Does anyone have a working build to use limeSDR with Wireshark? Is this integration actually really simple and I am missing something? How do I click to make this work?
1 Like
Your question is missing a key piece of information. The big bit that you left out is what protocol you want to try to process with Wireshark.
Is it MPEG2 transport stream, or WiFi, or ZigBee, or something else ?
Wireshark is a binary protocol analyser. So before Wireshark can do anything you need a raw demodulated binary bitstream in a format that Wireshark can process.
A LimeSDR captures RF signals and converts them into an IQ steam, which is still a modulated signal, or multiple modulated signals.
So the piece you are missing is the demodulation of a raw IQ datastream into a format that Wireshark can analyse. And that demodulation will be totally different, depending on the protocol. My starting point would be to look through possible gnuradio recipes ( https://github.com/gnuradio/gr-recipes ) and etcetera ( https://github.com/gnuradio/gr-etcetera ) to see if someone has done something that I could use to output maybe a UDP stream. But if the demodulation is niche or new, you may have to create your own.
1 Like
That’s a great response. Thank you.
So to build this in linux, I would need to install limesuite drivers, use the osmoSDR block with GNURadio, demod whatever signal to a UDP sink(?), and finally pipe that demod UDP bitstream into wireshark?
I would like to demod GSM data, but I don’t think that gr-gsm uses soapy api. I am still learning how to piece together the actual demod block transport streams. have any good examples or can you point me the right direction?
if limesdr is correctlly installed , it must work with gr-gsm . Gr-gsm is based on osmosdr . Tests can be made with osmo_fft or gnu companion
1 Like
You asked about GSM on Linux, but I may have an example you can learn from for the the Wireshark interface at least using GnuRadio/RFtap. On Git Hub I have a simple example that shows using a Lime SDR to connect IEEE 802.15.4/ZigBee to Wireshark using RFtap on Gnu Radio. It works amazingly well. Using a basic dipole I have to crank up the rf/if gain and turn town the BB gain, but once you get it dialed in the packets com in like magic. In Wireshark it is easy to add a packet dissector to parse the payload data or use the built-in ZigBee example. I have this working on a Mac/OSX. My next step will be to move this to the Lime/GnuRadio driver.
4 Likes
That was the great work done by bastian. But i think he used different SDR . Does the same work with Lime SDR too?Do we need seperate analog to digital conv while working with Lime. Looking forward for your reply
I had no problem using LimeSDR USB with my Wireshark example for 802.15.4 using either Soapy or GR-LimeSDR drivers on both OSX and Ubuntu 16.4. The LimeSDR drivers drop right in to replace the Soapy drivers - just follow the Lime instructions for the GR-LimeSDR. Pro tip: beware of revere polarity consumer WiFi antennas because you end up with a female to female non-connection if you used typical professional SMA connectors to your lime board. If that is not obvious I can make a quick GR-LimeSDR version and push it to github.
I’ve yet to get reasonable cell signal on a vanilla LimeSDR to get GnuRadio. I assume that is because I still lack a proper front end set up (an external LNA and a band pass filter)? Anyone have a suggestion for a cell RF front end that is less expensive than the very nice Lime RFFE board? I’m interested in receive for weaker signals on cell bands only.
-scott
1 Like
Hello Mr. Scott,
Some of the queries and bugs i am facing right now and in a much need of your guidance and help,
- I saw your wireshark example that you gave , and is that only for receiving and not for transceiving?
- What is the difference between transceiving with rftap block or without rftap block?
- In your github page you told to refer from basti’s IEEE 802.15.4 (i see he added phy layer and mac layer in it), when i see your wireshark example where is the PHY layer and MAC layer block? how it is connected to basti’s IEEE 802.15.4 transceiving block? Does receiver block dont need PHY and MAC layer for zigbee?
- Like receiving and transceiving , can we do only transmission part by constructing a proper sequence of 1s and 0s and modulate and transmit it?
