Creating a PAN with Thinkpad R51, Samsung D500 and iPaq RX4240
Maksim Yevmenkin
maksim.yevmenkin at gmail.com
Mon Apr 23 18:54:00 UTC 2007
On 4/23/07, Sh4d03 <mlists at shadow-security.net> wrote:
> Hello all,
>
> Ultimately I want to be able to connect my Laptop, PDA and Mobile
> together to share/synchronise appointments and contacts - the usual guff.
>
> My Hardware is as follows:
>
> IBM Thinkpad R51
> USB Bluetooth Adapter (unknown brand)
> Samsung D500 Mobile Phone (Cellular)
> HP iPaq RX4240 Personal Digital Assistant
>
> My Software (so far):
>
> FreeBSD 6.2-STABLE
> obexapp-1.4.5
> openobex-1.3
>
>
> I've read/followed the handbook section for Bluetooth and accomplished
> the following so far:
>
> I've loaded the Kernel Module
>
> # kldload ng_ubt
>
> I've plugged in my USB Dongle and received the following in dmesg:
>
> ubt0: vendor 0x0a12 product 0x0001, rev 2.00/15.93, addr 3
> ubt0: vendor 0x0a12 product 0x0001, rev 2.00/15.93, addr 3
> ubt0: Interface 0 endpoints: interrupt=0x81, bulk-in=0x82, bulk-out=0x2
> ubt0: Interface 1 (alt.config 5) endpoints: isoc-in=0x83, isoc-out=0x3;
> wMaxPacketSize=49; nframes=6, buffer size=294
>
> I've copied /usr/share/examples/netgraph/bluetooth/rc.bluetooth to
> /etc/rc.bluetooth - despite 6.1 and above apparently being able to start
> bluetooth automagically.
>
> Now I run 'hccontrol -n ubt0hci inquiry' and receive:
>
> # hccontrol -n ubt0hci inquiry
> Inquiry result, num_responses=1
> Inquiry result #0
> BD_ADDR: 00:12:47:5c:be:6a
> Page Scan Rep. Mode: 0x1
> Page Scan Period Mode: 00
> Page Scan Mode: 00
> Class: 52:02:04
> Clock offset: 0x15e3
> Inquiry result, num_responses=1
> Inquiry result #0
> BD_ADDR: Sh4d03_PDA
> Page Scan Rep. Mode: 00
> Page Scan Period Mode: 0x2
> Page Scan Mode: 00
> Class: 32:01:10
> Clock offset: 0x59fd
> Inquiry complete. Status: No error [00]
> #
>
> Next, to find out whether the first entry is really my phone I run
> 'hccontrol -n ubt0hci remote_name_request 00:12:47:5c:be:6a'
>
> # hccontrol -n ubt0hci remote_name_request 00:12:47:5c:be:6a
> BD_ADDR: 00:12:47:5c:be:6a
> Name: Sh4d03_Mobile
>
> Yep, it sure is.
>
> Next, I do 'hccontrol -n ubt0hci read_connection_list' and receive only
> the column headings - i.e. no currently open connections, which would
> make sense - right?
>
> Next, I attempt an l2ping to both devices:
>
> # sudo l2ping -a 00:12:47:5c:be:6a -c 4
> 4 bytes from 00:12:47:5c:be:6a seq_no=1313822285 time=560.831 ms result=0
> 4 bytes from 00:12:47:5c:be:6a seq_no=1313822285 time=36.562 ms result=0
> 4 bytes from 00:12:47:5c:be:6a seq_no=1313822285 time=31.758 ms result=0
> 4 bytes from 00:12:47:5c:be:6a seq_no=1313822285 time=42.943 ms result=0
>
> # sudo l2ping -a Sh4d03_PDA -c 4
> 44 bytes from Sh4d03_PDA seq_no=0 time=31.945 ms result=0
> 44 bytes from Sh4d03_PDA seq_no=1 time=43.630 ms result=0
> 44 bytes from Sh4d03_PDA seq_no=2 time=31.823 ms result=0
> 44 bytes from Sh4d03_PDA seq_no=3 time=34.018 ms result=0
everything until here looks just fine.
