target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
#!/usr/bin/env python2
|
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
2018-03-12 18:09:56 +00:00
|
|
|
# TRX Toolkit
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
# CTRL interface implementation (OsmoBTS specific)
|
|
|
|
#
|
|
|
|
# (C) 2016-2017 by Vadim Yanitskiy <axilirator@gmail.com>
|
|
|
|
#
|
|
|
|
# All Rights Reserved
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License along
|
|
|
|
# with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
|
|
|
|
|
from ctrl_if import CTRLInterface
|
|
|
|
|
|
|
|
class CTRLInterfaceBTS(CTRLInterface):
|
|
|
|
# Internal state variables
|
|
|
|
trx_started = False
|
2017-07-14 02:19:22 +00:00
|
|
|
burst_fwd = None
|
2017-12-08 18:25:52 +00:00
|
|
|
clck_gen = None
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
rx_freq = None
|
|
|
|
tx_freq = None
|
2017-07-14 01:06:07 +00:00
|
|
|
pm = None
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
|
2018-03-21 12:46:34 +00:00
|
|
|
def __init__(self, remote_addr, remote_port, bind_addr, bind_port):
|
|
|
|
CTRLInterface.__init__(self, remote_addr, remote_port, bind_addr, bind_port)
|
2018-02-28 21:52:47 +00:00
|
|
|
print("[i] Init CTRL interface for BTS (%s)" % self.desc_link())
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
|
|
|
|
def parse_cmd(self, request):
|
|
|
|
# Power control
|
|
|
|
if self.verify_cmd(request, "POWERON", 0):
|
|
|
|
print("[i] Recv POWERON CMD")
|
|
|
|
|
|
|
|
# Ensure transceiver isn't working
|
|
|
|
if self.trx_started:
|
|
|
|
print("[!] Transceiver already started")
|
|
|
|
return -1
|
|
|
|
|
|
|
|
# Ensure RX / TX freq. are set
|
|
|
|
if (self.rx_freq is None) or (self.tx_freq is None):
|
2017-07-13 22:32:19 +00:00
|
|
|
print("[!] RX / TX freq. are not set")
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
return -1
|
|
|
|
|
|
|
|
print("[i] Starting transceiver...")
|
|
|
|
self.trx_started = True
|
2017-07-14 01:06:07 +00:00
|
|
|
|
|
|
|
# Power emulation
|
|
|
|
if self.pm is not None:
|
|
|
|
self.pm.add_bts_list([self.tx_freq])
|
|
|
|
|
2017-12-08 18:25:52 +00:00
|
|
|
# Start clock indications
|
|
|
|
if self.clck_gen is not None:
|
|
|
|
self.clck_gen.start()
|
|
|
|
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
return 0
|
|
|
|
|
|
|
|
elif self.verify_cmd(request, "POWEROFF", 0):
|
|
|
|
print("[i] Recv POWEROFF cmd")
|
|
|
|
|
|
|
|
print("[i] Stopping transceiver...")
|
|
|
|
self.trx_started = False
|
2017-07-14 01:06:07 +00:00
|
|
|
|
|
|
|
# Power emulation
|
|
|
|
if self.pm is not None:
|
|
|
|
self.pm.del_bts_list([self.tx_freq])
|
|
|
|
|
2017-12-08 18:25:52 +00:00
|
|
|
# Stop clock indications
|
|
|
|
if self.clck_gen is not None:
|
|
|
|
self.clck_gen.stop()
|
|
|
|
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
return 0
|
|
|
|
|
|
|
|
# Tuning Control
|
|
|
|
elif self.verify_cmd(request, "RXTUNE", 1):
|
|
|
|
print("[i] Recv RXTUNE cmd")
|
|
|
|
|
|
|
|
# TODO: check freq range
|
|
|
|
self.rx_freq = int(request[1]) * 1000
|
|
|
|
return 0
|
|
|
|
|
|
|
|
elif self.verify_cmd(request, "TXTUNE", 1):
|
|
|
|
print("[i] Recv TXTUNE cmd")
|
|
|
|
|
|
|
|
# TODO: check freq range
|
|
|
|
self.tx_freq = int(request[1]) * 1000
|
2017-07-14 02:19:22 +00:00
|
|
|
self.burst_fwd.bts_freq = self.tx_freq
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
return 0
|
|
|
|
|
2018-02-22 21:24:19 +00:00
|
|
|
# Timing of Arrival simulation for Downlink
|
|
|
|
# Absolute form: CMD FAKE_TOA <BASE> <THRESH>
|
|
|
|
