Dear all, I vae the C115 with a T1 USB to Serial cable with the Prolific
chipset.
When i run osmocon i get :- an its just sits there with no further
processing.
./osmocon -p /dev/ttyUSB0 -m c123xor
../../target/firmware/board/compal_e88/loader.compalram.bin
read_file(../../target/firmware/board/compal_e88/loader.compalram.bin):
file_size=17120, hdr_len=4, dnload_len=17127
read_file(../../target/firmware/board/compal_e88/loader.compalram.bin):
file_size=17120, hdr_len=4, dnload_len=17127
got 1 bytes from modem, data looks like: 00 .
got 2 bytes from modem, data looks like: 2f 00 /.
got 1 bytes from modem, data looks like: 1b .
got 3 bytes from modem, data looks like: f6 02 00 ...
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 01 .
got 1 bytes from modem, data looks like: 40 @
Received PROMPT1 from phone, responding with CMD
got 1 bytes from modem, data looks like: 66 f
got 1 bytes from modem, data looks like: 74 t
got 1 bytes from modem, data looks like: 6d m
got 1 bytes from modem, data looks like: 74 t
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 6c l
Received FTMTOOL from phone, ramloader has aborted
got 1 bytes from modem, data looks like: 65 e
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 6f o
got 1 bytes from modem, data looks like: 72 r
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 00 .
I think the cable is ok as when i run my fingers on the tip i get random
Zeros so it appears to be talking to the cable.
Also when i tried to run Mobile i get the :- even though i created the
Mobile.cfg file in /etc/osmoco
Failed to parse the config file: '/home/raz/.osmocom/bb/mobile.cfg'
Please check or create config file using: 'touch
/home/raz/.osmocom/bb/mobile.cfg'
I have spent some hours researching the lists and trying various things to
no avail but I want to continue until I resolve this issues and use this
great stack to learn about the GSM network.
Please advise.
Great full for any help or pointers but this maybe a timing issue that is
difficult to debug.
Thanks
Raz
hi,
i did a lot of resarch and testing on cell selection and re-selection
process the last two week.
the cell selection process, network selection process (manual and
automatic) and mobility management process were already implemented in
OsmocomBB a long time, but turned out to be buggy and incomplete. i made
test drives to check the process and debugged it.
the re-selection process is new. it is used to track surrounding cells
while listening to the BCCH of the current cell (camping on a cell).
special extension to the layer1 firmare is used to measure neighbour
cells. if an neighbour cell becomes 'better', the mobile switches to
that cell, depening on different criteria. now it is possible to move
with OsmocomBB.
the re-selection process is not handover! handover is a process where a
phone switches between cells while doing a call. handover is one next
step to implement. the process is a little more complex, because it
requires not only neighbour cell measurements, but also syncing to them
without interrupting the traffic channel. most layer 3 stuff of handover
is already implemented.
if you like to play and test your moving OsmocomBB, you can check out
the "jolly/roaming" branch. it contains the extension to layer1, as well
as sim reader and fixes from "sylvain/testing" branch. use both "mobile"
and "layer1" firmware from this branch.
in order to see some process at VTY, you can do:
enable
monitor network 1 (continously display the strongest cell and neighbour
cells)
show ms 1 (to see current states)
show neighbour-cells 1 (to see a more detailed current list of
neighbours)
andreas
hi josephli,
> Read stored BA list mnc=01
the mobile application stores the last cells and neighbour cells (band
allocation) of each network. this way the scanning is much
faster when restarting. because you use the SIM card with MNC == 02 the
first time, there is no band allocation stored for that. the mobile will
do a full scan in this case.