>
> Now I figure it's time I should pair my devices, so firstly I add the
> following entries into /etc/bluetooth/hcsecd.conf:
>
> device {
> bdaddr 00:12:47:6c:be:6a
> name "Sh4d03_Mobile"
> key nokey;
> pin "1777";
> }
>
> device {
> bdaddr Sh4d03_PDA
> name "Sh4d03_PDA"
> key nokey;
> pin "1777";
> }
your /etc/bluetooth/hcsecd.conf entries are wrong:
1) you have missed the ';' after "bdaddr 00:12:47:6c:be:6a" and "name
."Sh4d03_Mobile""
2) you can _not_ use symbolic names in bdaddr, i.e. "bdaddr
Sh4d03_PDA" is wrong
> I then added the line 'hcsecd_enable="YES"' to my /etc/rc.conf. I can't
> remember whether this process automagically started but while writing
> this I kill -9'd the process and started it manually like so:
>
> # hcsecd -f /etc/bluetooth/hcsecd.conf
> # ps auxw | grep hcsecd
> root 18341 0.0 0.1 1432 720 ?? Is 4:46PM 0:00.00 hcsecd -f
> /etc/bluetooth/hcsecd.conf
>
>
> Next I used sdpcontrol to browse the services of the PDA:
>
> # sdpcontrol -a Sh4d03_PDA browse
>
> Record Handle: 0x00010000
> Service Class ID List:
> GN (0x1117)
> Protocol Descriptor List:
> L2CAP (0x0100)
> Protocol specific parameter #1: u/int/uuid16 15
> BNEP (0x000f)
> Protocol specific parameter #1: u/int/uuid16 256
> Protocol specific parameter #2: 0x09 0x08 00 0x09 0x08
> 0x06
> Bluetooth Profile Descriptor List:
> GN (0x1117) ver. 1.0
>
> Record Handle: 0x00010001
> Service Class ID List:
> PANU (0x1115)
> Protocol Descriptor List:
> L2CAP (0x0100)
> Protocol specific parameter #1: u/int/uuid16 15
> BNEP (0x000f)
> Protocol specific parameter #1: u/int/uuid16 256
> Protocol specific parameter #2: 0x09 0x08 00 0x09 0x08
> 0x06
> Bluetooth Profile Descriptor List:
> PANU (0x1115) ver. 1.0
>
> Record Handle: 0x00010002
> Service Class ID List:
> Serial Port (0x1101)
> Protocol Descriptor List:
> L2CAP (0x0100)
> RFCOMM (0x0003)
> Protocol specific parameter #1: u/int8/bool 1
> Bluetooth Profile Descriptor List:
> Serial Port (0x1101) ver. 1.0
>
> Record Handle: 0x00010003
> Service Class ID List:
> OBEX Object Push (0x1105)
> Protocol Descriptor List:
> L2CAP (0x0100)
> RFCOMM (0x0003)
> Protocol specific parameter #1: u/int8/bool 2
> OBEX (0x0008)
> Bluetooth Profile Descriptor List:
> OBEX Object Push (0x1105) ver. 1.0
>
> Record Handle: 0x00010004
> Service Class ID List:
> OBEX File Transfer (0x1106)
> Protocol Descriptor List:
> L2CAP (0x0100)
> RFCOMM (0x0003)
> Protocol specific parameter #1: u/int8/bool 3
> OBEX (0x0008)
> Bluetooth Profile Descriptor List:
> OBEX File Transfer (0x1106) ver. 1.0
>
> Record Handle: 0x00010005
> Service Class ID List:
> Headset Audio Gateway (0x1112)
> Generic Audio (0x1203)
> Protocol Descriptor List:
> L2CAP (0x0100)
> RFCOMM (0x0003)
> Protocol specific parameter #1: u/int8/bool 4
> Bluetooth Profile Descriptor List:
> Headset (0x1108) ver. 1.1
looks fine
>
>
> And then the same for the Mobile Phone:
>
> # sdpcontrol -a 00:12:47:6c:be:6a browse
> Could not execute command "browse". Host is down
>
> Ah, the first sign of trouble. I stopped working on the Phone from here
> on but would appreciate any input on a possible cause. I've previously
> had this Phone working with (I think) FreeBSD - however it *may* have
> been when I was still using Gentoo.
is bluetooth on the phone? have you tried to execute sdpcontrol one
more time? sometimes phones miss initial page request and it causes
'host down' error (basically baseband connection can not be
established)
> Back to the PDA - I can see the services offered by the PDA so I
> installed obexapp and tried to connect:
>
> # cd /usr/ports/comms/obexapp
> # make install clean
> <snip>
>
> # obexapp -c -a Sh4d03_PDA -C 1
>
> This looked promising because the PDA then asked me for a pass key - I
> entered the same as I entered in the hcsecd.conf and hit ok, but obexapp
> simply dropped to a new line where I believe I should have received the
> obexftp prompt or something similar.
