hi,
i did a lot of resarch and testing on cell selection and re-selection
process the last two week.
the cell selection process, network selection process (manual and
automatic) and mobility management process were already implemented in
OsmocomBB a long time, but turned out to be buggy and incomplete. i made
test drives to check the process and debugged it.
the re-selection process is new. it is used to track surrounding cells
while listening to the BCCH of the current cell (camping on a cell).
special extension to the layer1 firmare is used to measure neighbour
cells. if an neighbour cell becomes 'better', the mobile switches to
that cell, depening on different criteria. now it is possible to move
with OsmocomBB.
the re-selection process is not handover! handover is a process where a
phone switches between cells while doing a call. handover is one next
step to implement. the process is a little more complex, because it
requires not only neighbour cell measurements, but also syncing to them
without interrupting the traffic channel. most layer 3 stuff of handover
is already implemented.
if you like to play and test your moving OsmocomBB, you can check out
the "jolly/roaming" branch. it contains the extension to layer1, as well
as sim reader and fixes from "sylvain/testing" branch. use both "mobile"
and "layer1" firmware from this branch.
in order to see some process at VTY, you can do:
enable
monitor network 1 (continously display the strongest cell and neighbour
cells)
show ms 1 (to see current states)
show neighbour-cells 1 (to see a more detailed current list of
neighbours)
andreas
hi,
i just fixed some locking issues the last days. fix will follow. it took
a bit longer, because there were some race conditions. it took up to
about one hour until it crashed. my way to detect the area where the
crash happened, was to turn on buzzer before that area, and turn it off
after that area. after many hours of approximation, i finally found out
that the major crash happend during _talloc_zero. (first it looks for a
free memory chunk, then it allocates it.) since it can be called from
all contexts (main, irq, fiq), it need to be locked against any
interrupt, otherwise the memory chunk can be assigned multiple times.
(the process of _talloc_free is "atomic" and requires no locking.)
because it seems pretty stable, i think it is time to merge some
branches into the master. (i made a 6 hours call yesterday. and no crash
after bugfix ever since.) i will do that together with sylvain, if we
find the time this weekend.
currently i use the jolly/voice together with the sylvain/traffic
branch. i am able to use an isdn phone togehter with linux-call-router
and make/receive calls. audio is passed both ways. i think this is a
stage where it actually become "usable". (if not moving arround.)
one of my major work for the next weeks/months will be the neighbour
cell measurement, cell re-selection, and handover. this is essential
when moving with the phone.
regards,
andreas
Hi,
I've hacked something together to quickly test non-combined CCCH.
However, I've hit a problem when trying to receive anything on another
timeslot than 0.
The TX side seems to work fine as the BTS can see my location update
request and answers with a reject, but on the MS side, I never see the
reject and wireshark only shows invalid incohrent data on the RX.
The frames for SDCCH/8 show really nothing valid (looks like random
bytes), things like
09 80 7f 47 49 06 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
09 00 47 d5 2d 06 1e 00 00 69 7c a0 91 3d 22 ff ab fe 6c 4f 56 4f 36
...
while the frames for the associated SAACH show at least something gsm-like :
03 03 01 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
but that's not quite a SI5/6 ...
To RX/TX on TS=1, I just delayed the RX/TX window by 625 bits (4 *
156.25) when I'm in dedicated channel mode by chaning the 'start' in
l1s_tx_win_ctrl / l1s_rx_win_ctrl
Is there something else that should be done ?
Cheers,
Sylvain
Hi Sylvain, hi list!
I'm experimenting with burst_ind and TCHs right now and ran
into some problem I couldn't solve yet.
After receiving an Assignment Command for a hopping TCH/F I
call l1ctl_tx_dm_est_req_h1() with all necessary parameters
and tch_mode GSM48_CMODE_SPEECH_V1 or _EFR.
After that I do get burst indications containing the received
bits on up- and downlink for the active arfcn on each
consecutive frame number.
BUT the rx level measurements are most of the time very low
and sporadic higher, surely not from that nearby bts and the
very close cellphone.
It looks like the layer1 doesn't "hit" the right timeslot
on the right arfcn at the right time.
There are some possible sources of error leading to that, like
hopping parameters, channel number and MA list.
But I checked these and I took all of them directly from the
ASS CMD, the MA as word list in ascending order, like in layer23
IMM ASS handling.
The specific AC doesn't have any specialties like Starting Time
or "before time" parameters.
So my question is if there is some obvious pitfall I'm missing
and are there any suggestions how to debug that?
Regards,
Mad
Hi,
I am trying to use burst_ind branch of osmocom. I have noticed that layer23 creates bursts****.dat files when it indicates uplink. What data are written to these files and what should I use to see its data? Thank you.
Hi!
Recently we've had the idea of using OsmocomBB with a simple firmware
that synchronizes to an existing GSM networks FCCH and use the resulting
13MHz clock to drive the USRP for airprobe or OpenBTS.
Ideally, we would even use the Calypso-internal PLL (for ARM or DSP) to
multiply it up to the required 52 MHz. However, neither the Openmoko
nor the Compal/Motorola phones expose any of the 3 clock output pads :(
So the only choice is to use something along the lines of the
http://focus.ti.com/docs/prod/folders/print/cdcvf25084.html
as a quad clock multiplier and attach it to the CLK13OUT signal of the
phone.
The chip is available for 9 USD in single quantities at digikey, and
possibly cheaper at other sources. Combined with a sub-20EUR phone it
might be a very cheap but still accurate frequency source for OpenBTS -
at least as long as there are any commercial gsm networks available.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Hi All!
That's true, I managed to run U-Boot on MT6235, but linux kernel is
not fully functional yet (it's fresh stuff as I managed to ran it on
Tuesday and then I was off to conference).
For MT6235 development I chose Sciphone G2, which is pretty cheap.
After some time I managed to download code to SRAM (just 64KB) using
MTK's FlashTool.
MTK FlashTool communicates over UART directly with MT6235 bootloader
and sends its own chunk of code (about 58KB) which is executed in SRAM
and communicates with FlashTool.
I found on pudn.com some pack to customize code loaded by FlashTool,
thanks to which I could download my own code to SRAM (without JTAG).
The problem was that it had to be linked with some security libraries
which occupied about 56KB and not much memory left for my own code.
Then I decided to try find JTAG pins to get all control on MT6235.
That took me sometime, but finally I succeeded.
The other bigger issue was initializing DRAM controller to be able to
download bigger code (linux kernel + uboot) to external RAM. In
sciphone there is problem that all interesting chips are under metal
shield which is pretty havily soldered. In this case I couldn't read
what kind of RAM memory is mounted without destroying the board (I
don't have such soldering machine which could unsolder so big metal
shield). Thanks to JTAG I could attach to target and then dump DRAM
controller registers from processor running MTK's software, but
setting these values after processor start and configuration of PLL
didn't work.
I decided to disassemble bootloader which could show me how DRAM
controller is initialized and how code fron NAND is loaded (to be able
to flash U-Boot and kernel to NAND so MT6235 will start my code
automatically and I will not have to use JTAG). Currently I have
knowledge how internal MT6235 bootloader is loading code from memory
during startup and I also extracted procedure of DRAM controller
initialization. Thanks to that I'm able to run U-Boot from the very
begining of processor startup.
The problem is that I have just one piece of Sciphone G2 and I don't
want to flash it yet to not break existing code in it. Thanks to
running device I'm able to attach with JTAG and check how peripherals
are configured (i.e. LCD, MMC, etc.). I have backup of flash, but I'm
not 100% sure if I will flash it back, phone will startup. That's why
I bought second piece of Sciphone G2 and should receive it today or on
Tuesday (this Monday is holiday in Poland). In this case I'll flash
U-Boot to NAND and try to make it working. Then we could load the rest
of code from U-Boot (to RAM or NAND over serial).
