Grgsm scanner with saved date

[mazen atef]

Dears ,

Can i use the Grgsm scanner to scan for cells from a binary file that i already created from my HackRF SDR before instead of OsmoSdr as the source

If yes please give me some tips to do that

Thank you

Mazen Bassiouny

[mazen atef]

Dears,

Any answer to my question , i want some tips to know what is the output of the RTL source so i replace it with file

[Vasil Velichkov]

Hi Mazen Atef,

On Saturday, June 30, 2018 at 2:26:10 PM UTC+3, mazen atef wrote:

Dears,

Any answer to my question , i want some tips to know what is the output of the RTL source so i replace it with file

The output is complex numbers (32-bit floats for both I and Q) https://www.gnuradio.org/doc/doxygen/gr__complex_8h.html

[Piotr Krysik]

W dniu 30.06.2018 o 13:26, mazen atef pisze:

Hi Mazen,

You can take parts from the gr-gsm scanner (like wideband_receiver) and
do a version of the application that works with files. But requires
slightly more changes than just replacing hardware source of the samples
with a file.

--
Best Regards,
Piotr Krysik

[mazen atef]

Dear Piotr ,

I worked on a single frequency now (947.6Mhz) which i am sure it has a cell and tested with grgsm_scanner

1) i modified the grgsm_capture to scan this frequency and use the head block then the rotator to adjust the center freq and generate output file

2) i modified the wide band scanner to receive to set this file as input connected directly to wide band receiver and passes through the all scanner class

What i expect at least this scanner should scan this freq after searching on the all GSM900 band and passes normally through the receiver to generate the output

i did not get any errors but unfortunatly no output although it reads the output correctly.

please find attached my 2 modified codes and advise what is missing may be i have missunderstanding although i understood the scanner code blocks very well.

I will work on scanning the whole band from a file but after at least to can scan only one freq

[Vasil Velichkov]

Hi Mazen Atef,

On 3.07.2018 17:29, mazen atef wrote:

Dear Piotr ,

I worked on a single frequency now (947.6Mhz) which i am sure it has a cell and tested with grgsm_scanner

1) i modified the grgsm_capture to scan this frequency and use the head block then the rotator to adjust the center freq and generate output file

My advice is first to test with the original grgsm_capture and once the modified scanner is able to read from a cfile modify the grgsm_capture to increase the bandwidth.

2) i modified the wide band scanner to receive to set this file as input connected directly to wide band receiver and passes through the all scanner class

What i expect at least this scanner should scan this freq after searching on the all GSM900 band and passes normally through the receiver to generate the output

You need to pass the cfile name to do_scan function and then to the wideband_scanner constructor otherwise the cfile is None and it cannot open the file.
Similar modification is needed in grgsm_capture for the bandwidth parameter as well.

i did not get any errors but unfortunatly no output although it reads the output correctly.

To see the errors comment out lines 327 and 328

326             # put /dev/null fds on 1 and 2
327             #os.dup2(null_fds[0], 1)
328             #os.dup2(null_fds[1], 2)

$ ./grgsm_scanner -c delme.955.6M.cfile -v
linux; GNU C++ version 7.1.1 20170503 (Red Hat 7.1.1-1); Boost_106300; UHD_003.010.001.000-0-unknown


Args=
Bad address
Traceback (most recent call last):
  File "./grgsm_scanner", line 438, in <module>
    main()
  File "./grgsm_scanner", line 435, in main
    options.ppm, options.gain, options.args, prn = printfunc)
  File "./grgsm_scanner", line 334, in do_scan
    ppm=ppm, gain=gain, args=args)
  File "./grgsm_scanner", line 213, in __init__
    self.blocks_file_source_0 = blocks.file_source(gr.sizeof_gr_complex*1, self.cfile, False)
  File "/usr/lib64/python2.7/site-packages/gnuradio/blocks/blocks_swig0.py", line 1092, in make
    return _blocks_swig0.file_source_make(itemsize, filename, repeat)
RuntimeError: can't open file

please find attached my 2 modified codes and advise what is missing may be i have missunderstanding although i understood the scanner code blocks very well.

Please consider uploading your changes to github as this makes code review a lot easier and less time consuming or at least send an inline patch (git send-email) instead of the whole source files.
Also please post the exact commands you have used to test.