> while the sim card service I am tesing is actually with mnc 00 and 02.
i know that MNC == 0 will not work until i commited improvements of cell
selection process last sunday. you should retry that, but first try with
an MNC > 0.
can you provide debug output when trying a call?
also can you provide VTY output of "show ms" before you make the call?
regards,
andreas
hi,
i just fixed some locking issues the last days. fix will follow. it took
a bit longer, because there were some race conditions. it took up to
about one hour until it crashed. my way to detect the area where the
crash happened, was to turn on buzzer before that area, and turn it off
after that area. after many hours of approximation, i finally found out
that the major crash happend during _talloc_zero. (first it looks for a
free memory chunk, then it allocates it.) since it can be called from
all contexts (main, irq, fiq), it need to be locked against any
interrupt, otherwise the memory chunk can be assigned multiple times.
(the process of _talloc_free is "atomic" and requires no locking.)
because it seems pretty stable, i think it is time to merge some
branches into the master. (i made a 6 hours call yesterday. and no crash
after bugfix ever since.) i will do that together with sylvain, if we
find the time this weekend.
currently i use the jolly/voice together with the sylvain/traffic
branch. i am able to use an isdn phone togehter with linux-call-router
and make/receive calls. audio is passed both ways. i think this is a
stage where it actually become "usable". (if not moving arround.)
one of my major work for the next weeks/months will be the neighbour
cell measurement, cell re-selection, and handover. this is essential
when moving with the phone.
regards,
andreas
I've pulled git repo today, but the RSSI firmware gets an error.
apps/rssi/main.c: In function `main':
apps/rssi/main.c:896: warning: 'a' might be used uninitialized in this
function
apps/rssi/main.c:896: warning: 'e' might be used uninitialized in this
function
CC board/compal_e88/rssi.compalram.manifest.o
LD board/compal_e88/rssi.compalram.elf
OBJ board/compal_e88/rssi.compalram.bin
CC board/compal_e88/rssi.highram.manifest.o
LD board/compal_e88/rssi.highram.elf
OBJ board/compal_e88/rssi.highram.bin
CC board/compal_e88/rssi.e88loader.manifest.o
LD board/compal_e88/rssi.e88loader.elf
OBJ board/compal_e88/rssi.e88loader.bin
CC board/compal_e88/rssi.e88flash.manifest.o
LD board/compal_e88/rssi.e88flash.elf
OBJ board/compal_e88/rssi.e88flash.bin
CC board/compal_e86/rssi.compalram.manifest.o
LD board/compal_e86/rssi.compalram.elf
arm-elf-ld: region LRAM is full (board/compal_e86/rssi.compalram.elf
section .data)
make[1]: *** [board/compal_e86/rssi.compalram.elf] Error 1
make[1]: Leaving directory src/target/firmware'
make: *** [firmware] Error 2
$ git pull
Already up-to-date.
$
Anyone experiencing the same issue?
...a never ending story:
i have a working ftdi-ttl, but the cp2102-adapters
(http://www.ebay.de/itm/USB-2-0-to-UART-TTL-6PIN-Module-Serial-Converter-CP2…)
with the same cable dont work under ubuntu or windows.
if i rub the top of the 2.55mm with my finger random data appears. but the
loader doesnt upload the firmware.
i used the txd, rxd and gnd pins and checked the connections with a
multimeter.
i tested -m c123xor, -m c123 and the default firmware. flashing custom
baudrates was no problem.
rivers are installed correctly (stady ttyusb0 under ubuntu/ com1 under win).
is there any hint?
--
View this message in context: http://baseband-devel.722152.n3.nabble.com/cp2102-betemcu-B75937-tp3489336p…
Sent from the baseband-devel mailing list archive at Nabble.com.
Hi,
I've hacked something together to quickly test non-combined CCCH.
However, I've hit a problem when trying to receive anything on another
timeslot than 0.
The TX side seems to work fine as the BTS can see my location update
request and answers with a reject, but on the MS side, I never see the
reject and wireshark only shows invalid incohrent data on the RX.
The frames for SDCCH/8 show really nothing valid (looks like random
bytes), things like
09 80 7f 47 49 06 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
09 00 47 d5 2d 06 1e 00 00 69 7c a0 91 3d 22 ff ab fe 6c 4f 56 4f 36
...
while the frames for the associated SAACH show at least something gsm-like :
03 03 01 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b 2b
but that's not quite a SI5/6 ...