You can see how my setup looks on attached picture.
The good thing about it is that the same bootloader is used in MT622x,
so it should be fairly easy to do the same on phones based on that
SoCs (but unfortuantely it's just ARM7).
If it comes to code, of course I can share it on "git.osmocom.org".
Currently it's just basic port of U-Boot and not much for linux
kernel, but I'm working on this now so I'll push it when it'll be
ready.
Currently I'm working on driver for NAND memory for U-Boot, so we
could flash linux kernel. When that will be ready I'll push the code.
Then I'll switch to linux kernel and when it'll be functional I also
push the code. At this stage you will not need to have JTAG and you
could load the code over serial in U-Boot.
If it comes to GSM I didn't work with it before. I actualy worked 6
months in L2/3 team for LTE (on RRC) but it's different story.
That could be really outstanding thing if we could run first phone
ever with whole code open (from BB up to APP).
BR,
Marcin
The SIM and the SIM reader in the phone and the mechanical contact
between them are definitely working because the SIM can be accessed from
the motorola firmware, from another phone and from a PC smartcard reader
with no PIN or anything.
However, under simtest firmware no data is received by the phone, even
the ATR is zero bytes...
Anybody had this problem?
Also, is l1CTL SIM APDU command not implemented in the layer1 firmware?
How are people making calls without a SIM? :P
Gianni
----------------SIMTEST----8<-----------------
Initializing driver:
SIM: Registering interrupt handler for simcard-interface
====================== CALYPSO SIM REGISTER DUMP =====================
Reg_sim_cmd register (R/W) - FFFE:0000
|-REG_SIM_CMD = 0000
| |-REG_SIM_CMD_CMDCARDRST = 0 ==> SIM card reset sequence disabled.
| |-REG_SIM_CMD_CMDIFRST = 0
| |-REG_SIM_CMD_CMDSTOP = 0
| |-REG_SIM_CMD_CMDSTART = 0
| |-REG_SIM_CMD_MODULE_CLK_EN = 0 ==> Clock of the module disabled.
|-REG_SIM_STAT = 000b
| |-REG_SIM_STAT_STATNOCARD = 1 ==> No card!
| |-REG_SIM_STAT_STATTXPAR = 1 ==> Parity ok!
| |-REG_SIM_STAT_STATFIFOFULL = 0
| |-REG_SIM_STAT_STATFIFOEMPTY = 1 ==> Fifo empty!
|-REG_SIM_CONF1 = 000c
| |-REG_SIM_CONF1_CONFCHKPAR = 0 ==> Parity check on reception disabled.
| |-REG_SIM_CONF1_CONFCODCONV = 0 ==> Coding convention is direct (normal).
| |-REG_SIM_CONF1_CONFTXRX = 1 ==> SIO line direction is in transmit mode.
| |-REG_SIM_CONF1_CONFSCLKEN = 1 ==> SIM clock in normal mode.
| |-REG_SIM_CONF1_reserved = 0 ==> ETU period is CONFETUPERIOD.
| |-REG_SIM_CONF1_CONFSCLKDIV = 0 ==> SIM clock frequency is 13/4 Mhz.
| |-REG_SIM_CONF1_CONFSCLKLEV = 0 ==> SIM clock idle level is low.
| |-REG_SIM_CONF1_CONFETUPERIOD = 0 ==> ETU period is 372/8*1/Fsclk.
| |-REG_SIM_CONF1_CONFBYPASS = 0 ==> Hardware timers and start and stop sequences are normal.
| |-REG_SIM_CONF1_CONFSVCCLEV = 0 ==> SVCC Level is low (Only valid when CONFBYPASS = 1).
| |-REG_SIM_CONF1_CONFSRSTLEV = 0 ==> SRST Level is low (Only valid when CONFBYPASS = 1).
| |-REG_SIM_CONF1_CONFTRIG = 0x0 (FIFO trigger level)
| |-REG_SIM_CONF1_CONFSIOLOW = 0
|-REG_SIM_CONF2 = 0940
| |-REG_SIM_CONF2_CONFTFSIM = 0x0 (time delay for filtering of SIM_CD)
| |-REG_SIM_CONF2_CONFTDSIM = 0x4 (time delay for contact activation/deactivation)
| |-REG_SIM_CONF2_CONFWAITI = 0x9 (CONFWAITI overflow wait time between two received chars)
|-REG_SIM_IT = 0000
| |-REG_SIM_IT_SIM_NATR = 0 ==> On read access to REG_SIM_IT.
| |-REG_SIM_IT_SIM_WT = 0 ==> On read access to REG_SIM_IT.
| |-REG_SIM_IT_SIM_OV = 0 ==> On read access to REG_SIM_IT.
| |-REG_SIM_IT_SIM_TX = 0 ==> On write access to REG_SIM_DTX or on switching
| | from transmit to receive mode (CONFTXRX bit)
| |-REG_SIM_IT_SIM_RX = 0 ==> On read access to REG_SIM_DRX.
|-REG_SIM_DRX = 0100
| |-REG_SIM_DRX_SIM_DRX = 0x0 (next data byte in FIFO available for reading)
| |-REG_SIM_DRX_STATRXPAR = 1 ==> Parity Ok.
|-REG_SIM_DTX = 00 (next data byte to be transmitted)
|-REG_SIM_MASKIT = 003f
| |-REG_SIM_MASKIT_MASK_SIM_NATR = 1 ==> No-answer-to-reset interrupt is masked.
| |-REG_SIM_MASKIT_MASK_SIM_WT = 1 ==> Character wait-time overflow interrupt is masked.
| |-REG_SIM_MASKIT_MASK_SIM_OV = 1 ==> Receive overflow interrupt is masked.
| |-REG_SIM_MASKIT_MASK_SIM_TX = 1 ==> Waiting characters to be transmit interrupt is masked.
| |-REG_SIM_MASKIT_MASK_SIM_RX = 1 ==> Waiting characters to be read interrupt is masked.
| |-REG_SIM_MASKIT_MASK_SIM_CD = 1 ==> SIM card insertion/extraction interrupt is masked.
|-REG_SIM_IT_CD = fffe0010
|-REG_SIM_IT_CD_IT_CD = 0 ==> SIM card insertion/extraction interrupt is unmasked.
Power up simcard:
* Power enabled!
* Clock enabled!
* Reset released!
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Character underflow!
(0 bytes)
Reset simcard:
* Reset pulled down!
* Reset released!
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Character underflow!
(0 bytes)
SIM-T0: Transceiving APDU-Header: (a0 a4 00 00 02)
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-T0: Case 2: No input / Output of known length (See also GSM 11.11 Page 34)
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Character underflow!
SIM-T0: T0 Protocol error: Missing ACK byte -- aborting!
SIM-T0: Transceiving APDU-Header: (a0 c0 00 00 0f)
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-T0: Case 4: Input / No output (See also GSM 11.11 Page 34)
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Character underflow!
SIM-T0: T0 Protocol error: Incorrect or missing answer -- aborting!
e0 73 d7 b9 ae ea bf 7e f7 3b 7f 6f 32 fe 25 (15 bytes)
Test Phase 1: Testing bare sim commands...
* Testing SELECT: Selecting MF
SIM-T0: Transceiving APDU-Header: (a0 a4 00 00 02)
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-T0: Case 2: No input / Output of known length (See also GSM 11.11 Page 34)
SIM-ISR: Interrupt caught: Waiting characters to be read...
SIM-ISR: Interrupt caught: Character underflow!
SIM-T0: T0 Protocol error: Missing ACK byte -- aborting!
==> Status word: ffff
* Testing SELECT: Selecting DF_GSM
SIM-T0: Transceiving APDU-Header: (a0 a4 00 00 02)
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
SIM-ISR: Interrupt caught: Waiting for character to transmit...