elif self.verify_cmd(request, "FAKE_TOA", 2):
|
|
|
|
print("[i] Recv FAKE_TOA cmd")
|
|
|
|
|
|
|
|
# Parse and apply both base and threshold
|
|
|
|
self.burst_fwd.toa256_dl_base = int(request[1])
|
|
|
|
self.burst_fwd.toa256_dl_threshold = int(request[2])
|
|
|
|
|
2018-02-28 22:16:02 +00:00
|
|
|
return 0
|
2018-02-22 21:24:19 +00:00
|
|
|
|
|
|
|
# Timing of Arrival simulation for Downlink
|
|
|
|
# Relative form: CMD FAKE_TOA <+-BASE_DELTA>
|
|
|
|
elif self.verify_cmd(request, "FAKE_TOA", 1):
|
|
|
|
print("[i] Recv FAKE_TOA cmd")
|
|
|
|
|
|
|
|
# Parse and apply delta
|
|
|
|
self.burst_fwd.toa256_dl_base += int(request[1])
|
|
|
|
|
2018-02-28 22:16:02 +00:00
|
|
|
return 0
|
2018-02-22 21:24:19 +00:00
|
|
|
|
2018-08-01 21:06:05 +00:00
|
|
|
# Path loss simulation for DL: burst dropping
|
|
|
|
# Syntax: CMD FAKE_DROP <AMOUNT>
|
|
|
|
# Dropping pattern: fn % 1 == 0
|
|
|
|
elif self.verify_cmd(request, "FAKE_DROP", 1):
|
|
|
|
print("[i] Recv FAKE_DROP cmd")
|
|
|
|
|
|
|
|
# Parse / validate amount of bursts
|
|
|
|
num = int(request[1])
|
|
|
|
if num < 0:
|
|
|
|
print("[!] FAKE_DROP amount shall not be negative")
|
|
|
|
return -1
|
|
|
|
|
|
|
|
self.burst_fwd.burst_dl_drop_amount = num
|
|
|
|
self.burst_fwd.burst_dl_drop_period = 1
|
|
|
|
|
|
|
|
return 0
|
|
|
|
|
|
|
|
# Path loss simulation for DL: burst dropping
|
|
|
|
# Syntax: CMD FAKE_DROP <AMOUNT> <FN_PERIOD>
|
|
|
|
# Dropping pattern: fn % period == 0
|
|
|
|
elif self.verify_cmd(request, "FAKE_DROP", 2):
|
|
|
|
print("[i] Recv FAKE_DROP cmd")
|
|
|
|
|
|
|
|
# Parse / validate amount of bursts
|
|
|
|
num = int(request[1])
|
|
|
|
if num < 0:
|
|
|
|
print("[!] FAKE_DROP amount shall not be negative")
|
|
|
|
return -1
|
|
|
|
|
|
|
|
# Parse / validate period
|
|
|
|
period = int(request[2])
|
|
|
|
if period <= 0:
|
|
|
|
print("[!] FAKE_DROP period shall be greater than zero")
|
|
|
|
return -1
|
|
|
|
|
|
|
|
self.burst_fwd.burst_dl_drop_amount = num
|
|
|
|
self.burst_fwd.burst_dl_drop_period = period
|
|
|
|
|
|
|
|
return 0
|
|
|
|
|
target/fake_trx: initial release of virtual transceiver
This is a set of tools for creating a virtual Um-interface between
OsmocomBB and OsmoBTS. It may be extremely useful for testing and
development of GSM stack, including both sides (MS and BTS). This
software implements OsmoTRX (Osmocom's fork of OpenBTS transceiver)
style clock (CLCK), control (CTRL) and data interfaces. So, OsmoBTS
source code doesn't require any modifications, while for OsmocomBB
you will need to use a new application - trxcon, which can be found
in the 'fixeria/sdr_phy' branch until one is merged to master.
Brief description of available applications:
- fake_trx.py - main application, that allows to connect both
OsmocomBB and OsmoBTS without actual RF hardware. Currently
only a single MS may work with a single BTS.
- clck_gen.py - a peripheral tool aimed to emulate TDMA frame
clock generator. Could be used for testing and clock
synchronization of multiple applications. It should be noted,
that one relays on generic system timer (via Python), so
a random clock jitter takes place.
- ctrl_cmd.py - another peripheral tool, which could be used
for sending CTRL commands directly in manual mode, and also
for application fuzzing.
Change-Id: Ib1fb80682002ac85a72fa6abef459a4c44f4ab97
2017-07-10 12:39:06 +00:00
|
|
|
# Wrong / unknown command
|
|
|
|
else:
|
|
|
|
# We don't care about other commands,
|
|
|
|
# so let's merely ignore them ;)
|
|
|
|
print("[i] Ignore CMD %s" % request[0])
|
|
|
|
return 0
|