search

srsran / srsRAN_4G

Open source SDR 4G software suite from Software Radio Systems (SRS) https://docs.srsran.com/projects/4g
https://www.srsran.com
GNU Affero General Public License v3.0
3.48k stars 1.15k forks source link

srslte passive mode #394

Closed braymond1776 closed 4 years ago

braymond1776 commented 5 years ago

Good Evening, I’m posting here since my messages to the list serve seem to be stuck in moderation. I’m in the process of working on a research project and trying to document how to use srslte to map the nearby LTE networks using passive methods. I'm trying to replicate what was conducted in this research paper. https://pdfs.semanticscholar.org/db4e/e36d36392f7d456b528a6a0204c17dd2dd3f.pdf

1) Thanks to the latest release which fixed a bug within “cell_search”, I’m now able to discover available cells within my area of interest.

2) My next step is to then to passive listen to the broadcast messages to discover who owns the cell and then to potentially listen to the Paging requests.

After extensively looking through the list-serv I haven’t seen any real updates on this type of methodology since 2016 or so. Have there been any updates to this post..? http://www.softwareradiosystems.com/pipermail/srslte-users/2016-February/000156.html

First thing to do is to instruct the pdsch_ue example to look for paging messages in PDSCH, just past the paging RNTI (0xFFFE) with the option "-r" to the program. Then you need to modify the pdsch_ue example to print or save the decoded messages. If you look at file srslte/examples/pdsch_ue.c, line 499, when the program gets there it means it has successfully decoded a packet in PDSCH. The packet should be in the "data" pointer. You can use the function srslte_vec_fprint_byte() to print the hex string to stdout.

I’ve also seen the recommendation to use “srsue”to listen to commercial traffic as well. My question regarding that is...wouldn’t you need to use a commercial sim in order to properly configure “srsue” in that manor? As I type that out and think it through, I’m not sure that’s fully making sense...but I’m not sure how to put “srsue” into passive mode (if there is such a thing) other than disconnect the Tx antenna.

Sorry for this not being a true issue...and I’m happy to contribute my documentation back to the repo for other if interested.

Cheers!

Hardware Description

LimeSDR USB Ubuntu 18.04 w/ i7 and 32GB Ram

andrepuschmann commented 4 years ago

You can't decode traffic from other users in the cell and srsUE doesn't have a passive mode either I am afraid.