I see people worked on wifi tx , is there a way to work only on zigbee tx alone
Regards,
Sam
Looking forward for your reply. I also tried to work on the wireshark example you gave. I am unable to see graph its just it showing a x symbol in the midpoint of graph but .pcap file is getting generated. Although when i try to open that in wireshark its showing as malfuctioned packet. In a need of your reply for the queries i have in mind. Even a skype call with work great.
Sam,
- Indeed my code is receive only as I am using it to sniffing only to help debug another system. Having WireShark loog traffic is very helpful to us. As far as I know WireShark is only logging traffic an there is no way to drive traffic from WireShark.
- I’ve not looking into transmitting wiht rftap, but I assume that should work just fine. I am not sure if the GR-802.15.4 package handle all of the compents needed to make a real system such as autmatic real-tome ACKs, etc.
- As I am receive only, I am only using receive componnets of the 802.15.4 code base and only the lowest layers at that.
- IEEE 802.15.4 is OQPSK with the data bits get spread in to chips with multiple values. This is all done for you with the PHY code. The IEEE spec describes this very well in the 2.4 GHzPHY appendix.
- ZigBee is a networking layer ontop of 802.15.4 that, I personally, would impliment above GnuRadio using rftap to interface with my code.
There are simpler ways into ZigBee/802.15.4. For example, TI sell a dongle dev kit with one of their older ships that you can use with their free RF Studio package to sniff and transmit packets. They also have some open source to sniff the packets into WireShark. Again, I’ve not tried to drive packets beyound their GIU tool for the most simplistic, dumb testing.
-scott
1 Like
Thank you so much for your valid reply sir. I tried to work on your wireshark and tried to sniff packets but I could not see the first two graphs. Its just showing x in the (0,0) x and y axis .pcap file is getting generated but when i tried to open it in wire shark its showing the malfunctioned packet or packet err. What do you think might be the reason for it? I am new to the GNU world . Please help me.
Also once i get my packet in wireshark , How can i measure power, throughput and latency of it? How can i verify/prove if GNU radio is giving me the perfect transceiving?
As you are on the LimeSDR forum I will assume that you are using a LimeSDR. The LimeSDR does not include a proper RF front end (a band pass filter and a LNA), but I’ve had good sucess sniffing 802.15.4 packets with the Lime as is. It does require hand tuning the gain stages that are available in the GR source widget. I’ve also found the program GQRX to be very usefull for an initial scan to to confitm that traffic is available to sniff by just viewing the waterall. Adding a waterfall display right after the source is another handy way to see how well dialed in your gain level are. Generally, I have had to turn the Lime source gain fairly high up to get my signal where it needs to be. If you can get my sniffing example working then you at least know how to set the Rx gain channel and you shuold be able to move to Bastin’s examples for the receive side. You could always run the sniffer on the second Rx channel to confirm over the air performance.
Also keep in mind that 15.4 performs carrier sense (performs listen before talks such that it will only transmit if there are no jammers such as wifi using the channel at that instant). You can always try moving to a quiter environment. (Not sure if Bastin’s code performs CS).
One other thing to confirm is that you have the proper genders on your antenna to match your connectors. This is a particular challange with SMA connectors as must consumer WiFI uses reverse polarity (gender) and a consumer WiFI antenns will not have the needed inner pin to connect with a professional (Standard Polarity) SMA connector that you may have bought from Crowd Source, etc. The ANT should have a tiny wire poking out of the center to be Normal Polarity. I’ve made this mistake several times by just grabbing any antenna on my bench that looks to be the right length.
Regardign your question of time tagging, in my example I tried to describe piping the output of GnuRadio directly into WireShark so that events are tagged as they arrive into WireShark. I did this under OSX, but this should work with Linux just as well (not sure about Windows).
Hello Mr. Mountain Logic,
Can the Xbee hardware by digi able to communicate with GNU Radio and Lime ? If yes , can you give me tips on how to do that?