethernet protocol is used
undefined(6),
...,
l2ProtocolATM2684(7),
-- The protocol RFC 2684, method "LLC Encapsulation for Bridged Protocols" [16] is used
l2ProtocolFR2427(8)
-- The protocol RFC2427 “Multiprotocol Interconnect over Frame Relay” [18] is used
}
END -- end of L2AccessPDU
L2AccessPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)
li-ps(5) l2Access(4) version7(7)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
-- ============================
-- Object Identifier Definition
-- ============================
l2IRIObjId RELATIVE-OID ::= {li-ps(5) l2Access(4) version7(7) iRI(1)}
l2CCObjId RELATIVE-OID ::= {li-ps(5) l2Access(4) version7(7) cC(2)}
l2IRIOnlyObjId RELATIVE-OID ::= {li-ps(5) l2Access(4) version7(7) iRIOnly(3)}
-- all three definitions relative to {itu-t(0) identified-organization(4)
-- etsi(0) securityDomain(2) lawfulintercept(2)}
-- ==========================
-- L2 Communications Contents
-- ==========================
L2CC ::= SEQUENCE
{
l2CCObjId [0] RELATIVE-OID,
l2CCContents [1] CHOICE
{
l2TP [1] OCTET STRING,
-- The L2TP protocol is used
l2F [2] OCTET STRING,
-- The L2F protocol is used
pPTP [3] OCTET STRING,
-- The PPTP protocol is used
pPP [4] OCTET STRING,
-- The PPP protocol is used
ethernet [5] OCTET STRING,
-- The ethernet protocol is used
...,
l2ATM2684 [6] OCTET STRING,
-- The protocol RFC 2684, method "LLC Encapsulation for Bridged Protocols` [16] is used
l2FR2427 [7] OCTET STRING
-- The protocol RFC 2427 “Multiprotocol Interconnect over Frame Relay” [18] is used
}
}
-- ===================================================
-- Intercept-related information for general L2-Access
-- ===================================================
L2IRI ::= SEQUENCE
{
l2IRIObjId [0] RELATIVE-OID,
l2IRIContents [1] L2IRIContents,
...
}
L2IRIContents ::= SEQUENCE
{
accessEventType [0] AccessEventType,
internetAccessType [2] InternetAccessType OPTIONAL,
targetNetworkID [5] UTF8String (SIZE (1..128)) OPTIONAL,
-- Target network ID (e.g. MAC address, PSTN number, additional information from
-- network elements)
targetCPEID [6] UTF8String (SIZE (1..128)) OPTIONAL,
-- CPEID (e.g. Relay Agent info, computer name)
targetLocation [7] UTF8String (SIZE (1..64))OPTIONAL,
-- <for further study>
nASPortNumber [8] INTEGER (0..4294967295) OPTIONAL,
-- The NAS port number used by the target
callBackNumber [9] UTF8String (SIZE (1..20)) OPTIONAL,
-- The number used to call-back the target
startTime [10] GeneralizedTime OPTIONAL,
-- The start date-time of the session or lease
endTime [11] GeneralizedTime OPTIONAL,
-- The end date-time of the session or lease
endReason [12] EndReason OPTIONAL,
-- The reason for the session to end
octetsReceived [13] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target received
octetsTransmitted [14] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target transmitted
rawAAAData [15] OCTET STRING OPTIONAL,
-- Content of the raw AAA record
...,
authenticationType [16] AuthenticationType OPTIONAL
-- Field used to identify the authentication type to assist with LEMF data validation
}
AccessEventType ::= ENUMERATED
{
accessAttempt(0),
-- A target requests access to the IAS
accessAccept(1),
-- IAS access is granted to the target, the session begins
accessReject(2),
-- IAS access is refused to the target
accessFailed(3),
-- The accessAttempt timed-out or failed otherwise
sessionStart(4),
-- A target starts using the IAS; not in use anymore from version 4(4).
sessionEnd(5),
-- A target stops using the IAS; not in use anymore from version 4(4).