At this point it hangs "forever" - well at least half hour.
Hi guys,
I dunno if that is the right place for my concern about building the
osmocomBB source. Here is what I already have done:
- downloading the sources for osmocomBB and GNU toolchain for ARM,
- setting the PATH for the arm-elf-* executables,
- calling make in the src directory.
Now, this appears as response of the make command in the terminal:
cd shared/libosmocore/build-host && ../configure
configure: error: cannot find install-sh, install.sh, or shtool in ".."
"../.." "../../.."
make: *** [shared/libosmocore/build-host/Makefile] Error 1.
If you need details about my system, you can look at the following
snippet from the config.log file:
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by libosmocore configure UNKNOWN, which was
generated by GNU Autoconf 2.65. Invocation command line was
$ ../configure
## --------- ##
## Platform. ##
## --------- ##
hostname = ubuntu-stefan
uname -m = x86_64
uname -r = 2.6.32-24-generic
uname -s = Linux
uname -v = #41-Ubuntu SMP Thu Aug 19 01:38:40 UTC 2010
/usr/bin/uname -p = unknown
/bin/uname -X = unknown
/bin/arch = unknown
/usr/bin/arch -k = unknown
/usr/convex/getsysinfo = unknown
/usr/bin/hostinfo = unknown
/bin/machine = unknown
/usr/bin/oslevel = unknown
/bin/universe = unknown
PATH: /usr/local/sbin
PATH: /usr/local/bin
PATH: /usr/sbin
PATH: /usr/bin
PATH: /sbin
PATH: /bin
PATH: /usr/games
PATH: /home/stefan/osmocomBB/gnuarm-4.0.2/bin
## ----------- ##
## Core tests. ##
## ----------- ##
configure:2032: error: cannot find install-sh, install.sh, or shtool in
".." "../.." "../../..".
So, I would be very glad, if someone could give me a hint to solve the
problem. Thank you in advance.
Regards,
begy
Hi,
I could not resist buying a C116 for 15 euro, so I compiled osmocombb
and connected a 3.3V serial cable.
Of course the C116 was not in the supported list, but I was hoping it
would work as it seems that it is very similar to the C115.
Here is my load attempt: (used -m c123 ) but there's no loading of the image.
I am not using TX mode, also I don't have a SIM installed.
Anything I can try to get it working?
./osmocon -p /dev/ttyS0 -m c123xor
../../target/firmware/board/compal_e88/loader.compalram.bin
got 1 bytes from modem, data looks like: 00 .
got 2 bytes from modem, data looks like: 00 81 ..
got 4 bytes from modem, data looks like: 1b f6 02 00 ....
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 01 .
got 1 bytes from modem, data looks like: 40 @
Received PROMPT1 from phone, responding with CMD
read_file(../../target/firmware/board/compal_e88/loader.compalram.bin):
file_size=16788, hdr_len=4, dnload_le n=16795
got 1 bytes from modem, data looks like: 66 f
got 1 bytes from modem, data looks like: 74 t
got 1 bytes from modem, data looks like: 6d m
got 1 bytes from modem, data looks like: 74 t
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 6c l
Received FTMTOOL from phone, ramloader has aborted
got 1 bytes from modem, data looks like: 65 e
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: 66 f
got 1 bytes from modem, data looks like: 6d m
got 1 bytes from modem, data looks like: 74 t
got 1 bytes from modem, data looks like: 6f o
Regards,
Henk
Hello
I'm having a problem in the start mobile application
~/osmocom-bb$ cd src/host/layer23/src/mobile
~/osmocom-bb/src/host/layer23/src/mobile$ ./mobile
Copyright (C) 2008-2010 ...
Contributions by ...
License GPLv2+: GNU GPL version 2 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Failed to parse the config file: '/etc/osmocom/osmocom.cfg'
Please check or create config file using: 'touch /etc/osmocom/osmocom.cfg'
~/osmocom-bb/src/host/layer23/src/mobile$
Please help me as soon as
--
View this message in context: http://baseband-devel.722152.n3.nabble.com/Help-me-I-have-a-difficult-probl…
Sent from the baseband-devel mailing list archive at Nabble.com.
Hi Folks, just wanted to know if anyone actually tried the Motorola C115
with OsmocomBB ?
It appears to be difficult to source compatible phones in the UK but I did
manage to get this C115 Model and wanted confirmation before hacking away at
it only to find it is not going to play.
The wiki states :
Motorola C115/C117
It seems to be 99.9% identical with the
MotorolaC123<http://bb.osmocom.org/trac/wiki/MotorolaC123>/C121/C122
series.
So far, all our software (written for the
MotorolaC123<http://bb.osmocom.org/trac/wiki/MotorolaC123>)
is working on the C115/C117, too.
The PCB is marked E87, i.e. one number less than the
MotorolaC123<http://bb.osmocom.org/trac/wiki/MotorolaC123>(E88).
Any feedback would be very appreciated from anyone who has had success with
this particular phone from the Users side.
Thanks
Raz
I've been going over Sylvain's report on removing the RX filters,
http://www.246tnt.com/gsm/rx_filter.html, and I had some slight
differences on the c139 that I'm hoping someone can help me with.
Similar to Sylvain's experience, the schematic doesn't match reality.
Just as Sylvain describes, the signal from the balanced output appears
to be going through inductors rather than capacitors and there isn't a
bridging inductor.
However on my c139, the unbalanced input is missing the inductor to
ground on the EGSM path and is missing the capacitor to ground on the
DCS path. (Sylvain had a capacitor to ground on DCS where the schematic
has an inductor to ground.)
You can find a picture of what I'm looking at here:
http://thre.at/c139/c139rxfilters.jpg . I've placed the c139 schematics
in that directory as well, http://thre.at/c139 .
My guess is that the filters in the schematics had a different
unbalanced impedance than the ones they ended up placing on the c139.
But I'm not an EE, and that is just a guess.
I can't read the markings on the filters I have, so I can't check the
unbalanced input from a data sheet. I also don't have a way to measure
the components that are there now so I can't try and compute the value.
My question is, does this matter? That is, should I use the same balun
that Sylvain chose or should I find one with a different unbalanced
impedance? Alternatively, should I use the same baluns and just install
an inductor (or capacitor on DCS) to ground so that it matches Sylvain's
c123?
Any ideas?
(As an aside, the baluns that Sylvain chose aren't perfect for the US
frequency range, but they should work okay.)
Hello,
I'd like to propose a 3-way link swap with your website http://bb.osmocom.org, where you receive 2 links in exchange
for one of yours.
3-way linking is a very effective link building strategy. Since you're getting the links from third party websites, they appear
totally natural to search engine algorithms. Such inbound links help your website rank higher in Google and other search
engines.
Our partner sites that link to your site are at least 3 years old with a minimum pagerank of PR3.
Visit http://twinlinks.net to submit your website.
Thanks,
Rebecca Wilson
Founder & CEO, TwinLinks
Dear folks,
I recently played with osmocomBB and wanted to try out the
cell_log and gsmmap feature.
Therefore I tried to rebuild osmocomBB (sylvains testing tree) with gpsd
2.96 installed on archlinux kernel 2.6.38.
If there is more information needed, just tell me!
