Which Channel for bellows dump?

[JimmyTheNerd]

Hello!

bellows dump requires the --channel argument, but I don't know where I could get the information from.

I'd like to log all the communication of my ZigBee network and tried all channels from 11 to 26, without any success.

Could someone please give me a hint?

Thank you!

[Adminiuga]

By default bellows forms network on channel 15

On Sat, Aug 31, 2019, 14:29 Mr. B notifications@github.com wrote:

Hello!

bellows dump requires the --channel argument, but I don't know where I could get the information from.

I'd like to log all the communication of my ZigBee network and tried all channels from 11 to 26, without any success.

Could someone please give me a hint?

Thank you!

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/zigpy/bellows/issues/182?email_source=notifications&email_token=ABMOM4G3GNDBO6B2O6UY2NDQHK2BVA5CNFSM4ISUOGH2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HITGYNQ, or mute the thread https://github.com/notifications/unsubscribe-auth/ABMOM4C2ORCSXMDKIMOHGTDQHK2BVANCNFSM4ISUOGHQ .

[Adminiuga]

Keep in mind you cannot run coordinator and dump network at the same time. You would need a second EZSP radio or you could get a CC2531 and flash it with zboss sniffer firmware.

On Sat, Aug 31, 2019, 14:50 Alexei C lexoid@gmail.com wrote:

By default bellows forms network on channel 15

On Sat, Aug 31, 2019, 14:29 Mr. B notifications@github.com wrote:

Hello!

bellows dump requires the --channel argument, but I don't know where I could get the information from.

I'd like to log all the communication of my ZigBee network and tried all channels from 11 to 26, without any success.

Could someone please give me a hint?

Thank you!

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/zigpy/bellows/issues/182?email_source=notifications&email_token=ABMOM4G3GNDBO6B2O6UY2NDQHK2BVA5CNFSM4ISUOGH2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HITGYNQ, or mute the thread https://github.com/notifications/unsubscribe-auth/ABMOM4C2ORCSXMDKIMOHGTDQHK2BVANCNFSM4ISUOGHQ .

[JimmyTheNerd]

Thanks @Adminiuga, something (binary) is now written into the dump file.

Is there a way of logging it readable for humans? :-)

[Adminiuga]

Change extension to .pcap and open in Wireshark. Google on how to obtain your network key so you could decrypt aps payload.

On Sat, Aug 31, 2019, 15:05 Mr. B notifications@github.com wrote:

Thanks @Adminiuga https://github.com/Adminiuga, something (binary) is now written into the dump file.

Is there a way of logging it readable for humans? :-)

By default bellows forms network on channel 15 … <#m8019239376496767508> On Sat, Aug 31, 2019, 14:29 Mr. B @.***> wrote: Hello! bellows dump requires the --channel argument, but I don't know where I could get the information from. I'd like to log all the communication of my ZigBee network and tried all channels from 11 to 26, without any success. Could someone please give me a hint? Thank you! — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#182 https://github.com/zigpy/bellows/issues/182?email_source=notifications&email_token=ABMOM4G3GNDBO6B2O6UY2NDQHK2BVA5CNFSM4ISUOGH2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HITGYNQ>, or mute the thread https://github.com/notifications/unsubscribe-auth/ABMOM4C2ORCSXMDKIMOHGTDQHK2BVANCNFSM4ISUOGHQ .

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/zigpy/bellows/issues/182?email_source=notifications&email_token=ABMOM4FTW2LGUTEJ3MNGO5DQHK6GLA5CNFSM4ISUOGH2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5TTK6I#issuecomment-526857593, or mute the thread https://github.com/notifications/unsubscribe-auth/ABMOM4ANKYKASPWROW76R33QHK6GLANCNFSM4ISUOGHQ .

[JimmyTheNerd]

@Adminiuga thank you. I loaded the *.pcap file in Wireshark and it's detecting the different frames, but I'm not able to decrypt it yet after following a few tutorials, including this Video:

The protocol of all frames is detected as IEEE 802.15.4 and not as ZigBee. It's info value is Beacon Request. Is that normal?

I added the Trust Center Link Key 5A:69:67:42:65:65:41:6C:6C:69:61:6E:63:65:30:39, which I understood is equally for everyone.

Afterwards I wanted to get the Transport Key (Video at 1:24), but I can't get that information from any frame.

Thanks again.

[Adminiuga]

802.15.4 is the radio layer and Zigbee is an upper layer on too of it. After you added TC Lin key, did you successfuly join a device to get the transport key? The network key is only sent when a device joins the network, that's why you need two EZSP radios, one to act normally as a trust center and second one to do capture. Afaik it is not possible to read network key from EZSP, but you can write your own key to EZSP.

[JimmyTheNerd]

802.15.4 is the radio layer and Zigbee is an upper layer on too of it.

Thanks @Adminiuga

After you added TC Lin key, did you successfuly join a device to get the transport key?

Not yet. It looks like I can't run bellows dump -c 15 -w output.pcap and bellows permit at the same time, which means I can't log the traffic during the joining. Both commands run just fine when called separately.

[Adminiuga]

Correct, and hence my previous remark that you would need two EZSP radios. One to run coordinator and second one to dump traffic.

On Sun, Sep 1, 2019, 12:33 Mr. B notifications@github.com wrote:

802.15.4 is the radio layer and Zigbee is an upper layer on too of it. Thanks @Adminiuga https://github.com/Adminiuga

After you added TC Lin key, did you successfuly join a device to get the transport key? Not yet. It looks like I can't run bellows dump -c 15 -w output.pcap and bellows permit at the same time, which means I can't log the traffic during the joining. Both commands run just fine when called separately.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/zigpy/bellows/issues/182?email_source=notifications&email_token=ABMOM4A2YM4RVHD6RF56TATQHPVHBA5CNFSM4ISUOGH2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5UGBPI#issuecomment-526934205, or mute the thread https://github.com/notifications/unsubscribe-auth/ABMOM4A4FCOQAMKTKED2VJDQHPVHBANCNFSM4ISUOGHQ .

[JimmyTheNerd]

I finally got what you meant.

Thank you very much @Adminiuga.