interimUpdate(6),
-- Intermediate status report on service status or usage
unknown(7),
...,
startOfInterceptionWithSessionActive(8),
-- LI is started on a target who already has an active session
accessEnd(9),
-- A target stops using the IAS, the session ends.
endOfInterceptionWithSessionActive(10)
-- LI is ended on a target who still has an active session
}
InternetAccessType ::= ENUMERATED
{
undefined(0),
dialUp(1),
-- IAS via DialUp access
xDSL(2),
-- IAS via DSL access
cableModem(3),
-- IAS via Cable access
lAN(4),
-- IAS via LAN access
...,
wirelessLAN(5),
-- IAS via Wireless LAN access
fTTx(6),
-- IAS via Fiber access
wIMAX-HIPERMAN(7),
-- IAS via WIMAX/HIPERMAN (fixed access)
satellite(8)
-- IAS via Satellite access
-- (when it is not covered by any 3GPP or ETSI mobile Lawful Interception specifications)
}
EndReason ::= ENUMERATED
{
undefined(0),
regularLogoff(1),
-- The target logged off
connectionLoss(2),
-- The connection was lost
connectionTimeout(3),
-- The connection timed-out
leaseExpired(4),
-- The DHCP lease expired
...
}
AuthenticationType ::= ENUMERATED
{
unknown(0),
-- AAA function for the target service is unknown
static(1),
-- The target service is assigned a static IP address & no AAA expected
radiusAAA(2),
-- AAA function for the target service is provided by RADIUS
dhcpAAA(3),
-- AAA function for the target service is provided by DHCP
diameterAAA(4),
-- AAA function for the target service is provided by DIAMETER
...
}
-- =====================================================
-- Intercept-related information for IRI-Only intercepts
-- =====================================================
L2IRIOnly ::= SEQUENCE
{
l2IRIOnlyObjId [0] RELATIVE-OID,
l2protocolInformation [2] L2ProtocolInformation,
l2AggregatedNbrOfPackets [3] INTEGER OPTIONAL,
l2AggregatedNbrOfBytes [4] INTEGER OPTIONAL,
...
}
L2ProtocolInformation ::= ENUMERATED
{
l2ProtocolL2tp(1),
-- The L2TP protocol is used
l2ProtocolL2f(2),
-- The L2F protocol is used
l2ProtocolPptp(3),
-- The PPTP protocol is used
l2ProtocolPpp(4),
-- The PPP protocol is used
ethernetProtocol(5),
-- The ethernet protocol is used
undefined(6),
...,
l2ProtocolATM2684(7),
-- The protocol RFC 2684, method "LLC Encapsulation for Bridged Protocols" [16] is used
l2ProtocolFR2427(8)
-- The protocol RFC2427 “Multiprotocol Interconnect over Frame Relay” [18] is used
}
END -- end of L2AccessPDU
-- ====================================
-- Description of the IP Multimedia PDU
-- ====================================
IPMultimediaPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version12(12)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- from ETSI TS 102 232-1 [2]
IPAddress,
Location
FROM LI-PS-PDU
{itu-u(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version30(30)};
-- ============================
-- Object Identifier Definition
-- ============================
iPMMIRIObjId RELATIVE-OID ::= {li-ps(5) iPMultimedia(5) version12(12) iRI(1)}
iPMMCCObjId RELATIVE-OID ::= {li-ps(5) iPMultimedia(5) version12(12) cC(2)}
-- both definitions relative to:
-- {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)}
-- =====================================
-- IP Multimedia Communications Contents
-- =====================================
IPMMCC ::= SEQUENCE
{
iPMMCCObjId [0] RELATIVE-OID,
mMCCContents [1] OCTET STRING,
-- Copy of the multimediastream, i.e. all related RTP/RTCP, UDPTL or MSRP packets
-- Each IPMMCC shall contain one intercepted packet
-- Protocol of the multimedia packets is indicated by means of mMCCprotocol parameter
-- mMCCContents was called rTPCCContents in earlier versions until v2.3.2.