To RX/TX on TS=1, I just delayed the RX/TX window by 625 bits (4 *
156.25) when I'm in dedicated channel mode by chaning the 'start' in
l1s_tx_win_ctrl / l1s_rx_win_ctrl
Is there something else that should be done ?
Cheers,
Sylvain
Hi Sylvain, hi list!
I'm experimenting with burst_ind and TCHs right now and ran
into some problem I couldn't solve yet.
After receiving an Assignment Command for a hopping TCH/F I
call l1ctl_tx_dm_est_req_h1() with all necessary parameters
and tch_mode GSM48_CMODE_SPEECH_V1 or _EFR.
After that I do get burst indications containing the received
bits on up- and downlink for the active arfcn on each
consecutive frame number.
BUT the rx level measurements are most of the time very low
and sporadic higher, surely not from that nearby bts and the
very close cellphone.
It looks like the layer1 doesn't "hit" the right timeslot
on the right arfcn at the right time.
There are some possible sources of error leading to that, like
hopping parameters, channel number and MA list.
But I checked these and I took all of them directly from the
ASS CMD, the MA as word list in ascending order, like in layer23
IMM ASS handling.
The specific AC doesn't have any specialties like Starting Time
or "before time" parameters.
So my question is if there is some obvious pitfall I'm missing
and are there any suggestions how to debug that?
Regards,
Mad
Hi,
I am trying to use burst_ind branch of osmocom. I have noticed that layer23 creates bursts****.dat files when it indicates uplink. What data are written to these files and what should I use to see its data? Thank you.
Hi,
I have a git clone from 23.01.2012 and a current git clone.
When I compile both and use the mobile appliation, I have a strange
problem in the current code. Very often I can't send USSD codes (and maybe
also can't communicate in other ways; USSD is the costless way to check
whether I am connected or not).
Ok, this is what I do: I send "service 1 *#21#", wait the answer and the
string "% On Network, normal service: Germany, O2". Then send it again and
so on.
With the old code, I reliable get the answer e.g. "% Status: deactivated".
With the new code, I very often (sometime already when trying first time)
get nothing back and after some seconds only "% Service connection
terminated.".
Can someone confirm this behavior?
Thanks
Tim
It was my understanding from your suggestion that there would be presentations and discussions after those presentations at the meetings, making this not just having a beer with friends but more formal affairs.
That would be useful for people elsewhere to see, given that this is a global community. Not sure what German law has to do with putting online or streaming such presentations. Cameras off when it comes to the informal part and beer time..
Love this list otherwise. And will come to Berlin this summer so may attend one or two, regardless :)
Cheers from New York.
K
------Original Message------
From: Harald Welte
To: Katrin Verclas
Cc: Holger Hans Peter Freyther
Cc: Akib Sayyed
Cc: baseband-devel(a)lists.osmocom.org
Cc: openbsc(a)lists.osmocom.org
Subject: Recording / Re: Regular Osmocom meeting in Berlin?
Sent: Mar 31, 2012 8:01 AM
Hi Katrin,
On Fri, Mar 30, 2012 at 07:17:17PM +0000, Katrin Verclas wrote:
> Could not disagree more. We live-stream local events all the time with
> a very unobtrusive webcam/ustream and it bothers no one who is there
> but benefits all who are not.
And I couldn't disagree more with you. The mere existance of the two
words 'camera' and 'unobtrusive' in one sentence are a contradiction in
terms.
If I want to meet with a small group of people and informally discuss
technical topic, than that is _very_ different from being live streamed
to an unknonwn number of people, any of which could make recordings and
I would have to very carefully think about each and every word that I'm
saying. That's not a particularly relaxed environment and would kill
all the fun there is in having the meeting in the first place.
Legally, In Germany this corresponds to "not publicly spoken word"
(nicht oeffentlich gesprochenes Wort). It is punishable under law to
record or broadcast that. (Clause 201 of German criminal code).