>
> My hcidump -x of this connection is as follows:
>
>
> Before running obexapp:
>
> p# hcidump -x
> HCIDump - HCI packet analyzer ver 1.5
> device: any snap_len: 65535 filter: 0xffffffff
>
>
> After starting obexapp, before entering code into PDA:
>
>
> < HCI Command: Create Connection(0x01|0x0005) plen 13
> 68 75 1A 18 10 00 18 CC 00 00 00 00 00
> > HCI Event: Command Status(0x0f) plen 4
> 00 01 05 04
> > HCI Event: Connect Complete(0x03) plen 11
> 00 2B 00 68 75 1A 18 10 00 01 00
> < HCI Command: Write Link Policy Settings(0x02|0x000d) plen 4
> 2B 00 0E 00
> < ACL data: handle 0x002b flags 0x02 dlen 12
> L2CAP(s): Connect req: psm 3 scid 0x006b
> > HCI Event: Number of Completed Packets(0x13) plen 5
> 01 2B 00 01 00
> > HCI Event: Max Slots Change(0x1b) plen 3
> 2B 00 05
> > HCI Event: Command Complete(0x0e) plen 6
> 01 0D 08 00 2B 00
> > ACL data: handle 0x002b flags 0x02 dlen 16
> L2CAP(s): Connect rsp: dcid 0x0041 scid 0x006b result 0 status 0
> < ACL data: handle 0x002b flags 0x02 dlen 12
> L2CAP(s): Config req: dcid 0x0041 flags 0x0000 clen 0
> > ACL data: handle 0x002b flags 0x02 dlen 16
> L2CAP(s): Config req: dcid 0x006b flags 0x0000 clen 4
> MTU 1691
> < ACL data: handle 0x002b flags 0x02 dlen 14
> L2CAP(s): Config rsp: scid 0x0041 flags 0x0000 result 0 clen 0
> > HCI Event: Number of Completed Packets(0x13) plen 5
> 01 2B 00 01 00
> > ACL data: handle 0x002b flags 0x02 dlen 14
> L2CAP(s): Config rsp: scid 0x006b flags 0x0000 result 0 clen 0
> < ACL data: handle 0x002b flags 0x02 dlen 8
> L2CAP(d): cid 0x41 len 4 [psm 3]
> RFCOMM(s): SABM: cr 1 dlci 0 pf 1 ilen 0 fcs 0x1c
> > HCI Event: Number of Completed Packets(0x13) plen 5
> 01 2B 00 01 00
> > HCI Event: Number of Completed Packets(0x13) plen 5
> 01 2B 00 01 00
> > ACL data: handle 0x002b flags 0x02 dlen 8
> L2CAP(d): cid 0x6b len 4 [psm 3]
> RFCOMM(s): UA: cr 1 dlci 0 pf 1 ilen 0 fcs 0xd7
> < ACL data: handle 0x002b flags 0x02 dlen 18
> L2CAP(d): cid 0x41 len 14 [psm 3]
> RFCOMM(s): PN CMD: cr 1 dlci 0 pf 0 ilen 10 fcs 0x70 mcc_len 8
> dlci 2 frame_type 0 credit_flow 15 pri 7 ack_timer 0 frame_size
> 667 max_retrans 0 credits 7
> > HCI Event: Number of Completed Packets(0x13) plen 5
> 01 2B 00 01 00
> > ACL data: handle 0x002b flags 0x02 dlen 18
> L2CAP(d): cid 0x6b len 14 [psm 3]
> RFCOMM(s): PN RSP: cr 0 dlci 0 pf 0 ilen 10 fcs 0xaa mcc_len 8
> dlci 2 frame_type 0 credit_flow 14 pri 7 ack_timer 0 frame_size
> 660 max_retrans 0 credits 7
> < ACL data: handle 0x002b flags 0x02 dlen 8
> L2CAP(d): cid 0x41 len 4 [psm 3]
> RFCOMM(s): SABM: cr 1 dlci 2 pf 1 ilen 0 fcs 0x59
> > HCI Event: Number of Completed Packets(0x13) plen 5
> 01 2B 00 01 00
>
>
> After entering code into PDA:
>
>
> > HCI Event: PIN Code Request(0x16) plen 6
> 68 75 1A 18 10 00
> < HCI Command: PIN Code Request Negative Reply(0x01|0x000e) plen 6
> 68 75 1A 18 10 00
> > HCI Event: Command Complete(0x0e) plen 10
> 01 0E 04 00 68 75 1A 18 10 00
> > HCI Event: Disconn Complete(0x05) plen 4
> 00 2A 00 05
yes, that is because your /etc/bluetooth/hcsecd.conf is screwed up
> From this point on I'm stuck. Googling 'PIN Code Request Negative
> Reply' didn't give me much useful information.
>
> Any assistance would be greatly appreciated. I've been very verbose in
> the information I've provided so hopefully I've given all the required
> details.
fix the hcsecd.conf and it should work.
> When the journey is over I'll be documenting and posting to my website
> what was necessary to get to where I wanted to be with Bluetooth, my
> phone, my PDA, my laptop and FreeBSD.
sigh... i wish people would stop putting freebsd/bluetooth stuff onto
their own web sites and instead put it info the freebsd handbook.
thanks,
max
p.s. bluetooth pan is not supported under freebsd
More information about the freebsd-bluetooth
mailing list