20 Jul
2012
20 Jul
'12
4:11 p.m.
Hello Sylvain
I am using the burst_ind branch and have some doubts.
I am using a test network, and it has no encryption. Usually the n/w has a
low load and the channel structure followed during the assignment is
SDCCH/4 + SACCH/C4 or CBCH(SDCCH/4). and timeslot 0 . SDCCH is assigned on
timeslot 0..
The ccch_scan is able to capture the SMS sent on timeslot 0 and also only
one of the subchannel as per the above assignment.
Just for testing, When I use two phones and send an SMS from both of them
simultaneously both are assigned timeslot 0 and different subchannels.
CCCH_scan could capture only one SMS. meaning that it could only get one
subchannel.
Am I right about ccch_scan or does it have the capability to get a complete
timeslot. ?
Thank you
Altaf
--
View this message in context:
http://baseband-devel.722152.n3.nabble.com/Working-of-ccch-scan-and-capturi…
Sent from the baseband-devel mailing list archive at Nabble.com.
20 Jul
20 Jul
4:23 p.m.
Hi,
I right about ccch_scan or does it have the capability
to get a complete
timeslot. ?
ccch_scan only follows 1 logical channel at a time, no matter what the
logical channel is.
The DSP patch and sniff task can do more and can even dump up to 4
timeslots simultaneously, it's just not programmed into ccch_scan. See
the GPRS patch by lukas to see how to modify it to do more.
ccch_scan is only meant as a quick tech demo, it is by no mean a
complete application showing off all that's possible.
Cheers,
Sylvain
21 Jul
21 Jul
10:02 a.m.
On Fri, Jul 20, 2012 at 7:53 PM, Sylvain Munaut <246tnt(a)gmail.com> wrote:
Hi,
Does current DSP patch without luca's patch can sniff 4 timeslots??
I right about ccch_scan or does it have the
capability to get a complete
timeslot. ?
ccch_scan only follows 1 logical channel at a time, no matter what the
logical channel is.
The DSP patch and sniff task can do more and can even dump up to 4
timeslots simultaneously, it's just not programmed into ccch_scan. See
the GPRS patch by lukas to see how to modify it to do more.
ccch_scan is only meant as a quick tech demo, it is by no mean a
complete application showing off all that's
possible.
Cheers,
Sylvain
--
Akib Sayyed
Matrix-Shell
akibsayyed(a)gmail.com
akibsayyed(a)matrixshell.com
Mob:- +91-966-514-2243
10:06 a.m.
The DSP patch
and sniff task can do more and can even dump up to 4
timeslots simultaneously,
Does current DSP patch without luca's patch can sniff 4 timeslots??
10:25 a.m.
On Sat, Jul 21, 2012 at 1:36 PM, Sylvain Munaut <246tnt(a)gmail.com> wrote:
Yes, Luca's patch doesn't modify the DSP at all. It doesn't even
really modify the sniffing primitives, it just triggers it 4 times per
frame ...
so to take complete advantage of sniffing 4 time slots we need to modify only a
ccch_scan app or some more modification also needed ??
and what is someone need to sniff either uplink or downlink??
about refering luca's patch do we need to refer only application part ??
(l2 l3) or also need to tamper with DSP.
The DSP patch and sniff task can do more and can even
dump up to 4
timeslots simultaneously,
Does current DSP patch without luca's patch can sniff 4 timeslots?? Cheers,
Sylvain
--
Akib Sayyed
Matrix-Shell
akibsayyed(a)gmail.com
akibsayyed(a)matrixshell.com
Mob:- +91-966-514-2243
10:39 a.m.
so to take complete advantage of sniffing 4 time slots
we need to modify
only a ccch_scan app or some more modification also needed ??
and what is someone need to sniff either uplink or downlink??
You need to modify part of the ARM code as well.
There is 4 level of hierarchy: L3, L2, L1 (ARM code), L1 (DSP)
Look at luca's patch, it should be pretty evident what needs to be
done (and if it isn't then you're not familiar with the code enough to
do the modification anyway)
Cheers,
Sylvain
10:57 a.m.
On Sat, 21 Jul 2012 10:39:54 +0200
Sylvain Munaut <246tnt(a)gmail.com> wrote:
Hi list,
> so to take complete advantage of sniffing 4 time
slots we need to modify
> only a ccch_scan app or some more modification also needed ??
> and what is someone need to sniff either uplink or downlink??