Error while "$make":
Making all in src
make[2]: Entering directory
`/home/temal/dev/pkg/osmotemp/osmocom-bb/src/host/layer23/src'
Making all in common
make[3]: Entering directory
`/home/temal/dev/pkg/osmotemp/osmocom-bb/src/host/layer23/src/common'
CC l1ctl.o
CC l1l2_interface.o
CC sap_interface.o
CC lapdm.o
CC logging.o
CC networks.o
CC sim.o
sim.c: In function ‘gsm_sim_reply’:
sim.c:146:11: warning: variable ‘payload’ set but not used
[-Wunused-but-set-variable]
CC sysinfo.o
CC gps.o
gps.c: In function ‘osmo_gpsd_cb’:
gps.c:73:2: error: too few arguments to function ‘gps_waiting’
/usr/include/gps.h:1435:13: note: declared here
gps.c:77:2: warning: implicit declaration of function ‘gps_poll’
[-Wimplicit-function-declaration]
gps.c: In function ‘osmo_gpsd_open’:
gps.c:114:2: error: too few arguments to function ‘gps_open’
/usr/include/gps.h:1430:12: note: declared here
make[3]: *** [gps.o] Error 1
make[3]: Leaving directory
`/home/temal/dev/pkg/osmotemp/osmocom-bb/src/host/layer23/src/common'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory
`/home/temal/dev/pkg/osmotemp/osmocom-bb/src/host/layer23/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory
`/home/temal/dev/pkg/osmotemp/osmocom-bb/src/host/layer23'
make: *** [host/layer23/layer23] Error 2
Hi!
As more and more code is moving into libraries (like I just did with the
LAPDm code, and like pablo is working on with libosmo-abis), we needed a
solution how to allocate and use the LOGP subsystem constants like DRSL,
DRR, ... from within libraries.
The existing logging code wasn't really prepared for that. I've now
come um with a hack to extend it while preserving compatibility to
applications:
* we use negative numbers starting from -1 for library-internal
subsystems
* those numbers get converted to a positive index into the various
arrays at run-time. So -1 ends up one entry higher in the array
than the last application-providede log category/subsystem.
As part of this change, the array allocations are now dynamic, i.e there
is no maximum limit for the number of log categories that an application
can register with the core.
Only for libraries (even outside libosmocore), we have compile-time
registration, i.e. the 'struct log_info_cat' and the D* constant need to
be defined inside libosmocore. I think this is an acceptable
compromise.
Furthermore, if LOGP()/DEBUGP() ever see a subsystem number that it
doesn't know, it will assign it to the new 'DLGLOBAL' (Debug Library
GLOBAL) category, i.e. there cna be no array overflows.
This ensures that even an external library using a 'newer' D* constant
will not crash or otherwise fail, it will simply log in a slightly
different way.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
hello
i have Motorola c123 The following are my steps:
1-
$ cd osmocom-bb
$ git checkout -b testing remotes/origin/sylvain/testing
fatal: git checkout: branch testing already exists
2-
~/osmocom-bb/src/host/osmocon$ ./osmocon -p /dev/ttyUSB0 -m c123xor
../../target/firmware/board/compal_e88/layer1.compalram.bin
got 2 bytes from modem, data looks like: 2f 00 /.
got 5 bytes from modem, data looks like: 1b f6 02 00 41 ....A
got 1 bytes from modem, data looks like: 01 .
got 1 bytes from modem, data looks like: 40 @
Received PROMPT1 from phone, responding with CMD
read_file(../../target/firmware/board/compal_e88/layer1.compalram.bin):
file_size=51320, hdr_len=4, dnload_len=51327
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 43 C
Received PROMPT2 from phone, starting download
handle_write(): 4096 bytes (4096/51327)
handle_write(): 4096 bytes (8192/51327)
handle_write(): 4096 bytes (12288/51327)
handle_write(): 4096 bytes (16384/51327)
handle_write(): 4096 bytes (20480/51327)
handle_write(): 4096 bytes (24576/51327)
handle_write(): 4096 bytes (28672/51327)
handle_write(): 4096 bytes (32768/51327)
handle_write(): 4096 bytes (36864/51327)
handle_write(): 4096 bytes (40960/51327)
handle_write(): 4096 bytes (45056/51327)
handle_write(): 4096 bytes (49152/51327)
handle_write(): 2175 bytes (51327/51327)
handle_write(): finished
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 03 .
got 1 bytes from modem, data looks like: 42 B
Received DOWNLOAD ACK from phone, your code is running now!
OSMOCOM Layer 1 (revision osmocon_v0.0.0-786-g937023b)
======================================================================
Device ID code: 0xb4fb
Device Version code: 0x0000
ARM ID code: 0xfff3
cDSP ID code: 0x0128
Die ID code: df0d1621a400d808
======================================================================
REG_DPLL=0x2413
CNTL_ARM_CLK=0xf0a1
CNTL_CLK=0xff91
CNTL_RST=0xfff3
CNTL_ARM_DIV=0xfff9
======================================================================
THIS FIRMWARE WAS COMPILED WITHOUT TX SUPPORT!!!
Assert DSP into Reset
Releasing DSP from Reset
Setting some dsp_api.ndb values
Setting API NDB parameters
DSP Download Status: 0x0001
DSP API Version: 0x0000 0x0000
Finishing download phase
DSP Download Status: 0x0002
DSP API Version: 0x3606 0x0000
LOST 1968!
3-
~/osmocom-bb/src/host/layer23/src/mobile$ ./mobile
Copyright (C) 2008-2010 ...
Contributions by ...
License GPLv2+: GNU GPL version 2 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
<000e> sim.c:1206 init SIM client
<0005> gsm48_cc.c:61 init Call Control
<0001> gsm48_rr.c:4944 init Radio Ressource process
<0004> gsm48_mm.c:1220 init Mobility Management process
<0004> gsm48_mm.c:971 Selecting PLMN SEARCH state, because no SIM.
<0002> gsm322.c:3472 init PLMN process
<0003> gsm322.c:3473 init Cell Selection process
Mobile '1' initialized, please start phone now!
VTY available on port 4247.
<0004> subscriber.c:556 Requesting SIM file 0x2fe2
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
I wait and wait and nothing happens to keep as is?
What is the solution to this problem?
I hope someone can help me as soon as
--
View this message in context: http://baseband-devel.722152.n3.nabble.com/help-me-i-have-motorola-c123-tp3…
Sent from the baseband-devel mailing list archive at Nabble.com.
Hi,
I've got 4 C115 phones (all same firmware). One is not loading and
reporting the ftmtool error. The others are loading fine.
Could this be caused by a blown RX input on the chip? Or could there
other reasons why it does not work. I tried both an FTDI cable and a
buspirate.
Best regards,
Job
output:
./osmocon -p /dev/ttyUSB0 -m c123xor
../../target/firmware/board/compal_e88/loader.compalram.bin
got 2 bytes from modem, data looks like: 04 01 ..
got 5 bytes from modem, data looks like: 1b f6 02 00 41 ....A
got 1 bytes from modem, data looks like: 01 .
got 1 bytes from modem, data looks like: 40 @
Received PROMPT1 from phone, responding with CMD
read_file(../../target/firmware/board/compal_e88/loader.compalram.bin):
file_size=17132, hdr_len=4, dnload_len=17139
got 1 bytes from modem, data looks like: 66 f
got 1 bytes from modem, data looks like: 74 t
got 1 bytes from modem, data looks like: 6d m
got 1 bytes from modem, data looks like: 74 t
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 6c l
Received FTMTOOL from phone, ramloader has aborted
got 1 bytes from modem, data looks like: 65 e
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 72 r
On Sat, 25 Jun 2011 23:13:10 +0530, "R M" <rm.engineer84(a)gmail.com> wrote:
>
> Can you please provide me the patch for the present version of
> osmocon.c as you mentioned in the mail as I am unable to apply the
> patch manually.
I don't have a patch for the current version as I currently don't
work with OsmocomBB.
Best regards,
Dieter
--
Dieter Spaar, Germany spaar(a)mirider.augusta.de
Hello Harald,
On Sat, 4 Jun 2011 08:46:50 +0200, "Harald Welte" <laforge(a)gnumonks.org> wrote:
>
> i have never heard of somebody doing this on windows 7. Almost everyone
> here uses Linux or MacOS. And the only prominent Windows user involved
> in the project is working with Windows XP.