...,
frameType [2] FrameType OPTIONAL,
-- The availability of header information shall be signalled with the frameType parameter
-- The module is defined as OPTIONAL because of backwards compatibility reasons
-- For new implementations the module is MANDATORY to be used as defined in clause 5.5
streamIdentifier [3] OCTET STRING OPTIONAL,
-- Used to identify the media stream within the current CIN, typically in case of
-- multiple media streams communications
-- May be used to correlate each media stream with the relevant SDP media description of IRI
-- May contain c= and m= lines extracts for instance
mMCCprotocol [4] MMCCprotocol OPTIONAL
-- Used to identify the protocol of packets sent in MMCCContent (RTP, UDPTL, MSRP, etc.)
-- Absence means mMCCContents contains RTP/RTCP packets
}
FrameType ::= ENUMERATED
{
ipFrame(0),
-- All headers are present
udpFrame(1),
-- IP header is missing
rtpFrame(2),
-- UDP and IP headers are missing
audioFrame(3),
-- All headers are missing
...,
tcpFrame(4),
-- IP header is missing
artificialRtpFrame(5),
-- UDP and IP headers are missing; artificial RTP frame has been added
udptlFrame(6),
-- UDP and IP headers are missing
msrpFrame(7)
-- TCP and IP headers are missing
}
MMCCprotocol ::= ENUMERATED
{
rTP(0),
-- mMCCContents parameter contains RTP/RTCP packets
mSRP(1),
-- mMCCContents parameter contains MSRP packets
...,
uDPTL(2)
-- mMCCContents parameter contains UDPTL packets
}
-- ========================================================
-- Intercept-related information for IP Multimedia sessions
-- ========================================================
IPMMIRI ::= SEQUENCE
{
iPMMIRIObjId [0] RELATIVE-OID,
iPMMIRIContents [1] IPIRIContents,
...,
targetLocation [2] Location OPTIONAL,
-- This common parameter is defined in ETSI TS 102 232-1 [2], the use of this parameter is described in clause 5.2.3
additionalSignalling [3] SEQUENCE OF AdditionalSignalling OPTIONAL
-- The use of this parameter is defined in clause 5.2.5
}
IPIRIContents ::= CHOICE
{
originalIPMMMessage [0] OCTET STRING,
-- Copy of the IP MM signalling packet including the original IP and UDP/TCP headers
sIPMessage [1] SIPMessage,
-- Copy of the SIP content and the source and destination IP address
h323Message [2] H323Message,
-- Copy of the H.323 content and the source and destination IP address
...,
nationalIPMMIRIParameters [3] NationalIPMMIRIParameters,
-- This parameter is used according to national regulations
-- This parameter shall be delivered as an IRI-Report-record
xCAPMessage [4] OCTET STRING,
-- Copy of the XCAP message including all HTTP headers and contents
iRIOnlyOriginalIPMMMessage [5] OCTET STRING,
-- Copy of the IP MM signalling packet including the original IP and UDP/TCP headers
-- see clause 5.2.6.
iRIOnlySIPMessage [6] SIPMessage
-- Copy of the SIP content and the source and destination IP address
-- see clause 5.2.6.
}
SIPMessage ::= SEQUENCE
{
iPSourceAddress [0] IPAddress,
iPDestinationAddress [1] IPAddress,
sIPContent [2] OCTET STRING,
...
}
H323Message ::= SEQUENCE
{
iPSourceAddress [0] IPAddress,
iPDestinationAddress [1] IPAddress,
h323Content [2] H323MessageContent,
...
}
H323MessageContent ::= CHOICE
{
h225CSMessageContent [0] OCTET STRING,
h225RASMessageContent [1] OCTET STRING,
h245MessageContent [2] OCTET STRING,
genericMessageContent [3] OCTET STRING,
...
}
NationalIPMMIRIParameters ::= SEQUENCE
{
countryCode [1] PrintableString (SIZE (2)),
-- Country Code according to ISO 3166-1 [20],
-- the country to which the parameters inserted after the extension marker apply.
...
-- In case a given country wants to use additional national parameters according to its law,
-- these national parameters should be defined using the ASN.1 syntax and added after the
-- extension marker (...).
