« LTE sniff » : différence entre les versions
Aller à la navigation
Aller à la recherche
Page créée avec « 1- Information on the environment We use an Android phone configured to connect with 4G Networks. The android app CellInfo Viewer confirm our *Earfcn*, for us it's 6300. T... » |
Aucun résumé des modifications |
||
| Ligne 1 : | Ligne 1 : | ||
1- Information on the environment | 1- Information on the environment | ||
We use an Android phone configured to connect with 4G Networks. | We use an Android phone configured to connect with 4G Networks. | ||
The android app CellInfo Viewer confirm our *Earfcn*, for us it's 6300. | The android app CellInfo Viewer confirm our *Earfcn*, for us it's 6300. | ||
| Ligne 6 : | Ligne 8 : | ||
Earfcn 6300 correspond to 806Mhz on LTE frequency band. | Earfcn 6300 correspond to 806Mhz on LTE frequency band. | ||
LTE-Cell-Scanner/build/src$ ./CellSearch -g 40 -s 806000000 | LTE-Cell-Scanner/build/src$ ./CellSearch -g 40 -s 806000000 | ||
LTE CellSearch (release) beginning. 1.0 to 1.1.0: OpenCL/TDD/HACKRF/bladeRF/ext-LNB added by Jiao Xianjun(putaoshu@gmail.com) | LTE CellSearch (release) beginning. 1.0 to 1.1.0: OpenCL/TDD/HACKRF/bladeRF/ext-LNB added by Jiao Xianjun(putaoshu@gmail.com) | ||
PPM: 0 | |||
correction: 1 | |||
HACKRF device FOUND! | HACKRF device FOUND! | ||
Use HW begin with 806MHz actual 806MHz 1.92e+06MHz | Use HW begin with 806MHz actual 806MHz 1.92e+06MHz | ||
Search frequency: 806 to 806 MHz | |||
with freq correction: 0 kHz | with freq correction: 0 kHz | ||
Search PSS at fo: -140 to 135 kHz | |||
Examining center frequency 806 MHz ... try 0 | Examining center frequency 806 MHz ... try 0 | ||
input level: avg abs(real) 0.0901816 avg abs(imag) 0.0900797 | input level: avg abs(real) 0.0901816 avg abs(imag) 0.0900797 | ||
Hit PAR [13.4983 12.8747]dB | Hit PAR [13.4983 12.8747]dB | ||
PSS XCORR cost 5.65892s | PSS XCORR cost 5.65892s | ||
Hit num peaks 3 | Hit num peaks 3 | ||
try peak 0 tdd_flag 0 | try peak 0 tdd_flag 0 | ||
Detected a FDD cell! At freqeuncy 806MHz, try 0 | |||
cell ID: 476 | |||
PSS ID: 2 | |||
RX power level: -25.3461 dB | |||
residual frequency offset: -3301.78 Hz | |||
k_factor: 1 | |||
try peak 0 tdd_flag 1 | try peak 0 tdd_flag 1 | ||
try peak 1 tdd_flag 0 | try peak 1 tdd_flag 0 | ||
Detected a FDD cell! At freqeuncy 806MHz, try 0 | |||
cell ID: 232 | |||
PSS ID: 1 | |||
RX power level: -26.449 dB | |||
residual frequency offset: -3310.88 Hz | |||
k_factor: 1 | |||
try peak 1 tdd_flag 1 | try peak 1 tdd_flag 1 | ||
try peak 2 tdd_flag 0 | try peak 2 tdd_flag 0 | ||
Detected a FDD cell! At freqeuncy 806MHz, try 0 | |||
cell ID: 181 | |||
PSS ID: 1 | |||
RX power level: -27.9678 dB | |||
residual frequency offset: -3330.92 Hz | |||
k_factor: 1 | |||
try peak 2 tdd_flag 1 | try peak 2 tdd_flag 1 | ||
Detected the following cells: | Detected the following cells: | ||
DPX:TDD/FDD; A: #antenna ports C: CP type ; P: PHICH duration ; PR: PHICH resource type | DPX:TDD/FDD; A: #antenna ports C: CP type ; P: PHICH duration ; PR: PHICH resource type | ||