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Sent via mobile. Hence, short.
Could not disagree more. We live-stream local events all the time with a very unobtrusive webcam/ustream and it bothers no one who is there but benefits all who are not.
Best,
Katrin
------Original Message------
From: Holger Hans Peter Freyther
Sender: baseband-devel-bounces(a)lists.osmocom.org
To: Akib Sayyed
Cc: baseband-devel(a)lists.osmocom.org
Cc: openbsc(a)lists.osmocom.org
Subject: Re: Regular Osmocom meeting in Berlin?
Sent: Mar 30, 2012 3:13 PM
On 03/30/2012 07:27 PM, Akib Sayyed wrote:
> even i am in.people who cannot participate please make some
> arrangement for them like live streaming and chat support.
> <http://www.ustream.tv/ support free live streaming>
Hi,
I don't think this is a good idea. It kills the local atmosphere without
having any real benefit. Every decision/code and most likely slides will be
public anyway.
z.
Sent via mobile. Hence, short.
Hi all,
please how can I download some older release of osmocombb source?I have compiled osmocombb source about 3 months ago and everything was ok...now I downloaded using git some new version and compile it and my phone repeatedly register/unregister with network. Sometimes if can call to this phone but I can't send SMS....So I want compile some older version of source code which worked for me.
Thanks
BR Ondrej
Hi all,
I was pondering to start a regular Osmocom meeting (monthly or bi-weekly)
in Berlin.
The idea would be not only to converge the existing developers in Berlin
(zecke, roh, prom, tobias, peter, kevin, myself, ...) but to also try to
share some knowledge and excitement with other interested hackers in the
wider community.
A split format for the event might make sense: Have a more or less
organized 45min talk about one particular topic + 15min discussion and
then switch to an informal meeting style without any particular topic or
moderator.
For the first half there is a long list of topics intended at informing
people about the status and capabilities of the respective projects:
OsmocomBB, OsmoTETRA, OsmoGMR, SIMtrace, etc.
Regarding the venue, I would suggest to hold it at the Berlin CCC.
What do you generally think about this?
What day of the week should we be aiming at? Tuesday and Thursday is
generally not a good idea, as those are already occupied with other
events.
If you think it's a good idea, I would request/register the event with
the CCC Berlin.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Hello All,
"People who cannot participate please make some arrangement for them like
live streaming and chat support. <http://www.ustream.tv/ support free live
streaming> "
I'd like to vote for this point as I wont be able to attend either but love
to be there.
Sincerely,
Martin
On Friday, March 30, 2012, Akib Sayyed <akibsayyed(a)gmail.com> wrote:
> even i am in.people who cannot participate please make some
> arrangement for them like live streaming and chat support.
> <http://www.ustream.tv/ support free live streaming>
>
> On Fri, Mar 30, 2012 at 5:07 PM, Sergio 'shadown' Alvarez
> <shadown(a)gmail.com> wrote:
>> The idea sounds great to me too.
>>
>> On Mar 30, 2012, at 12:06 PM, Tobias Engel wrote:
>>
>>> On 29.03.2012 21:41, Peter Stuge wrote:
>>>> Harald Welte wrote:
>>>>> I was pondering to start a regular Osmocom meeting (monthly or
>>>>> bi-weekly) in Berlin.
>>>> ..
>>>>> What do you generally think about this?
>>>>
>>>> I say go for it. Bi-weekly sounds good.
>>>
>>> I would say monthly is more realistic. But I'm also fine with bi-weekly.
>>
>> Bi-weekly would give more chances to people who travel a lot, to at
least make it to it once a month.
>>
>>>>> What day of the week should we be aiming at?
>>>>
>>>> I like Wednesday.
>>>
>>> Me too.