[mazen atef]

Hello Vesil ,

Thanks alot for your response

I worked more on the code and i used the normal grgsm_capture to generate the attached cfile on freqency 947.6 Mhz using below command:

#grgsm_capture -f 947.6e6 -g 32 -s 2e6 -c dock.cfile -T 7

then i worked on the grgsm-scanner to read this file and loop through GSM900 band but i got no results

The output is just looping and writing empty arguments as below :

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# grgsm_scanner -c dock.cfile -s 2e6 -g 32 -b GSM900 -v

Args=
Args=
Args=
Args=
Args=
Args=
Args=

below is cfile link

https://drive.google.com/open?id=1120C6guL6UtbMSemXYGnXktTbfEm11wg

Please support as i am so confused , thanks

below is the lnk to my fork ,, i pushed to the development repo

https://github.com/mazen-bassiouny/gr-gsm/blob/development/apps/grgsm_scanner

On Wednesday, June 27, 2018 at 5:09:59 PM UTC+2, mazen atef wrote:

[Vasil Velichkov]

Hi Mazen Atef,

On 4.07.2018 13:52, mazen atef wrote:
> I worked more on the code and i used the normal grgsm_capture to
> generate the attached cfile on freqency 947.6 Mhz using below command:
> #grgsm_capture -f 947.6e6 -g 32 -s 2e6 -c dock.cfile -T 7

> below is cfile link
> https://drive.google.com/open?id=1120C6guL6UtbMSemXYGnXktTbfEm11wg

This file does not contain any gsm cells so either you have used a
modified (broken) grgsm_capture or there is no cell on this frequency.
You could use grgsm_decode to validate whether you have captured correctly

    grgsm_decode -c dock.cfile -s 2e6 -f 947.6e6 -v

The output should not be empty (-v)

You could also use the QT GUI Sink block to check if there is a GSM cell
or not.

https://photos.app.goo.gl/d2wE5nVbgDVJxU477

and in your dock.cfile there is some signal on 947.2M but it does not
look like GSM cell because it is not ~200kHz wide.

[mazen atef]

Dear Vasil ,

Play have patience to help me on this ,

1)i captured alot of cells using grgsm scanner and i made sure that these cells exist using gqrx.

2) i choosed one center frequency of them and used grgsm-capture ( without any modification) and i captured arround this freq.

3) using grgsm-decode returned some numbers that means a cell is there

4) i modified my grgsm-scanner code to read this .c file and the results were like below

-- with commenting lines 327 and 328 (to see errors) the below results loops and same cell appears on all frequencies although that should not happens because my freq is (946.6 Mhz).

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# grgsm_scanner -c 946-6.cfile -s 2e6 -v
Args=
ARFCN:  975, Freq:  925.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -58
  |---- Configuration: 1 CCCH, not combined
  |---- Cell ARFCNs: 63, 76
  |---- Neighbour Cells: 57, 61, 70, 71, 72, 86, 113, 120, 121

ARFCN:  979, Freq:  926.0M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -60
  |---- Configuration: 1 CCCH, not combined
  |---- Cell ARFCNs: 57, 79
  |---- Neighbour Cells: 51, 52, 53, 61, 63, 71, 82, 115, 117, 119, 120, 124

Args=
ARFCN:  985, Freq:  927.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -58
  |---- Configuration: 1 CCCH, not combined
  |---- Cell ARFCNs: 63, 76
...............................................

These result continue and same cell info is there but at different frequencies (something with the loop i think !!)

5) i said maybe the file is readed without stop so i removed the comment from line 327 and 328 but i got no results at all.

Please advise what is going on .. what is missing on the scanning process that i do not understand

My code is below:

https://github.com/mazen-bassiouny/gr-gsm/blob/development/apps/grgsm_scanner

and the link below for the captured file

https://drive.google.com/open?id=1p51sMEX8clma89LfayTBVsiGveaIAXw5

[Vasil Velichkov]

Hi,

On 11.07.2018 14:40, mazen atef wrote:

4) i modified my grgsm-scanner code to read this .c file and the results were like below

-- with commenting lines 327 and 328 (to see errors) the below results loops and same cell appears on all frequencies although that should not happens because my freq is (946.6 Mhz).

Actually that's to be expected because the clock_offset_control block is used.

 86         self.msg_connect(self.gsm_clock_offset_control_0, 'ctrl', self.gsm_input_0, 'ctrl_in')
 89         self.msg_connect(self.gsm_receiver_0, 'measurements', self.gsm_clock_offset_control_0, 'measurements')

You could try to comment out these two lines but your device needs to have a stable clock.

Args=
ARFCN:  985, Freq:  927.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -58
  |---- Configuration: 1 CCCH, not combined
  |---- Cell ARFCNs: 63, 76
...............................................

These result continue and same cell info is there but at different frequencies (something with the loop i think !!)

Yes, it's because of the loop. When a cfile is specified you don't need this loop but instead you need to call the wideband_scanner only once with the cfile and a correct carrier_frequency (add it as a command line argument).

5) i said maybe the file is readed without stop so i removed the comment from line 327 and 328 but i got no results at all.