At least on my Cygwin installation under Windows XP the serial port
is accessible as "/dev/ttySx" (x is "0" for COM1, "1" for COM2 and
so on). All the USB to serial converters I am aware of are virtual
COM ports on Windows which means that they are accessible the same
way, e.g. if the virtual COM port is "COM7" it can be be accessed
as "/dev/ttyS6",
Best regards,
Dieter
--
Dieter Spaar, Germany spaar(a)mirider.augusta.de
Hello,
since I am new to this list, I want to take the opportunity to thank
your for your efforts. It is just awesome that one can do phonecalls
with an open-source baseband stack.
I'm new to the project and I'm searching a method to send prepared
packets (Layer 3) to my basestation in my lab. I'm searching now for
the best way to do so, is there already a script allowing me to
perform that task? I couldn't find one when I searched. If there is
none available I would try to build one using code located in layer23.
I would be glad if you could point me to the method if there is
already something available.
With best regards
Hi list,
with a bit of help from Harald, I finally managed to push my commits.
Hence, we have:
- platform support for Calypso (timers, irq, ...)
- char device driver for keypad (/dev/keypad)
- some hacks reusing old drivers for SPI/poweroff and sercomm
The console currently outputs in osmocon while you have to write to the
loader interface with a python script. Flushing is kind of a problem
too. Haven't checked how to fix those two, so any volunteers?
Bye,
Stefan
Hello List,
as part of my research, I'm trying to use the 'mobile' app to send and
receive data on traffic channels. That is, I want to replace the audio
stream from the phone's microphone/speaker by something else supplied
by the computer attached to the phone. I realize this feature isn't
fully implemented in osmocom-BB currently, and I'm willing to write
some code to make it work (and share my results with this list if
there's any interest). Here's what I've done so far:
- merged the sylvain/traffic and jolly/voice branches
- added some code to mobile that writes the payload of downlink frames
to a user-specified file once a call has been established
As far as the receiving end goes, this seems to work. I'm still
unclear as to where I should start on the sending side -- I do expect
it to be somewhat more complex. Any pointers -- or a rough outline of
what is left to be done to make this work -- would be much
appreciated.
Kind regards,
Michael Voelske
> Because you're using a C123 that doesn't require a 'MAGIC' marker when
> doing the code download.
netbook ~ # osmocom-roaming/src/host/osmocon/osmocon -p /dev/ttyUSB0 -m c140xor osmocom-roaming/src/target/firmware/board/compal_e88/layer1.compalram.bin
got 1 bytes from modem, data looks like: 00 .
does not seem so. but anyway: it is not a problem of the application "mobile". the process of one phone gets stuck while waiting for power measurement replay. the process of the other phone waits for the RACH confirm but never receives it. it looks pretty much like a broken layer1 or serial connection.
-----Ursprüngliche Nachricht-----
Von: Sylvain Munaut [mailto:246tnt@gmail.com]
Gesendet: Mittwoch, 15. Juni 2011 13:31
An: Andreas.Eversberg
Cc: Basem Ahmed; baseband-devel(a)lists.osmocom.org
Betreff: Re: Facing issues in using OSMOCOM
On Wed, Jun 15, 2011 at 11:35 AM, Andreas.Eversberg
<Andreas.Eversberg(a)versatel.de> wrote:
> mine is >50k. why am i not getting the same warning?
Because you're using a C123 that doesn't require a 'MAGIC' marker when
doing the code download.
But when using the c140xor, osmocon will have to insert a specific
marker at a specific address for the bootloader to accept the file and
if the file is > 15 k, that marker will overwrite part of the binary
which will lead to something that can crash at any time (because
whatever code is overwritten will vary depending on a bunch of
factors)
Sylvain
can you send the full mobile output? (from start of application until it
halts)
> <0002> gsm322.c:3176 (ms 1) Event 'EVENT_SIM_INSERT' for
automatic PLMN selection in state 'A0 null'
> <000d> gsm322.c:1090 Start search of last registered PLMN
(mcc=420 mnc=01 Saudi Arabia, Al Jawal)
> <0002> gsm322.c:1094 Use RPLMN (mcc=420 mnc=01 Saudi Arabia, Al
Jawal)
> <0002> gsm322.c:530 new state 'A0 null' -> 'A1 trying RPLMN'
> <0003> gsm322.c:3396 (ms 1) Event 'EVENT_NEW_PLMN' for Cell
selection in state 'C0 null'
> <000d> gsm322.c:3007 Selecting network (mcc=420 mnc=01 Saudi
Arabia, Al Jawal)
> <0003> gsm322.c:3013 Start stored cell selection.
> <0003> gsm322.c:559 new state 'C0 null' -> 'C2 stored cell
selection'
can you send me the your ~/.osmocom/bb/1.ba file? don't worry, it will
only contain band allocations you have received so far. (rename it an
see, if the problem still exists.)
Hello everyone.
After some more digging turns out that removing the "Status 1: 90 00" from the firrmware the SIM response gets back to the upper layers.
What I've also noticed is that when the SIM response wasn't getting to the mobile application a L1CTL_RESET was following. My question is : would this L1CTL_RESET
have the effect of removing pending packets from the queue? Cause that would sort of explain why the delay introduced by the debug printing would influence the overall behaviour.
Thanks,
Mihai.
--- On Sun, 5/15/11, eisencah eisenach <wbg_1000(a)yahoo.com> wrote:
From: eisencah eisenach <wbg_1000(a)yahoo.com>
Subject: Re: Fw: Re: mobile - making a call
To: baseband-devel(a)lists.osmocom.org
Date: Sunday, May 15, 2011, 5:52 PM
Hi again.
So after some digging I'm quite sure the ADPU response doesn't make it back into the upper layers. My question is , case the osmocon output contains some weird characters (see bellow), I should assume that at that point something went wrong with the serial link? Also is there some flag to compile the firmware such that the prints have no effect, as to offload the serial link?
Thanks,
Mihai.
L1CTL_DATA_REQ (link_id=0x00)
ul=00811fe0, ul->payload=00811fe4, data_ind=00811fe4, data_ind->data=00811fe4 l3h=00811fe4
SIM Request (7): a0 a4 00 00 02 6f 20
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (14): a0 d6 00 00 09 ff 49 fd 1a 49 8f 70 00 01
Status 2: 90��Q��L1CTL_PARAM_REQ (ta=1, tx_power=6)
L1CTL_DATA_REQ (link_id=0x00)
ul=00811fe0,
ul->payload=00811fe4, data_ind=00811fe4, data_ind->data=00811fe4 l3h=00811fe4
L1CTL_DATA_REQ (link_id=0x00)
ul=008123c4, ul->payload=008123c8, data_ind=008123c8, data_ind->data=008123c8 l3h=008123c8
--- On Sat, 5/7/11, Sylvain Munaut <246tnt(a)gmail.com> wrote:
From: Sylvain Munaut <246tnt(a)gmail.com>
Subject: Re: Fw: Re: mobile - making a call
To: "eisencah eisenach" <wbg_1000(a)yahoo.com>
Cc: baseband-devel(a)lists.osmocom.org
Date: Saturday, May 7, 2011, 11:07 AM
> So any ideea where to look for the answer to the UPDATE_BINARY message?
No not really ...
But there is a good reason the SIM driver is not in master ... it
sucks at several level, including blocking behavior in interrupt
context IIRC, so it's totally plausible your
machine speed triggers
some weird things.
My advice would be to:
- Cleanup the SIM driver
- Bypass it in the code and try to access a real PCSC device locally
rather than the built in SIM reader.
Both are non-trivial of course.
Cheers,
Sylvain
Also we are sure about the correct setup of ARM tool chain!! any help please about such issue.