DPX CID A fc freq-offset RXPWR C nRB P PR CrystalCorrection ppm | DPX CID A fc freq-offset RXPWR C nRB P PR CrystalCorrection ppm | ||
FDD 476 2 806M -3.3k -25.3 N 50 N 1/6 0.999995903521185 -4.1 | FDD 476 2 806M -3.3k -25.3 N 50 N 1/6 0.999995903521185 -4.1 | ||
FDD 232 2 806M -3.31k -26.4 N 50 N 1/6 0.999995892223039 -4.11 | FDD 232 2 806M -3.31k -26.4 N 50 N 1/6 0.999995892223039 -4.11 | ||
FDD 181 2 806M -3.33k -28 N 50 N 1/6 0.999995867358836 -4.13 | FDD 181 2 806M -3.33k -28 N 50 N 1/6 0.999995867358836 -4.13 | ||
We can now track signal received from antenna around us. | We can now track signal received from antenna around us. | ||
LTE-Cell-Scanner/build/src$ ./LTE-Tracker -f 806000000 | |||
LTE-Cell-Scanner/build/src$ ./LTE-Tracker -f 806000000 | |||
LTE-Tracker confirm that our phone listening on physical antenna number 476 correspond to a physical antenna sniffed by the hackrf. | LTE-Tracker confirm that our phone listening on physical antenna number 476 correspond to a physical antenna sniffed by the hackrf. | ||
Dernière version du 9 septembre 2018 à 23:35
1- Information on the environment
We use an Android phone configured to connect with 4G Networks.
The android app CellInfo Viewer confirm our *Earfcn*, for us it's 6300.
The frequency our phone is listening to can be deduced from the Earfcn.
We can calculate the frequency with niviuk.free.fr.
Earfcn 6300 correspond to 806Mhz on LTE frequency band.
LTE-Cell-Scanner/build/src$ ./CellSearch -g 40 -s 806000000
LTE CellSearch (release) beginning. 1.0 to 1.1.0: OpenCL/TDD/HACKRF/bladeRF/ext-LNB added by Jiao Xianjun(putaoshu@gmail.com)
PPM: 0
correction: 1
HACKRF device FOUND!
Use HW begin with 806MHz actual 806MHz 1.92e+06MHz
Search frequency: 806 to 806 MHz
with freq correction: 0 kHz
Search PSS at fo: -140 to 135 kHz
Examining center frequency 806 MHz ... try 0
input level: avg abs(real) 0.0901816 avg abs(imag) 0.0900797
Hit PAR [13.4983 12.8747]dB
PSS XCORR cost 5.65892s
Hit num peaks 3
try peak 0 tdd_flag 0
Detected a FDD cell! At freqeuncy 806MHz, try 0
cell ID: 476
PSS ID: 2
RX power level: -25.3461 dB
residual frequency offset: -3301.78 Hz
k_factor: 1
try peak 0 tdd_flag 1
try peak 1 tdd_flag 0
Detected a FDD cell! At freqeuncy 806MHz, try 0
cell ID: 232
PSS ID: 1
RX power level: -26.449 dB
residual frequency offset: -3310.88 Hz
k_factor: 1
try peak 1 tdd_flag 1
try peak 2 tdd_flag 0
Detected a FDD cell! At freqeuncy 806MHz, try 0
cell ID: 181
PSS ID: 1
RX power level: -27.9678 dB
residual frequency offset: -3330.92 Hz
k_factor: 1
try peak 2 tdd_flag 1
Detected the following cells:
DPX:TDD/FDD; A: #antenna ports C: CP type ; P: PHICH duration ; PR: PHICH resource type
DPX CID A fc freq-offset RXPWR C nRB P PR CrystalCorrection ppm
FDD 476 2 806M -3.3k -25.3 N 50 N 1/6 0.999995903521185 -4.1
FDD 232 2 806M -3.31k -26.4 N 50 N 1/6 0.999995892223039 -4.11
FDD 181 2 806M -3.33k -28 N 50 N 1/6 0.999995867358836 -4.13
We can now track signal received from antenna around us.
LTE-Cell-Scanner/build/src$ ./LTE-Tracker -f 806000000
LTE-Tracker confirm that our phone listening on physical antenna number 476 correspond to a physical antenna sniffed by the hackrf.