-- It is recommended that "version parameter" and "vendor identification parameter" are
-- included in the national parameters definition. Vendor identifications can be
-- retrieved from the IANA web site. Besides, it is recommended
-- to avoid using tags from 240 to 255 in a formal type definition.
}
AdditionalSignalling ::= CHOICE
{
sipHeaderLine [0] OCTET STRING,
-- A SIP header line, eg: "Contact: tel:+123456789".
...
}
END -- end of IPMultimediaPDU
-- ====================================
-- Description of the IP Multimedia PDU
-- ====================================
IPMultimediaPDU
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPMultimedia(5) version12(12)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- from ETSI TS 102 232-1 [2]
IPAddress,
Location
FROM LI-PS-PDU
{itu-u(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) genHeader(1) version30(30)};
-- ============================
-- Object Identifier Definition
-- ============================
iPMMIRIObjId RELATIVE-OID ::= {li-ps(5) iPMultimedia(5) version12(12) iRI(1)}
iPMMCCObjId RELATIVE-OID ::= {li-ps(5) iPMultimedia(5) version12(12) cC(2)}
-- both definitions relative to:
-- {itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2)}
-- =====================================
-- IP Multimedia Communications Contents
-- =====================================
IPMMCC ::= SEQUENCE
{
iPMMCCObjId [0] RELATIVE-OID,
mMCCContents [1] OCTET STRING,
-- Copy of the multimediastream, i.e. all related RTP/RTCP, UDPTL or MSRP packets
-- Each IPMMCC shall contain one intercepted packet
-- Protocol of the multimedia packets is indicated by means of mMCCprotocol parameter
-- mMCCContents was called rTPCCContents in earlier versions until v2.3.2.
...,
frameType [2] FrameType OPTIONAL,
-- The availability of header information shall be signalled with the frameType parameter
-- The module is defined as OPTIONAL because of backwards compatibility reasons
-- For new implementations the module is MANDATORY to be used as defined in clause 5.5
streamIdentifier [3] OCTET STRING OPTIONAL,
-- Used to identify the media stream within the current CIN, typically in case of
-- multiple media streams communications
-- May be used to correlate each media stream with the relevant SDP media description of IRI
-- May contain c= and m= lines extracts for instance
mMCCprotocol [4] MMCCprotocol OPTIONAL
-- Used to identify the protocol of packets sent in MMCCContent (RTP, UDPTL, MSRP, etc.)
-- Absence means mMCCContents contains RTP/RTCP packets
}
FrameType ::= ENUMERATED
{
ipFrame(0),
-- All headers are present
udpFrame(1),
-- IP header is missing
rtpFrame(2),
-- UDP and IP headers are missing
audioFrame(3),
-- All headers are missing
...,
tcpFrame(4),
-- IP header is missing
artificialRtpFrame(5),
-- UDP and IP headers are missing; artificial RTP frame has been added
udptlFrame(6),
-- UDP and IP headers are missing
msrpFrame(7)
-- TCP and IP headers are missing
}
MMCCprotocol ::= ENUMERATED
{
rTP(0),
-- mMCCContents parameter contains RTP/RTCP packets
mSRP(1),
-- mMCCContents parameter contains MSRP packets
...,
uDPTL(2)
-- mMCCContents parameter contains UDPTL packets
}
-- ========================================================
-- Intercept-related information for IP Multimedia sessions
-- ========================================================
IPMMIRI ::= SEQUENCE
{
iPMMIRIObjId [0] RELATIVE-OID,
iPMMIRIContents [1] IPIRIContents,
...,
targetLocation [2] Location OPTIONAL,
-- This common parameter is defined in ETSI TS 102 232-1 [2], the use of this parameter is described in clause 5.2.3
additionalSignalling [3] SEQUENCE OF AdditionalSignalling OPTIONAL
-- The use of this parameter is defined in clause 5.2.5
}
IPIRIContents ::= CHOICE
{
originalIPMMMessage [0] OCTET STRING,
-- Copy of the IP MM signalling packet including the original IP and UDP/TCP headers
sIPMessage [1] SIPMessage,
<