Hi Doug, Thanks for the response. Correct, through USRP2 to an Atheros card running tcpdump that is definitely in promiscuous mode. I have not been able to decode a packet yet. What I've done is replaced the payload with an 802.11 Probe Response packet to have something noticeable. If I set the card to report packets that have PHY or CRC errors, I occasionally see a packet reported:
03:44:07.572350 10855977948us tsft 1.0 Mb/s 2417 MHz (0x0480) -8dB signal -71dB noise antenna 1 63dB signal Probe Response[|802.11] The SNR notably not an issue... also what I've done is tried using a matched filter against the preamble. I extracted the corresponding samples to the modulated preamble from an 802.11 packet captured with the USRP2, and correlated it with a captured trace that has 11 802.11 packets. There is CLEARLY a correlation (as expected): http://cyprus.cmcl.cs.cmu.edu/~gnychis/mfilter/trace_signature.png Note that the packet I extracted the signature from the USRP2 capture is decodable by the BBN decoder. Now, if I use the same signature and try to correlate it with a packet that the BBN code generates, it does NOT correlate: http://cyprus.cmcl.cs.cmu.edu/~gnychis/mfilter/captured_sig_with_our_packet.png If I use the BBN code to generate a signature of the preamble, it correlates great with itself (as expected) and NOT with an 802.11 packet captured with the USRP2: http://cyprus.cmcl.cs.cmu.edu/~gnychis/mfilter/gr_sig_with_our_packet.png http://cyprus.cmcl.cs.cmu.edu/~gnychis/mfilter/gr_sig_with_trace.png Interestingly enough, if I disable the barker option in the BBN code to generate a signature, it correlates better (but not that well) with the USRP2 trace of captured 802.11 packets: http://cyprus.cmcl.cs.cmu.edu/~gnychis/mfilter/gr_nobarker.png So......... something is wrong somewhere. To try and verify things, Dan Halperin and I hacked up an 802.11b modulator in matlab, and our code correlates pretty directly with the BBN code (it can demodulate our packets and our signatures correlate), but again our does not generate correlateable signatures with captured 802.11 packets. :\ So I suspect something is different about how the 802.11 card is modulating packets at 1Mbps with a long preamble. I suspect that once I get the 802.11 card to successfully decode a packet generated by the BBN code, it might be able to generate a proper signature. - George > I will have to get back to you on that - I am back in the office this > week, but I'll be attending all-day training Mon-Weds. This is with > transmitting with the BBN/GNURadio code through a USRP2, and receiving > with some commercial card, yes? Out of curiosity, which card, and what > sort of capture tool (I use an AirPcap EX and Wireshark - since I know > the AirPcap is always in promiscuous mode, and thus dumps all detected > valid 802.11 frames, regardless of destination address). > Doug > >
_______________________________________________ Discuss-gnuradio mailing list [email protected] http://lists.gnu.org/mailman/listinfo/discuss-gnuradio
