Is there an easy way to send and receive BLE raw packets on Linux, e.g. Raspberry Pi devices? Very simply, I would like to use BLE as packet radio, i.e. exchange data packets over the air among several devices. Every device knows the MAC address of all other devices. The BLE packet format is very straightforward. I would think one should be able to put user data into the PDU (2~257 bytes) then push it through a socket to be sent out through the BLE PHY, just like how one can send raw UDP packets through a NIC. But I cannot figure out a straightforward way to achieve this after quite a bit of investigation. I suppose hcitool cmd could send packets if used correctly? But its usage is very cryptic.
The node client/server functions here do exactly this: exchange raw packets via BLE over a network of Pis. See section 3.7 in the documentation for NODE connections.
https://github.com/petzval/btferret
Related
I know that bluetooth uses hoping, and because of this difficult to intercept traffic.
Сan i put my dong into monitoring mode?
If for example are 30 devices nearby, and i will always listen just one bluetooth channel, and my dongle works in monitor mode, should i get sometimes some data?
Can i use for these purposes Hcidump or tcpdump?
If I understand correctly, if bluetooth device does not have a password, i can directly interact with its services(with hcitool and tmux).?
I read that i can watch the battery level, device name, and other information.
PS: sorry for bad english.
It is possible to monitor traffic between Bluetooth devices but I am quite sure that your default laptop dongle is not capable of doing that.
Before establishing connection between two Bluetooth devices, they send connection request/response packets on primary advertising channels (37th, 38th, 39th channel). You need to capture these packets to learn hopping pattern, connection interval and etc. After receiving packets, you can monitor insecure Bluetooth connections. However it is hard to monitor 30 device simultaneously because you need to make time division between each connection.
Let's answer your questions.
It might be possible but you need to write driver level code.
It might be possible. As I mentioned, it is good approach to capture connection request/response packets before monitoring devices.
I have no idea about these tools.
To manipulate services, you need to know service handle and duplicate GATT client's mac address. I am not sure that, this method will work.
I'm writing an application that interfaces with Bluetooth devices using Headset Profile. These devices primarily communicate via AT commands send over a Serial Port Profile (SPP) connection. SPP is directly on top of RFCOMM.
My concern is whether or not I am guaranteed to receive "whole" packets (AT commands), or if there is a possibility that I will need to be able to handle an AT command split across multiple packets.
Furthermore, if the RFCOMM protocol does not guarantee this, does the protocol stack do any processing to guarantee receiving "whole" AT commands? I am using BlueZ 5.46 on a Linux 4.12 kernel.
If possible, please reference the standard or an external source that details how RFCOMM guarantees this so I can learn a bit more about it.
I'm developing a high-speed USB peripheral and using Wireshark to sniff the USB traffic. In Wireshark, each line displayed corresponds to a single URB.
Because I'm developing on the device side, I don't really care about URBs, instead, I'd like to see individual packets.
For instance, during a single control transfer, this is what I see in Wireshark:
But this one control transfer consists of 9 packets in the following sequence:
{{SETUP, DATA0, ACK}, {IN, DATAx, ACK}, {OUT, ZLP, ACK}}
Can I see the exact timing and contents of each of these packets, or is that something that I would need to buy a hardware USB analyzer for?
My operating system is vanilla Ubuntu 16.04
Recently I encountered several questions on SO regarding working with sockets on a very low level. Here's an example. While looking for an answer, I realised that sockets have relatively low capabilities on OSI Level 2. On Linux, we can specify a protocol when creating a socket, but obviously not all Level 2 protocols are present in the list.
While it is possible to assemble and send an ethernet frame, it's (presumably) not possible to send a 802.11 packet - though it looks like wifi device drivers do convert ethernet frames to wifi packets and vice versa.
This made me wonder, if there are more possibilities in reading and writing directly to device files like eht0, ath0? Is it a socket implementation who usually writes to these files, or a device driver? And who's on receiving side - a NIC driver, a peripheral bus controller?
i know that iBeacon use only advertising channel. which means there is no need connection.
im trying to make my own beacon module which send and receive data.
im curious about what makes the packet in iBeacon format(prefix /UUID / minor/ major/ TX) in communication ?
is it firmware?
let's assume that
when i make my iPhone act as iBeacon , it will send the advertising packet. which means it sends data in iBeacon format. but after turn off the app for iBeacon, i try to use my iphone
to send some files to laptop via Bluetooth low energy mode as usual.
then it will send data in bluetooth standard format. is this right?
given that situation, my iphone can be both iBeacon and just normal phone capable of bluetooth low energy.
i think also the beacon module can be like that. how about the product recently released? like estimote, redbearlab and so on. after connection, do they receive data?
Every iBeacon product works a little differently, but it is common for a product to be connectable for configuration purposes over Bluetooth LE.
Radius Networks' RadBeacon, for example, has firmware that sends out its advertisement as needed to be a standard iBeacon. The same firmware will allow a connection over Bluetooth LE, exchanging data with an external client (the RadBeacon app for iOS). This connectability is outside standard iBeacon functionality, using proprietary techniques that are still part of the larger Bluetooth LE standard.
Your understanding is therefore correct.
Full disclosure: I am Chief Engineer at Radius Networks.