>>>
>>> -Tobias
>>>
>>
>>
>
>
>
> --
> Akib Sayyed
> Matrix-Shell
> akibsayyed(a)gmail.com
> akibsayyed(a)matrixshell.com
> Mob:- +91-966-514-2243
>
>
Can you record the video about the presentations and upload to some video
sharing site ? I'm certain, that there would be some interest watching it :)
Thanks,
Zsombor
On 2012.03.30. 13:33, "Tobias Engel" <t-openbsc(a)tobias.org> wrote:
On 29.03.2012 21:41, Peter Stuge wrote:
> Harald Welte wrote:
>> I was pondering to start a regular ...
I would say monthly is more realistic. But I'm also fine with bi-weekly.
>> What day of the week should we be aiming at?
>
> I like Wednesday.
Me too.
-Tobias
Hello
I want to know how to implement a real DOS in the real cellular network
using RACH Flood.As you know, using OsmocomBB ,you can only send flood to
one ARFCN at one time, so the phone can seaching for another ARFCN. So I
think the RACH Flood is less effective in practice, how about it? and if
not,a better suggestion on DOS in Cellular network?
Thanks!
Hi list,
sorry for this tedious question. I've already read a previous post about my
problem but has not been useful (
http://lists.osmocom.org/pipermail/baseband-devel/2011-October/002351.html).
I've this error after the make:
checking for ranlib... ranlib
./configure: line 3508: syntax error near unexpected token `LIBOSMOCORE,'
./configure: line 3508: `PKG_CHECK_MODULES(LIBOSMOCORE, libosmocore)'
make: *** [host/layer23/Makefile] Error 2
My settings with the last versions of sources:
- Linux ubuntu 2.6.38-11-generic-pae #50-Ubuntu SMP Mon Sep 12 22:21:04 UTC
2011 i686 i686 i386 GNU/Linux
-
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/root/cell_logger/tool-chain/install/bin
- arm-elf-gcc -v (installed with
http://bb.osmocom.org/trac/wiki/GnuArmToolchain)
Using built-in specs.
Target: arm-elf
Configured with: ./configure elf
Thread model: single
gcc version 4.2.3
- Makefile:
# this is the host tuple of your cross-toolchain
CROSS_HOST ?= $(shell which arm-elf-gcc >/dev/null 2>&1 && echo arm-elf ||
echo arm-none-eabi)
# this is the prefix of your cross-toolchain programs
CROSS_TOOL_PREFIX=$(CROSS_HOST)-
Any tips? :)
Thank you very much,
AL
Dear Osmocom community,
This email to inform you that the call for participation for the next Libre Software Meeting (LSM or RMLL: Rencontres Mondiales du Logiciel Libre) ends on 31st March: http://2012.rmll.info/en/participate/call-for-papers
This edition will take place in Geneva from 7th to 12th July 2012 (7-8 general public days, 9-12 theme focused, professional).
It would be of great interest for the communities to learn about the Osmocom projects in presentations or workshop. Real world applications would be interesting too.
So please don't hesitate to directly submit.
Don't hesitate also to contact me for more information.
Mathias Coinchon
Hi;
I am trying to run rssi.highram.bin on gta02(openmoko) following this [1]
gta02 is running SHR-lite distro
So far I have
1. cross-compiled rssi firmware using arm-elf- toolchain
2. cross-compiled osmocon for phone using arm-angstrom-linux-gnueabi- [2]
make -e CROSS_TOOL_PREFIX=arm-angstrom-linux-gnueabi-
HOST_CONFARGS="--host=armv4t-angstrom-linux-gnueabi"
3. Make sure that nothing else is using /dev/ttySAC0
4. loaded rssi firmware on gta02 by running on gta02
./osmocon -i 13 -m romload -p /dev/ttySAC0 rssi.highram.bin
Firmware loads succesfully when I toggle power of baseband using
echo 0 >/sys/bus/platform/devices/neo1973-pm-gsm.0/power_on && echo 1
>/sys/bus/platform/devices/neo1973-pm-gsm.0/power_on
but it scans only ARFCN 1 :<
SIM is present but since /dev/ttySAC0 is only claimed by osmocon, I dont
think it can be used by ogsmd
[1] http://bb.osmocom.org/trac/wiki/OpenMokohttp://bb.osmocom.org/trac/wiki/OpenMoko
[2] http://wiki.openmoko.org/wiki/Toolchainhttp://wiki.openmoko.org/wiki/Toolchain
My QUESTIONS are:
=================
1. How can I Scan all ARFCN?
2. Can we use /dev/ttySAC0 for gsm & other things after the firmware is
loaded on baseband?