--- On Mon, 6/13/11, Basem Ahmed <eng_basemm(a)yahoo.com> wrote:
From: Basem Ahmed <eng_basemm(a)yahoo.com>
Subject: Re: Facing issues in using OSMOCOM
To: "baseband-devel" <baseband-devel(a)lists.osmocom.org>
Date: Monday, June 13, 2011, 11:41 AM
Hi All GNUMonks,
I am adding the log output here for reference as suggesed by Sylvain:
Mobile Output:
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=2)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=2 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:442 received ACC 0040 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f7b
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY
(handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f7b)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=12)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=12 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:518 (ms 1) Done reading SIM card (IMSI=420012300358346 Saudi Arabia, Al Jawal)
<0004> subscriber.c:530 -> SIM card registered to 420 01 (Saudi Arabia, Al
Jawal)
<0004> gsm48_mm.c:4160 (ms 1) Received 'MMR_REG_REQ' event
<0002> gsm322.c:3176 (ms 1) Event 'EVENT_SIM_INSERT' for automatic PLMN selection in state 'A0 null'
<000d> gsm322.c:1090 Start search of last registered PLMN (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0002> gsm322.c:1094 Use RPLMN (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0002> gsm322.c:530 new state 'A0 null' -> 'A1 trying RPLMN'
<0003> gsm322.c:3396 (ms 1) Event 'EVENT_NEW_PLMN' for Cell selection in state 'C0 null'
<000d> gsm322.c:3007 Selecting network (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0003> gsm322.c:3013 Start stored cell selection.
<0003> gsm322.c:559 new state 'C0 null' -> 'C2 stored cell selection'
Layer1: Output
read_file(../../target/firmware/board/compal_e86/layer1.compalram.bin): file_size=54736, hdr_len=4, dnload_len=54743
got 1 bytes from modem, data
looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 43 C
Received PROMPT2 from phone, starting download
handle_write(): 4096 bytes (4096/54743)
handle_write(): 4096 bytes (8192/54743)
handle_write(): 4096 bytes (12288/54743)
handle_write(): 4096 bytes (16384/54743)
handle_write(): 4096 bytes (20480/54743)
handle_write(): 4096 bytes (24576/54743)
handle_write(): 4096 bytes (28672/54743)
handle_write(): 4096 bytes (32768/54743)
handle_write(): 4096 bytes (36864/54743)
handle_write(): 4096 bytes (40960/54743)
handle_write(): 4096 bytes (45056/54743)
handle_write(): 4096 bytes (49152/54743)
handle_write(): 4096 bytes
(53248/54743)
handle_write(): 1495 bytes (54743/54743)
handle_write(): finished
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 03 .
got 1 bytes from modem, data looks like: 42 B
Received DOWNLOAD ACK from phone, your code is running now!
OSMOCOM Layer 1 (revision osmocon_v0.0.0-906-g5bbea93-modified)
======================================================================
Device ID code: 0xb4fb
Device Version code: 0x0000
ARM ID code: 0xfff3
cDSP ID code: 0x0128
Die ID code:
e144263d880014fd
======================================================================
REG_DPLL=0x2413
CNTL_ARM_CLK=0xf0a1
CNTL_CLK=0xff91
CNTL_RST=0xfff3
CNTL_ARM_DIV=0xfff9
======================================================================
Power up simcard:
Assert DSP into Reset
Releasing DSP from Reset
Setting some dsp_api.ndb values
Setting API NDB parameters
DSP Download Status: 0x0001
DSP API Version: 0x0000 0x0000
Finishing download phase
DSP Download Status: 0x0002
DSP API Version: 0x3606 0x0000
LOST 1174!
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 2f e2
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0a
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 07
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 7e
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0b
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 10
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 40
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 84
Status 1: 94 08
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20
Status 2: 9F 23
SIM Request (5): a0 c0
00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 20
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 30
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 3c
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 31
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 01
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 46
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 11
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 78
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 02
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 7b
Status 2: 9F 13
SIM Request (5): a0
c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0c
Status 1: 90 00
--- On Sun, 6/12/11, Basem Ahmed <eng_basemm(a)yahoo.com> wrote:
From: Basem Ahmed <eng_basemm(a)yahoo.com>
Subject: Re: Facing issues in using OSMOCOM
To: "baseband-devel" <baseband-devel(a)lists.osmocom.org>
Cc: "Sylvain Munaut" <246tnt(a)gmail.com>
Date: Sunday, June 12, 2011, 9:55 PM
Dear All,
sorry for the previous mistake .Actually I am trying
to run the Mobile project but i have some issues there .let me telling you all the procedures i made :
1-git clone the osmocom project2-make the checkout (git checkout origin/sylvain/testing )3-compiling the project(it works after some modification of TX transmitter enable)4-run the
loader.compalram.bin(running perfectly)5-run the layer1.comalram.bin6-run telnet localhost and enabling the ms 17-run the mobile the project8-press the power on buttonsfor mobile application ===>it keeps running perfectly exactly as you did in the demo and its says it complete reading the SIM and giving my network name but it stop before checking the network signals at the line:selection network(mcc=420 aljawal )start stored cell selection<003> gsm322.c:559 new state 'C0 null' ->'C2 stored cell Selection' .for the layer1 application===>it downloading successfully and it keeps synchronized with mobile application keep SIM requesting till the line:sim request (5): a0 b0 00 00 0cStaus 1:90 00
Hoping to hear from you soon.
regard,--- On Sun, 6/12/11, Sylvain Munaut <246tnt(a)gmail.com> wrote:
From: Sylvain
Munaut <246tnt(a)gmail.com>
Subject: Re: Facing issues in using OSMOCOM
To: "Basem Ahmed" <eng_basemm(a)yahoo.com>, "baseband-devel" <baseband-devel(a)lists.osmocom.org>
Date: Sunday, June 12, 2011, 7:21 PM
> How are you? Refer to below mail.
I read the mailing list, please do not send to me directly. Only CC me
(and CC, not a separate mail forward please) if you're posting a patch
and you want me to review it and merge it.
If I have an answer, I will answer ... (but in this case, from your
description it seems like a 'mobile' problem which I virtually never
use, so I may not have an answer at all)
> I am able to download the loader.compalram.bin and layer1.compalram.bin and running the mobile project. I am also using the telnet for configuration. But it is stopping at following some state mentioned in attached file.
Sorry,
but if you
attach .docx file, there is zero chance I'm gonna look at it.
1) .docx is a proprietary format, don't expect people can read it
2) Even if this was a open document ( .ods or so ), I don't use office
suite at all.
3) A .txt attachement still requires me to download it and look at it ...
4) In general, to maximize your chance of getting an answer, you have
to do your best to minimize the work to be done by the people you want
to help you. In this particular case:
- You properly included a description of your setup and up to where
you got, that's great.
- What's missing is a 'snippet' of the log with the 'state' it seems locked it.
- Then at the end of the mail, cut and paste the complete logs (both
from osmocon and from the mobile app).
- If possible avoid HTML mail as well ...
(don't take all this bad and/or personally, just trying to help you
maximize your chance of getting the answers
you're looking for).
Cheers,
Sylvain
Hi All GNUMonks,
I am adding the log output here for reference as suggesed by Sylvain:
Mobile Output:
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=2)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=2 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:442 received ACC 0040 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f7b
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f7b)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=12)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=12 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:518 (ms 1) Done reading SIM card (IMSI=420012300358346 Saudi Arabia, Al Jawal)
<0004> subscriber.c:530 -> SIM card registered to 420 01 (Saudi Arabia, Al Jawal)
<0004> gsm48_mm.c:4160 (ms 1) Received 'MMR_REG_REQ' event
<0002> gsm322.c:3176 (ms 1) Event 'EVENT_SIM_INSERT' for automatic PLMN selection in state 'A0 null'
<000d> gsm322.c:1090 Start search of last registered PLMN (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0002> gsm322.c:1094 Use RPLMN (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0002> gsm322.c:530 new state 'A0 null' -> 'A1 trying RPLMN'
<0003> gsm322.c:3396 (ms 1) Event 'EVENT_NEW_PLMN' for Cell selection in state 'C0 null'
<000d> gsm322.c:3007 Selecting network (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0003> gsm322.c:3013 Start stored cell selection.
