On Fri, Feb 17, 2012 at 11:50 AM, Sylvain Munaut 246tnt@gmail.com wrote:
Hi,
I'm still not able to sniff enough data to reconstruct TCP sessions. I can get datagrams (even TCP), but they look like "sparse" datagrams.
Even
using 2 sniffing phones I have a slightly better result, but not enough
to
consider it satisfying. Are there some other steps that can be done?
Sure ... debug the issue, fix it, submit a patch. You'll probably need deep knowledge of GPRS RLC/MAC layers to do that properly.
I do it for sure, if I am able to.
Is there anyone, other that gprs decoder authors, able to make it
completely
working?
I'm not even sure they do.
The code is more of a "demo" than a complete system, a lot is missing to properly decode everything (for, it just "guesses" the GPRS channel from a single assignement and then listen on all timeslot of that, which mostly a short cut to grab stuff, proving it's possible but not that much more, unless the cell has only 1 GPRS arfcn).
It would be nice to have a result like their
http://srlabs.de/dl/gprs_262_80_0001_0000_20110710_2252_875_514147_0f.dat
where I can find reconstructed HTTP sessions.
Also since it only support GPRS and not EDGE you can pretty easily miss stuff ...
That's an interesting point I can check...