LOG FILE:
http://baseband-devel.722152.n3.nabble.com/file/n3863628/log log
--
View this message in context: http://baseband-devel.722152.n3.nabble.com/RSSI-Firmware-of-OpenMoko-GTA02-…
Sent from the baseband-devel mailing list archive at Nabble.com.
i am assuming that you are using one osmocom phone setup and one normal phone.
try to do as follows
take 3 osmocom phones
then try dos with 2 phones and put sim in 3rd and lock to same arfcn
and then see what happens.
cheeers
On Tue, Mar 27, 2012 at 3:30 PM,
<baseband-devel-request(a)lists.osmocom.org> wrote:
> Send baseband-devel mailing list submissions to
> baseband-devel(a)lists.osmocom.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.osmocom.org/mailman/listinfo/baseband-devel
> or, via email, send a message with subject or body 'help' to
> baseband-devel-request(a)lists.osmocom.org
>
> You can reach the person managing the list at
> baseband-devel-owner(a)lists.osmocom.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of baseband-devel digest..."
>
> Today's Topics:
>
> 1. about RACH DOS (gcc)
>
>
> ---------- Forwarded message ----------
> From: gcc <gouchengcheng(a)gmail.com>
> To: baseband-devel(a)lists.osmocom.org
> Cc:
> Date: Mon, 26 Mar 2012 23:44:16 -0700 (PDT)
> Subject: about RACH DOS
> I am a student in a University studying on the security of GSM, recently I
> want use osmocomBB to realize the RACH DOS attack mentioned in Dieter
> Spaar`s speech. but I meet some difficulty.
>
> I do as follow:
>
> continuely sending RACH to a cell,and ignore the GSM48_MT_RR_IMM_ASS
> message ,also i lock my phone to the attacked cell,but after some time,the
> phone can still call to some phone ,why?
>
> can anyone help me?
>
> thanks!
>
> --
> View this message in context: http://baseband-devel.722152.n3.nabble.com/about-RACH-DOS-tp3860492p3860492…
> Sent from the baseband-devel mailing list archive at Nabble.com.
>
>
>
> _______________________________________________
> baseband-devel mailing list
> baseband-devel(a)lists.osmocom.org
> https://lists.osmocom.org/mailman/listinfo/baseband-devel
>
--
Akib Sayyed
Matrix-Shell
akibsayyed(a)gmail.com
akibsayyed(a)matrixshell.com
Mob:- +91-966-514-2243
I am a student in a University studying on the security of GSM, recently I
want use osmocomBB to realize the RACH DOS attack mentioned in Dieter
Spaar`s speech. but I meet some difficulty.
I do as follow:
continuely sending RACH to a cell,and ignore the GSM48_MT_RR_IMM_ASS
message ,also i lock my phone to the attacked cell,but after some time,the
phone can still call to some phone ,why?
can anyone help me?
thanks!
--
View this message in context: http://baseband-devel.722152.n3.nabble.com/about-RACH-DOS-tp3860492p3860492…
Sent from the baseband-devel mailing list archive at Nabble.com.
Hi,
Lately I have been looking at the GSM traffic through wireshark. In
every packet, wireshark tells me about the frame number.
But a paging message is spread over four frames. (You need to read
four frames to get a single paging message.)
So which among these four frames does the frame number displayed in
wireshark correspond to for the paging message?
Regards,
RM
Hi!