<0003> gsm322.c:559 new state 'C0 null' -> 'C2 stored cell selection'
Layer1: Output
read_file(../../target/firmware/board/compal_e86/layer1.compalram.bin): file_size=54736, hdr_len=4, dnload_len=54743
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 43 C
Received PROMPT2 from phone, starting download
handle_write(): 4096 bytes (4096/54743)
handle_write(): 4096 bytes (8192/54743)
handle_write(): 4096 bytes (12288/54743)
handle_write(): 4096 bytes (16384/54743)
handle_write(): 4096 bytes (20480/54743)
handle_write(): 4096 bytes (24576/54743)
handle_write(): 4096 bytes (28672/54743)
handle_write(): 4096 bytes (32768/54743)
handle_write(): 4096 bytes (36864/54743)
handle_write(): 4096 bytes (40960/54743)
handle_write(): 4096 bytes (45056/54743)
handle_write(): 4096 bytes (49152/54743)
handle_write(): 4096 bytes (53248/54743)
handle_write(): 1495 bytes (54743/54743)
handle_write(): finished
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 03 .
got 1 bytes from modem, data looks like: 42 B
Received DOWNLOAD ACK from phone, your code is running now!
OSMOCOM Layer 1 (revision osmocon_v0.0.0-906-g5bbea93-modified)
======================================================================
Device ID code: 0xb4fb
Device Version code: 0x0000
ARM ID code: 0xfff3
cDSP ID code: 0x0128
Die ID code: e144263d880014fd
======================================================================
REG_DPLL=0x2413
CNTL_ARM_CLK=0xf0a1
CNTL_CLK=0xff91
CNTL_RST=0xfff3
CNTL_ARM_DIV=0xfff9
======================================================================
Power up simcard:
Assert DSP into Reset
Releasing DSP from Reset
Setting some dsp_api.ndb values
Setting API NDB parameters
DSP Download Status: 0x0001
DSP API Version: 0x0000 0x0000
Finishing download phase
DSP Download Status: 0x0002
DSP API Version: 0x3606 0x0000
LOST 1174!
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 2f e2
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0a
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 07
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 7e
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0b
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 10
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 40
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 84
Status 1: 94 08
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20
Status 2: 9F 23
SIM Request (5): a0 c0 00 00 23
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 20
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 30
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 3c
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 31
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 01
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 46
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 11
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 78
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 02
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 7b
Status 2: 9F 13
SIM Request (5): a0 c0 00 00 13
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0c
Status 1: 90 00
--- On Sun, 6/12/11, Basem Ahmed <eng_basemm(a)yahoo.com> wrote:
From: Basem Ahmed <eng_basemm(a)yahoo.com>
Subject: Re: Facing issues in using OSMOCOM
To: "baseband-devel" <baseband-devel(a)lists.osmocom.org>
Cc: "Sylvain Munaut" <246tnt(a)gmail.com>
Date: Sunday, June 12, 2011, 9:55 PM
Dear All,
sorry for the previous mistake .Actually I am trying to run the Mobile project but i have some issues there .let me telling you all the procedures i made :
1-git clone the osmocom project2-make the checkout (git checkout origin/sylvain/testing )3-compiling the project(it works after some modification of TX transmitter enable)4-run the
loader.compalram.bin(running perfectly)5-run the layer1.comalram.bin6-run telnet localhost and enabling the ms 17-run the mobile the project8-press the power on buttonsfor mobile application ===>it keeps running perfectly exactly as you did in the demo and its says it complete reading the SIM and giving my network name but it stop before checking the network signals at the line:selection network(mcc=420 aljawal )start stored cell selection<003> gsm322.c:559 new state 'C0 null' ->'C2 stored cell Selection' .for the layer1 application===>it downloading successfully and it keeps synchronized with mobile application keep SIM requesting till the line:sim request (5): a0 b0 00 00 0cStaus 1:90 00
Hoping to hear from you soon.
regard,--- On Sun, 6/12/11, Sylvain Munaut <246tnt(a)gmail.com> wrote:
From: Sylvain
Munaut <246tnt(a)gmail.com>
Subject: Re: Facing issues in using OSMOCOM
To: "Basem Ahmed" <eng_basemm(a)yahoo.com>, "baseband-devel" <baseband-devel(a)lists.osmocom.org>
Date: Sunday, June 12, 2011, 7:21 PM
> How are you? Refer to below mail.
I read the mailing list, please do not send to me directly. Only CC me
(and CC, not a separate mail forward please) if you're posting a patch
and you want me to review it and merge it.
If I have an answer, I will answer ... (but in this case, from your
description it seems like a 'mobile' problem which I virtually never
use, so I may not have an answer at all)
> I am able to download the loader.compalram.bin and layer1.compalram.bin and running the mobile project. I am also using the telnet for configuration. But it is stopping at following some state mentioned in attached file.
Sorry, but if you
attach .docx file, there is zero chance I'm gonna look at it.
1) .docx is a proprietary format, don't expect people can read it
2) Even if this was a open document ( .ods or so ), I don't use office
suite at all.
3) A .txt attachement still requires me to download it and look at it ...
4) In general, to maximize your chance of getting an answer, you have
to do your best to minimize the work to be done by the people you want
to help you. In this particular case:
- You properly included a description of your setup and up to where
you got, that's great.
- What's missing is a 'snippet' of the log with the 'state' it seems locked it.
- Then at the end of the mail, cut and paste the complete logs (both
from osmocon and from the mobile app).
- If possible avoid HTML mail as well ...
(don't take all this bad and/or personally, just trying to help you
maximize your chance of getting the answers
you're looking for).
Cheers,
Sylvain
> How are you? Refer to below mail.
I read the mailing list, please do not send to me directly. Only CC me
(and CC, not a separate mail forward please) if you're posting a patch
and you want me to review it and merge it.
If I have an answer, I will answer ... (but in this case, from your
description it seems like a 'mobile' problem which I virtually never
use, so I may not have an answer at all)
> I am able to download the loader.compalram.bin and layer1.compalram.bin and running the mobile project. I am also using the telnet for configuration. But it is stopping at following some state mentioned in attached file.
Sorry, but if you attach .docx file, there is zero chance I'm gonna look at it.
1) .docx is a proprietary format, don't expect people can read it
2) Even if this was a open document ( .ods or so ), I don't use office
suite at all.
3) A .txt attachement still requires me to download it and look at it ...
4) In general, to maximize your chance of getting an answer, you have
to do your best to minimize the work to be done by the people you want
to help you. In this particular case:
- You properly included a description of your setup and up to where
you got, that's great.
- What's missing is a 'snippet' of the log with the 'state' it seems locked it.
- Then at the end of the mail, cut and paste the complete logs (both
from osmocon and from the mobile app).
- If possible avoid HTML mail as well ...
(don't take all this bad and/or personally, just trying to help you
maximize your chance of getting the answers you're looking for).
Cheers,
Sylvain
Hi
GNUGeeks,
I
am trying to use OSMOCOM project for calling purpose. I tried the current
master and remotes/origin/sylvain/testing branch also.
My
Linux version is OpenSUSE 11.2 (2.6.31.5-0.1-default) and mobile model is C139.
And
we used the model c140xor in the loader osmocon loader command.
I
am able to download the loader.compalram.bin and layer1.compalram.bin and
running the mobile project. I am also
using the telnet for configuration. But
it is stopping at following some state mentioned in attached file.
Hoping to read soon from you guys.