I guess I have to do some maintenance to my patch...
it's a bit old, and it must be merged with last master.
The downlink/uplink is hard coded, so you need to compile
the firmware once for down and once for up.
The host software also needs some patching. Normally you
would jump to the channel specified in the assignment,
but here you need two ccch_scan versions: one for the
"main" timeslot and one that jumps at timeslot + 1, if
you need to capture all the 8 timeslots.
I will send some update when I have time :)
Cheers,
LM
11:29 a.m.
Hi Luca,
On Sat, Jul 21, 2012 at 10:57:09AM +0200, Luca Melette wrote:
I guess I have to do some maintenance to my patch...
it's a bit old, and it must be merged with last master.
[...]
The downlink/uplink is hard coded, so you need to compile
the firmware once for down and once for up.
It might make sense to have this run-time configurable/switchable via
L1CTL or some other means.
I will send some update when I have time :)
It would be much appreciated if you could bring it into a state where it
can cleanly coexist with the other existing code, at which point it
would become mergeable. I can see two options:
1) make the functionality available but not enabled by default, so a
L1CTL command can configure + enable your code at the user option
2) really introduce a new firmware build target. It's possible, but we
already have too many firmware images we build for each hardware
target, and I'd prefer to see that number shrinking rather than
growing.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
22 Jul
22 Jul
9:45 a.m.
On Sat, Jul 21, 2012 at 2:27 PM, Luca Melette <luca(a)srlabs.de> wrote:
On Sat, 21 Jul 2012 10:39:54 +0200
Sylvain Munaut <246tnt(a)gmail.com> wrote:
Hi list,
try that
out.
> so to take complete advantage of sniffing 4
time slots we need to
modify
> only a ccch_scan app or some more
modification also needed ??
> and what is someone need to sniff either uplink or downlink??
I guess I have to do some maintenance to my patch...
it's a bit old, and it must be merged with last master.
how luca when can we expect this patch cause. because i am really hasty to The downlink/uplink is hard coded, so you need to
compile
the firmware once for down and once for up.
The host software also needs some patching. Normally you
would jump to the channel specified in the assignment,
but here you need two ccch_scan versions: one for the
"main" timeslot and one that jumps at timeslot + 1, if
you need to capture all the 8 timeslots.
did you mean 4 uplink and 4 downlink here??
i didnt get point you made for 2
ccch_scan could you please explain
I will send some update when I have time :)
Cheers,
LM
--
Akib Sayyed
Matrix-Shell
akibsayyed(a)gmail.com
akibsayyed(a)matrixshell.com
Mob:- +91-966-514-2243
10:33 a.m.
On Sat, Jul 21, 2012 at 2:09 PM, Sylvain Munaut <246tnt(a)gmail.com> wrote:
familer
with code to do modification
so to take
complete advantage of sniffing 4 time slots we need to modify
only a ccch_scan app or some more modification also needed ??
and what is someone need to sniff either uplink or downlink??
You need to modify part of the ARM code as well.
There is 4 level of hierarchy: L3, L2, L1 (ARM code), L1 (DSP)
Look at luca's patch, it should be pretty evident what needs to be
done (and if it isn't then you're not familiar with the code enough to
do the modification anyway)
is there anyone who would like to do this for community cause am not that Cheers,
Sylvain
--
Akib Sayyed
Matrix-Shell
akibsayyed(a)gmail.com
akibsayyed(a)matrixshell.com
Mob:- +91-966-514-2243
8 Aug
8 Aug
12:15 p.m.
Hello.
When I follow the IMM ASS and again find the ASS CMD ( for TCH ) and make
the phone to follow it, I am receiving bursts(TCH and SACCH) both uplink and
downlink. I can see SI5 and SI6 on the wireshark.
For example If my duration of the call is 10 sec then the number of bursts
during the call will be (10/577us).
But I dont receive those many number of bursts. Am I correct in this issue.
Are 4 phones necessary to record the whole conversation (UL and DL).?
Regards,
Altaf
--
View this message in context:
http://baseband-devel.722152.n3.nabble.com/Working-of-ccch-scan-and-capturi…
Sent from the baseband-devel mailing list archive at Nabble.com.
4711
days inactive
4730
days old
baseband-devel@lists.osmocom.org
10 comments
5 participants
participants (5)
-
Akib Sayyed -
Altaf -
Harald Welte -
Luca Melette -
Sylvain Munaut