I tried this tutorial to build my osmocomBB enviroment:
http://bb.osmocom.org/trac/wiki/GettingStarted
I downloaded the gnuarm toolchain from here:
http://bb.osmocom.org/trac/wiki/toolchain
I set the Path and i tried make, but it stops at
> arm-elf-ld: ../../shared/libosmocore/build-target/src/.libs/libosmocore.a(msgb.o): Relocations in generic ELF (EM: 3)
> ../../shared/libosmocore/build-target/src/.libs/libosmocore.a: could not read symbols: File in wrong format
> make[1]: *** [board/compal_e88/hello_world.compalram.elf] Fehler 1
I found a similar Thread on the mailing list here:
http://baseband-devel.722152.n3.nabble.com/unknown-error-td2758006.html#a27…
But there is not a solution for the problem
I would be happy if anybody would be able to giv a solution.
MFG Kandanalor
Hi,
I want to understand the RACH channel acess procedure. I tried to
search for it in google. It doesnt lead me to the right GSM spec.
Does any one know which GSM spec details out the RACH link access procedure ?
Regards,
RM
Hi,
I am looking for this video. I found it at the official Deepsec video archives.
But you require to register to the video host site and I am unable to
download it using wget
Does any one know of any bit torrent site that has this video so that
I can download it?
Regards,
RM
Hi,
Ive just setup an OpenBSC + nanoBTS environment to experiment around with
your Osmocom software and a Motorola C123. I tried wo write a little
application similiar to app_ccch scan, which is able of responding to
paging requests by sending a rach request and the following paging response
procedure. The rach access is working fine, but i cant get the paging
response to work properly. The message itself is correct (layer2/layer3
parts) according to the specs. OpenBSC is also working correctly as it is
working with my normal cell phone or your mobile application.
What i'm doing in my code is the following:
1. After getting the immediate assignment i call l1ctl_tx_dm_est_req_h0 in
l1ctl.c (l1ctl_tx_dm_est_req_h0(ms, arfcn, ia->chan_desc.chan_nr,
ia->chan_desc.h0.tsc, GSM48_CMODE_SIGN, 0)) in order to tune to the
assigned channel (or the h1 procedure for hopping).
2. Afterwards i build the paging response (layer2 + layer3), pad the msg
and send it via osmo_send_l1(ms, msg) similiar to l1ctl_tx_data_req in
l1ctl.c
That it is not working can be seen in the OpenBSC abis debug output:
<0004> abis_rsl.c:1318 (bts=0,trx=0,ts=0,ss=0) Activating ARFCN(514) SS(0)
lctype SDCCH r=OTHER ra=0x67 ta=0
<0004> abis_rsl.c:1064 (bts=0,trx=0,ts=0,ss=0) CHANNEL ACTIVATE ACK
<0004> abis_rsl.c:891 (bts=0,trx=0,ts=0,ss=0) CONNECTION FAIL: RELEASING
CAUSE=0x01(Radio Link Failure)
<0004> abis_rsl.c:621 (bts=0,trx=0,ts=0,ss=0) RF Channel Release CMD due
error 1
<0004> abis_rsl.c:658 (bts=0,trx=0,ts=0,ss=0) RF CHANNEL RELEASE ACK
<0004> abis_rsl.c:594 (bts=0,trx=0,ts=0,ss=0) is back in operation.
It should be looking like this:
<0004> abis_rsl.c:1318 (bts=0,trx=0,ts=0,ss=0) Activating ARFCN(514) SS(0)
lctype SDCCH r=OTHER ra=0x10 ta=0
<0004> abis_rsl.c:1064 (bts=0,trx=0,ts=0,ss=0) CHANNEL ACTIVATE ACK
<0000> abis_rsl.c:1490 (bts=0,trx=0,ts=0,ss=0) SAPI=0 ESTABLISH INDICATION
<0003> gsm_04_08.c:1076 PAGING RESPONSE: mi_type=0x04 MI(...)
Has anyone an idea what I'm doing wrong? Thanks in advance for any help!
Best regards,
David
Hi!
