Hello Sylvain
I am using the burst_ind branch and have some doubts.
I am using a test network, and it has no encryption. Usually the n/w has a low load and the channel structure followed during the assignment is SDCCH/4 + SACCH/C4 or CBCH(SDCCH/4). and timeslot 0 . SDCCH is assigned on timeslot 0..
The ccch_scan is able to capture the SMS sent on timeslot 0 and also only one of the subchannel as per the above assignment.
Just for testing, When I use two phones and send an SMS from both of them simultaneously both are assigned timeslot 0 and different subchannels. CCCH_scan could capture only one SMS. meaning that it could only get one subchannel.
Am I right about ccch_scan or does it have the capability to get a complete timeslot. ?
Thank you
Altaf
-- View this message in context: http://baseband-devel.722152.n3.nabble.com/Working-of-ccch-scan-and-capturin... Sent from the baseband-devel mailing list archive at Nabble.com.
Hi,
I right about ccch_scan or does it have the capability to get a complete timeslot. ?
ccch_scan only follows 1 logical channel at a time, no matter what the logical channel is.
The DSP patch and sniff task can do more and can even dump up to 4 timeslots simultaneously, it's just not programmed into ccch_scan. See the GPRS patch by lukas to see how to modify it to do more.
ccch_scan is only meant as a quick tech demo, it is by no mean a complete application showing off all that's possible.
Cheers,
Sylvain
On Fri, Jul 20, 2012 at 7:53 PM, Sylvain Munaut 246tnt@gmail.com wrote:
Hi,
I right about ccch_scan or does it have the capability to get a complete timeslot. ?
ccch_scan only follows 1 logical channel at a time, no matter what the logical channel is.
The DSP patch and sniff task can do more and can even dump up to 4 timeslots simultaneously,
Does current DSP patch without luca's patch can sniff 4 timeslots??
it's just not programmed into ccch_scan. See the GPRS patch by lukas to see how to modify it to do more.
ccch_scan is only meant as a quick tech demo, it is by no mean a
complete application showing off all that's possible.
Cheers,
Sylvain
The DSP patch and sniff task can do more and can even dump up to 4 timeslots simultaneously,
Does current DSP patch without luca's patch can sniff 4 timeslots??
Yes, Luca's patch doesn't modify the DSP at all. It doesn't even really modify the sniffing primitives, it just triggers it 4 times per frame ...
Cheers,
Sylvain
On Sat, Jul 21, 2012 at 1:36 PM, Sylvain Munaut 246tnt@gmail.com wrote:
The DSP patch and sniff task can do more and can even dump up to 4 timeslots simultaneously,
Does current DSP patch without luca's patch can sniff 4 timeslots??
Yes, Luca's patch doesn't modify the DSP at all. It doesn't even really modify the sniffing primitives, it just triggers it 4 times per frame ...
so to take complete advantage of sniffing 4 time slots we need to modify
only a ccch_scan app or some more modification also needed ?? and what is someone need to sniff either uplink or downlink??
about refering luca's patch do we need to refer only application part ?? (l2 l3) or also need to tamper with DSP.
Cheers,
Sylvain
so to take complete advantage of sniffing 4 time slots we need to modify only a ccch_scan app or some more modification also needed ?? and what is someone need to sniff either uplink or downlink??
You need to modify part of the ARM code as well.
There is 4 level of hierarchy: L3, L2, L1 (ARM code), L1 (DSP)
Look at luca's patch, it should be pretty evident what needs to be done (and if it isn't then you're not familiar with the code enough to do the modification anyway)
Cheers,
Sylvain
On Sat, 21 Jul 2012 10:39:54 +0200 Sylvain Munaut 246tnt@gmail.com wrote:
Hi list,
so to take complete advantage of sniffing 4 time slots we need to modify only a ccch_scan app or some more modification also needed ?? and what is someone need to sniff either uplink or downlink??
I guess I have to do some maintenance to my patch... it's a bit old, and it must be merged with last master.
The downlink/uplink is hard coded, so you need to compile the firmware once for down and once for up. The host software also needs some patching. Normally you would jump to the channel specified in the assignment, but here you need two ccch_scan versions: one for the "main" timeslot and one that jumps at timeslot + 1, if you need to capture all the 8 timeslots.
I will send some update when I have time :)
Cheers,
LM
Hi Luca,
On Sat, Jul 21, 2012 at 10:57:09AM +0200, Luca Melette wrote:
I guess I have to do some maintenance to my patch... it's a bit old, and it must be merged with last master. [...] The downlink/uplink is hard coded, so you need to compile the firmware once for down and once for up.
It might make sense to have this run-time configurable/switchable via L1CTL or some other means.
I will send some update when I have time :)
It would be much appreciated if you could bring it into a state where it can cleanly coexist with the other existing code, at which point it would become mergeable. I can see two options:
1) make the functionality available but not enabled by default, so a L1CTL command can configure + enable your code at the user option
2) really introduce a new firmware build target. It's possible, but we already have too many firmware images we build for each hardware target, and I'd prefer to see that number shrinking rather than growing.
Regards, Harald
On Sat, Jul 21, 2012 at 2:27 PM, Luca Melette luca@srlabs.de wrote:
On Sat, 21 Jul 2012 10:39:54 +0200 Sylvain Munaut 246tnt@gmail.com wrote:
Hi list,
so to take complete advantage of sniffing 4 time slots we need to
modify
only a ccch_scan app or some more modification also needed ?? and what is someone need to sniff either uplink or downlink??
I guess I have to do some maintenance to my patch... it's a bit old, and it must be merged with last master.
how luca when can we expect this patch cause. because i am really hasty to
try that out.
The downlink/uplink is hard coded, so you need to compile the firmware once for down and once for up. The host software also needs some patching. Normally you would jump to the channel specified in the assignment, but here you need two ccch_scan versions: one for the "main" timeslot and one that jumps at timeslot + 1, if you need to capture all the 8 timeslots.
did you mean 4 uplink and 4 downlink here??
i didnt get point you made for 2 ccch_scan could you please explain
I will send some update when I have time :)
Cheers,
LM
On Sat, Jul 21, 2012 at 2:09 PM, Sylvain Munaut 246tnt@gmail.com wrote:
so to take complete advantage of sniffing 4 time slots we need to modify only a ccch_scan app or some more modification also needed ?? and what is someone need to sniff either uplink or downlink??
You need to modify part of the ARM code as well.
There is 4 level of hierarchy: L3, L2, L1 (ARM code), L1 (DSP)
Look at luca's patch, it should be pretty evident what needs to be done (and if it isn't then you're not familiar with the code enough to do the modification anyway)
is there anyone who would like to do this for community cause am not that
familer with code to do modification
Cheers,
Sylvain
Hello.
When I follow the IMM ASS and again find the ASS CMD ( for TCH ) and make the phone to follow it, I am receiving bursts(TCH and SACCH) both uplink and downlink. I can see SI5 and SI6 on the wireshark.
For example If my duration of the call is 10 sec then the number of bursts during the call will be (10/577us). But I dont receive those many number of bursts. Am I correct in this issue.
Are 4 phones necessary to record the whole conversation (UL and DL).?
Regards,
Altaf
-- View this message in context: http://baseband-devel.722152.n3.nabble.com/Working-of-ccch-scan-and-capturin... Sent from the baseband-devel mailing list archive at Nabble.com.
baseband-devel@lists.osmocom.org
-
Akib Sayyed -
Altaf -
Harald Welte -
Luca Melette -
Sylvain Munaut