Please advise what is going on .. what is missing on the scanning process that i do not understand

The 946-6.cfile is pretty big, it contains 1min of samples ( 960000000 (bytes)  / 2 000 000 (samples per second)  / 8 (bytes per sample) = 60 seconds ) and because of this the scanner is a bit slow, you just need to wait a little longer or try with a shorter captures (2 - 5 seconds). Here I'm testing without the debug log and with 5 second cfile.

$ head -c $((2000000 * 8 * 5)) 946-6.cfile > short.cfile
$ time grgsm_scanner -c short.cfile

inux; GNU C++ version 7.1.1 20170503 (Red Hat 7.1.1-1); Boost_106300; UHD_003.010.001.000-0-unknown

ARFCN:  975, Freq:  925.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -58

ARFCN:  979, Freq:  926.0M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -63

ARFCN:  985, Freq:  927.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -58

ARFCN:  989, Freq:  928.0M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -63
ARFCN:  995, Freq:  929.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -56
ARFCN:  999, Freq:  930.0M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -60
ARFCN:   20, Freq:  939.0M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -56
ARFCN:   24, Freq:  939.8M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -60
ARFCN:   30, Freq:  941.0M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -56
ARFCN:   34, Freq:  941.8M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -60
^C
real    0m29,294s
user    1m19,567s
sys    0m3,452s

With your other 2 second capture it finishes a lot faster

$ time grgsm_scanner -c 946-6-2.cfile

linux; GNU C++ version 7.1.1 20170503 (Red Hat 7.1.1-1); Boost_106300; UHD_003.010.001.000-0-unknown

ARFCN:  975, Freq:  925.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -63
ARFCN:  985, Freq:  927.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -63
....................
ARFCN:  110, Freq:  957.0M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -63
ARFCN:  120, Freq:  959.0M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -63

real    1m25,709s
user    3m7,637s
sys    0m7,005s

[mazen atef]

Dear Vasil ,

1)but that is not what i want to do ,, i want to scan the whole band as the normal scanner does , i do not want to specify the center frequency then it will not be a band scanner .... now yes i work only on 1 center freq but i will edit on the capture app or create new one to capture the whole band not only 1 200 or 400 khz ,, so i want the loop of the all ARFCNs in the band to be there ,,,

2) i do not know how you get results without the debug log as for me it does not work as below

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# time grgsm_scanner -c 946-6-2.cfile
real    0m49.820s
user    2m10.887s
sys    0m3.512s

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# time grgsm_scanner -c 946-6.cfile -v -b GSM900

real    6m18.350s
user    23m5.753s
sys    0m30.407s
3) when i removed the clock offset i did not get any results with or without the debug log (no results at all)

4) if i read the file only once so it will search only on the center freq .. how can i make it search on all the band (normal wide band scanner )

i also do not know why it repeats ( the clock offset is only in reciever with decoder ) as the input of it is after the channelizer .. i nead to organise the idea and i hope you understand what i need to do and advice

[Vasil Velichkov]

Hi,

On 13.07.2018 16:44, mazen atef wrote:

1)but that is not what i want to do ,, i want to scan the whole band as the normal scanner does , i do not want to specify the center frequency then it will not be a band scanner .... now yes i work only on 1 center freq but i will edit on the capture app or create new one to capture the whole band not only 1 200 or 400 khz ,, so i want the loop of the all ARFCNs in the band to be there ,,,

In how many files do you plan to capture the whole band?

2) i do not know how you get results without the debug log as for me it does not work as below

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# time grgsm_scanner -c 946-6-2.cfile
real    0m49.820s
user    2m10.887s
sys    0m3.512s

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# time grgsm_scanner -c 946-6.cfile -v -b GSM900

real    6m18.350s
user    23m5.753s
sys    0m30.407s

The two lines that you comment out to get the debug/error log just forward the standard output and error logs to the /dev/null and the result is printed after the output is redirected back to the console so make sure the second redirection is not commented out.

363             # restore file descriptors so we can print the results
364             os.dup2(save[0], 1)
365             os.dup2(save[1], 2)

3) when i removed the clock offset i did not get any results with or without the debug log (no results at all)

That's expected as either the center frequency is not correct and/or your device does not have a stable clock.

4) if i read the file only once so it will search only on the center freq

No, it uses a channalizer to process all the channels in the file and that is why its important to specify the center frequency together with the sampling rate, and because of this you don't need the outer loop (313         while current_freq < stop_freq) as it could channelize and process the whole file in one run.

[mazen atef]

Hello Vasil, 

Thanks for your response, i will try your advice. 

For the capture file   if i want to capture the whole GSM900 band in one file with for example 2e6 sampling rate,, by editing the static bandwidth (400 khz),in the capture file to editable bandwidth parameter.,and choose the correct center freq to cover the whole band,, is that possible? How long should be the time of capture? 