Recently we've had the idea of using OsmocomBB with a simple firmware
that synchronizes to an existing GSM networks FCCH and use the resulting
13MHz clock to drive the USRP for airprobe or OpenBTS.
Ideally, we would even use the Calypso-internal PLL (for ARM or DSP) to
multiply it up to the required 52 MHz. However, neither the Openmoko
nor the Compal/Motorola phones expose any of the 3 clock output pads :(
So the only choice is to use something along the lines of the
http://focus.ti.com/docs/prod/folders/print/cdcvf25084.html
as a quad clock multiplier and attach it to the CLK13OUT signal of the
phone.
The chip is available for 9 USD in single quantities at digikey, and
possibly cheaper at other sources. Combined with a sub-20EUR phone it
might be a very cheap but still accurate frequency source for OpenBTS -
at least as long as there are any commercial gsm networks available.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
guys i recently came across mobile-phone-mtk-project.googlecode.com
but it seems to be down.does any one have copy of this one??
also can be create osmocom like project with help of MTK chipsets??
--
Akib Sayyed
Matrix-Shell
akibsayyed(a)gmail.com
akibsayyed(a)matrixshell.com
Mob:- +91-966-514-2243
Dear Srs,
We are working in a project that uses a GSM modem to send a GMSK beacom in
904 MHZ with 2W.
This beacom send a random bits, but we only need to measure the RSSI
Visiting you site, we found a GSM RSSI software working in a phone.
Can we use it in 904 Mhz ? This is the uplink GSM ARFCN channel 70.
It is possible ?
Best Regards
Carlos Cecanecchia Neto
www.mobipower.com.br
55-11-3257.7736
<http://www.mobipower.com.br/> New Picture (2)
> Hi.=0AIs there any place where I can download the TSM30 source code?=A0 Fou=
> nd few torrents but they all seem to be dead.=0ACheers.
It looks like the copy I've sent to Cryptome.org for preservation is
still up:
http://cryptome.org/tsm30/tsm30.7z
HTH,
MS
Hi,
I am looking for the airprobe mailing list. The only thing I get is
the a5/1 mailing list.
Where is the airprobe main mailing list archives kept?
Thanks and Regards,
RM
i think use two phone to make GSM RF and use wlan Router of usb Interface Connection two phone .... the small GSM base station maybe connection the internet
Hi,
Nuttx is BSD licensed while osmocom-bb's src/target/firmware is GPLv2(or
later).
Mixing GPlv2 and BSD code is legally possible.
As I understand it the whole work becomes GPLv2 when the code is mixed,
the BSD part however can be used independently of the GPL part if you strip
out the GPL part and the BSD copyright headers have to remain intact.
The problem is that upstream(nuttx) will unlikely accept GPL code as-is for
inclusion in nuttx.
However there is a misc directory for software made under different licenses
such as applications or drivers(there is one GPL driver for the rtl8187x wifi
chipsets).
To use the driver the user is expected to run a script that install the driver
in nuttx normal source code directory.
The list of files touched by the patches mades on top of nuttx and their
licenses is listed here:
http://bb.osmocom.org/trac/wiki/nuttx-bb/code-audit
Basically the GPL parts are composed by :
* the irq
* the timer
* the clock
* the uart
some of the related files have the following authors(can be combined
together):
* Harald Welte
* Stefan Richter
* Ingo Albrecht
I guess Stefan Richter and Ingo Albrecht will be hard to reach.
So I wonder what's the best thing to do.
Denis.
Hi,
I am using Nokia 3310 to look at GSM traffic. The system information
messages are displayed in wireshark.
Is it possible to get the ARFCN of the becaon channel of the cell to
which the phone has locked from the System Information messages( SI )
?
I am getting confused because of the following screen shots which I
have attached.
Screen shot 1 says that the SI 4 message is in ARFCN 108.
Screen shot 2 says that the SI 4 message is in ARFCN 57.
So now which is the real ARFCN of the beacon channel in my cell ?
Regards,
RM