Regards,Basem
Hi,
i am getting the below error when i try to compile the
GSM stack sources.
administrator@administrator-desktop:~/osmocom-bb/src$ make
cd shared/libosmocore && autoreconf -i
/bin/sh: autoreconf: not found
make: *** [shared/libosmocore/configure] Error 127
can any one try to help me.
regards,
nagesh.
Hi all,
did anyone succeeded on attaching to JTAG port of Calypso ?
I was looking at the docs here :
http://bb.osmocom.org/trac/wiki/MotorolaC123, especially this :
http://bb.osmocom.org/trac/attachment/wiki/MotorolaC123/compal_testpads.png,
so I was wondering if someone has used JTAG, specifficaly with OpenOCD
or UrJTAG ?
I am planning to do some work on NuttX port, and I think that JTAG
debugging would be very convenient for this kind of low level task.
Also, I think that JTAG RAM flashing should be faster than current
Osmocon RS232 method. Did anyone tried this and can osmocon be
instructed that the code is already present in RAM, i.e. JTAG uploaded
?
Best regards,
Drasko
Hello List,
Sorry for out of scope question.
Can any one suggest me community or mailing list for IP sniffing IP network
hacking or account hacking, I'm planning to join for ethical hacking
courses.
Kind Regards,
On 06/03/2011 04:32 PM, Holger Hans Peter Freyther wrote:
Hi all,
I would like to get more students involved and would be interested in acting
as a mentor. For the below osmo-pcap codebase I have a set of bite sized tasks
(of different size) and it would be great if we could get some students to
pick some of these.
The only requirement should be interest to learn to program in C, some self
motivation (e.g. use your favorite search engine before asking) but besides
that the skills are not that important.
cheers
holger
> Hi,
>
> I wrote a very primitive client and server for PCAP. The osmo_pcap_client will
> use libpcap to sniff on a local link, we have the usual VTY interface to
> configure it, one can change the filter and the device at runtime.
>
> There is also a very simple server that authenticates clients based on the
> remote address, that will write the pcap files to disk. The files will be
> rotated based on time and size, but also when the Link Header of a client is
> changing. The traffic is not encrypted yet but that is on the todolist.
>
> The code can be found in our git repository[1].
>
> holger
>
> [1] http://cgit.osmocom.org/cgit/osmo-pcap/
>
Hi list
First of all: Thanks to all of you who actively develop OsmocomBB.
Second: In the past few months I worked on an interface between a GSM
transceiver and ABB towards the mobile application from OsmocomBB. The
findings will be presented Tuesday, May 31, 1.55 pm in ETZ J64 at ETH
in Zurich (Gloriastrasse 35, 8092 Zürich). You are all invited.
The goal of this project was to understand the GSM protocol flow
better in order to be able to extend the hardware towards higher
layers. To this end, the mobile application (L2 and L3) was used.
Benjamin
Hello,
I've noticed during some tests made with a SIM in roaming that when I called myself I see my local number showed instead of the E.164 format number. In Wireshark I see that the numbering plan is set to unknown in this case (but this happens only when I select a specific operator). I started then to dial local numbers (while in roaming) and I could call any local number, from any network, without having to use the country code. Is this something that operators do?
Cheers,
Bogdan
Hi all,
going through the documentation, I am trying to figure out what would
be the best way to have whole protocol stack communication with
OsmocomBB.
Now, I understand that osmocon can be used to load layer1 into phones
RAM, so that this code turns on Calypso and communicate with DSP with
AT commands. Then osmocon gets messages from layer1 via RS232 and can
distribute them to the mobile application, which sends them to layer23
for further processing or via GSM tap to Wireshark or outputs them on
stdout.
What I am most interested in how do we insert pacgaes on the other
side of the stack, i.e. via telephone air interface (packets that will
traverse through Rita, Iota, Calypso down to stdout of host). From
what I understand we need some kind of BTS, and I can see that GNU
Radio is used for this purpose. But for this, as I understand USPRP
(http://en.wikipedia.org/wiki/Universal_Software_Radio_Peripheral)
FPGA motherboard with both RX and TX doughterboards is needed, which
can go up to 1k eur (too expensive for a hobbist).
I was wondering so, what is the best and the cheapest way to inject
packets at the protocol stack on the phone and analyze some packet
flow later with Wireshark - i.e. to get some usage of the OsmocomBB
and to see how it works. At this point I can only run Hello World
application, or "mobile" app without any usage (or I do not know how
to use it). What would be the best way to start playing around without
spending too much money.
Speaking of this, what would be the price of the cheapest existing
packet generator that can transmit them via Um (i.e. what is the price
of the cheapest BTS)?
Is there some open source FPGA that can be used for this purpose?
Thanks for your explanations and best regards,
Drasko
Hi all,
after loading L1 to RAM and starting mobile app, "show cell" is giving me :
OsmocomBB# show cell 1
arfcn |MCC |MNC |LAC |cell ID|forb.LA|prio |min-db |max-pwr|rx-lev
-------+-------+-------+-------+-------+-------+-------+-------+-------+-------
and
OsmocomBB# network search 1
logs :
<0002> gsm322.c:3099 (ms 1) Event 'EVENT_USER_RESEL' for automatic
PLMN selection in state 'A6 no SIM inserted'
<0002> gsm322.c:3106 Event unhandled at this state.
I have inserted SIM in the phone, and I know that SIM controller
driver is not functional on the master branch.
However, is there something that can be done even in this state to
have some packet logging in Wireshark ?
I.e. do we need SIM for any communication over Um. I guess not, and I
want to start at this state, and observe some packets that are
traversing the stack for educational reasons.
Can somebody point me how this can be done (with current master and no
SIM functional).
Best regards,
Drasko
Hi,
I am trying out osmocombb code in dell laptop running windows 7. It
does't contain serial ports.
I am using a USB to serial converter instead. How can I access the usb
port to which the USB to serial converter is attached in cygwin ?
Can someone who has done this, help me in this ?
Regards,
RM
HI
This is pramod. I am currently working with mobile platforms. How can i
contribute to your project or start working with your project.
--
Pramod
Be happy
I'm having issues getting the mobile application to work and I'm
wondering if this is a gsm850 problem. I have a couple of debugging
ideas but I thought I would post here just in case the answer is obvious
to someone else.
I'm testing on both a c118 and a c139.
I'm using the remotes/origin/sylvain/testing branch and this does have
quadband support. I've edited target/firmware/Makefile and defined
CONFIG_TX_ENABLE.
I have a valid SIM in my phone that works with both phones using the
default Motorola firmware. The 'sim reader 1' command is able to gather
(most of) the necessary information. (The access class is not correctly
read from the SIM but I haven't bothered tracking down why yet -- I just
hardcoded an access class of 0xffff.)
The mobile program correctly scans the frequency ranges and finds a good
tower and then attempts to do a location update. It generates a RACH
channel request and then (appears to) send it.
The problem is that the phone never receives an immediate assignment
response. The log shows multiple immediate assignments received, but
none match the request reference (RA and FN the burst was sent in.)
So it appears that the tower never receives the channel request I send.
The only test I have done so far is to monitor the uplink frequency with
a USRP (uhd_fft.py) during the location update procedure. It looks like
the phone is actually transmitting at the correct times, but I am not
positive. (I'd have to write some custom code before I can definitively
say one way or the other.)
The only other idea I have right now is that perhaps the timing advance
calculation is incorrect. There are a couple of constants used without
any explanation and I guess it is possible that these constants don't
work for my configuration. I'm going to start going through these
constants to determine if I can find a value that works.
Any other ideas to try here? Anyone else gotten this to work in the US?
Hi All,
i also wanted to contribute to this Project and already i had downloaded the
source and started looking into the code. i want to test it on some device
but i am not able to get the motorola devices here in India , bangalore. if
anyone can help me in getting these devices it will be helpfull.
regards,
nageswara reddy.