22 Dec
2010
22 Dec
'10
5:58 p.m.
Hi!
A number of people want to do some long-term evaluation of their cellular
environment and would be interested in an 'app' for OsmocomBB that continuously
scans the spectrum and dumps the cell parameters such as
* ARFCN, Signal Level, SNR
* frequency synch offset
* SCH info (BCC/NCC)
* SI (at least 1-4) from BCCH
I would love to do it, but I simply don't have the time. I thought maybe
somebody on this list is looking for a relatively simple task and has some
time. I think this is a great project to work with OsmocomBB without having
to go into the details.
The algorithm would look something like
STATE 1: Power Scan
* do power measurement over all supported bands
* pick strongest N carriers and iterate over them
STATE 2: FCCH/SCH acquisition
* try to get lock on the carrier
* if not, go back to next carrier from power scan
* if yes, continue with STATE 3
STATE 3: Wait until all relevant SI have been received
* generate GSMTAP output for the SI messages (or timeout)
* go back to STATE 2 for next strongest ARFCN
* after last ARFCN, re-start from STATE 1
This is basically the initial step of the GSM 03.22 cell (re)selection
that we already have as part of the 'mobile' program.
So all the code is there, but what's needed is a separate rady-made app,
not requiring any user interaction. It should also include some e.g. shell
script that automatically generates a new pcap file every N minutes/hours,
and make sure to never overwrite any existing PCAP file.
In the end, having this running for an extended period of time should simply
produce a large number of PCAP files without any manual interaction. Lock-ups
in any state should be detected by timers, singalling a proper L1_RESET
to make sure it continues. Unplugging / re-plugging the phone should also
not require any re-start of the program.
Optional extensions:
* software to aggregate info from the pcap files (remove duplicate
entries, e.g.)
* optional logging of GPS coordinates from a GPS receiver
If anyone has some time to give this some work, I'd most appreciate it. Please
inform the mailing list to ensure no duplicate work is created.
Regards,
Harald
--
- Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
22 Dec
22 Dec
6:23 p.m.
Hi all,
On 22.12.2010 17:58, Harald Welte wrote:
A number of people want to do some long-term
evaluation of their cellular
environment and would be interested in an 'app' for OsmocomBB that continuously
scans the spectrum and dumps the cell parameters such as
* ARFCN, Signal Level, SNR
* frequency synch offset
* SCH info (BCC/NCC)
* SI (at least 1-4) from BCCH
* optional logging of GPS coordinates from a GPS receiver
Just to avoid any duplicate of work as well: most of this is already
done by cell_log (layer23/src/misc). It iterates over the whole spectrum
and tries to get an Immediate Assignment by sending a RACH to every cell.
It stores SI1-4, GPS position and the TA in a logfile, and using the
gsmmap utility you can create a *.kml map of the calculated cell
positions for Google Earth.
So what's missing is really only the PCAP support and a command line
switch to turn off the "active" scanning by sending no RACHs.
Regards,
Steve
7:01 p.m.
On 12/22/2010 05:23 PM, Steve Markgraf wrote:
Hi all,
On 22.12.2010 17:58, Harald Welte wrote:
Funny, I was just looking at this last night. Would you mind if I added
gpsd support to cell_log?
A number of people want to do some long-term
evaluation of their cellular
environment and would be interested in an 'app' for OsmocomBB that
continuously
scans the spectrum and dumps the cell parameters such as
* ARFCN, Signal Level, SNR
* frequency synch offset
* SCH info (BCC/NCC)
* SI (at least 1-4) from BCCH
* optional logging of GPS coordinates from a GPS receiver
Just to avoid any duplicate of work as well: most of this is already
done by cell_log (layer23/src/misc). It iterates over the whole spectrum
and tries to get an Immediate Assignment by sending a RACH to every cell.
It stores SI1-4, GPS position and the TA in a logfile, and using the
gsmmap utility you can create a *.kml map of the calculated cell
positions for Google Earth.
So what's missing is really only the PCAP
support...
would you want libpcap (a lot of unnecessary code), or just use the file
and packet headers?
...and a command line
switch to turn off the "active" scanning by sending no RACHs.
Since I'm just learning GSM, I've only compiled with TX disabled. My
results have been pretty poor. Is there something I could add to handle
passive scanning better? I've been getting nothing from cell_log,
layer23, or mobile on lo (although I do see other loopback network
traffic). I just started working on this a few days ago, so I'm not
surprised. I'll dig into it more. The Getting Started guide was a
great help!
thx,
Jason.
14 Jan
14 Jan
8:20 p.m.
On 2010-12-22 20:01, Jason wrote:
Here's some hackish code I wrote which might be useful. I've recently
been abroad (in Austria), and wanted to run cell_log stand-alone on my
GTA02 without lugging a laptop around.
I ran cell_log on the GTA02 application processor (with hacked timers to
spend a longer time camped on each ARFCN), sending gsmtap packets to
localhost. I then had a small program[1] which receives these and
writes them to a file in .pcap format.
For simplicity (and somewhat lower overhead) only the raw GSMTAP payload
is written, and the linktype is set to DLT_USER0. A small wireshark
patch[2] then allows these captures to be read directly[3].
Cheers,
Alex
[1], [2] attached.
[3] e.g., wireshark -o "uat:user_dlts:\"User 0
(DLT=147)\",\"gsmtap\",\"0\",\"\",\"0\",\"\""
So what's
missing is really only the PCAP support...
would you want libpcap (a lot of unnecessary code), or just use the file
and packet headers?
5284
days inactive
5307
days old
baseband-devel@lists.osmocom.org
3 comments
4 participants
participants (4)
-
Alex Badea -
Harald Welte -
Jason -
Steve Markgraf