--
You received this message because you are subscribed to the Google Groups "gr-gsm" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gr-gsm+un...@googlegroups.com.
To post to this group, send email to gr-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gr-gsm/94adb874-3776-706e-1427-d2b0c5c1e16b%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Vasil Velichkov]

Hi,

On 13.07.2018 20:46, mazen atef wrote:
> For the capture file   if i want to capture the whole GSM900 band in
> one file with for example 2e6 sampling rate,

To capture the whole GSM900 band you need to use with at least 34.6e6
sampling rate (959.8MHz - 925.2MHz = 34.6 Mhz) and then you'll most
probably need some oversampling so it will be better to capture with
even bigger sampling rate.

> by editing the static bandwidth (400 khz),in the capture file to
> editable bandwidth parameter.

I don't understand this part.

> How long should be the time of capture?

In grgsm_capture the default is 2 seconds  (rec_len=6 - speed) , the
minimum is 1 and maximum is 6 (--speed=SPEED         Scan speed
[default=4]. Value range 0-5.)

[mazen atef]

Dear Vasil,

Kindly check what i have done and advise where is the problem as i tried alot to find it

1)as we discussed in grgsm_scanner i removed the clock offset block and also the outer loop of frequency search and added the center frequency as an argument for the wide bank scanner ,,when i did that i got no results

2)i also tried to modify the grgsm_capture to add bandwidth parameter to catch larger bandwidth ,i captured 10 Mhz (5Mhz to the left and right of center freq which is 942M if i remember) with sampling rate once 10; and once 12 M and that is ok because i use hackrf ,

3) then i also tried to scan this file using my modified grgsm scanner but nothing also , i checked the channels using gqrx and also using the default grgsm-scanner and there were cells as below:

ARFCN: 1001, Freq:  930.4M, CID:     0, LAC: 36160, MCC: 262, MNC:   3, Pwr: -65
ARFCN: 1003, Freq:  930.8M, CID: 22809, LAC: 36160, MCC: 262, MNC:   3, Pwr: -64
ARFCN: 1023, Freq:  934.8M, CID: 42809, LAC: 36160, MCC: 262, MNC:   3, Pwr: -58
ARFCN: 1023, Freq:  934.8M, CID: 42809, LAC: 36160, MCC: 262, MNC:   3, Pwr: -59
ARFCN:   10, Freq:  937.0M, CID:     0, LAC:  4280, MCC: 262, MNC:   2, Pwr: -64
ARFCN:   37, Freq:  942.4M, CID:  1892, LAC:  4280, MCC: 262, MNC:   2, Pwr: -64
ARFCN:   65, Freq:  948.0M, CID:     0, LAC: 38688, MCC: 262, MNC:   1, Pwr: -65
ARFCN:   80, Freq:  951.0M, CID: 50680, LAC: 38688, MCC: 262, MNC:   1, Pwr: -60
ARFCN:   86, Freq:  952.2M, CID:     0, LAC: 38688, MCC: 262, MNC:   1, Pwr: -64
ARFCN:  121, Freq:  959.2M, CID: 10022, LAC: 38688, MCC: 262, MNC:   1, Pwr: -57

4) please chech my 2 codes for the capture and the scanner and tell me what is wrong , i am trying all the ways to make it work ,

i commited the grgsm-scanner to the development branch and below is the link

https://github.com/mazen-bassiouny/gr-gsm/blob/development/apps/grgsm_scanner

and i coomoited the capture code below link :

https://github.com/mazen-bassiouny/gr-gsm/blob/development/apps/helpers/grgsm_capture

please use the capture file to capture with any bandwidth you need and test it and give me your feedbackplease as i cannot upload the captured files (very large)

Thanks alot please help

[Vasil Velichkov]

Hi Mazen Atef,

$grgsm_scanner -c 946-6.cfile -q 946.6e6
linux; GNU C++ version 8.0.1 20180207 (Red Hat 8.0.1-0.12); Boost_106600; UHD_003.010.003.000-0-unknown

Traceback (most recent call last):

  File "/home/vasko/sources/gr-gsm/usr/bin/grgsm_scanner", line 428, in <module>
    main()
  File "/home/vasko/sources/gr-gsm/usr/bin/grgsm_scanner", line 425, in main
    options.ppm, options.gain,options.cfile, options.args, prn = printfunc)
  File "/home/vasko/sources/gr-gsm/usr/bin/grgsm_scanner", line 327, in do_scan
    carrier_frequency=fc,
NameError: global name 'fc' is not defined

You need to spend some more time debugging your code.

--

You received this message because you are subscribed to the Google Groups "gr-gsm" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gr-gsm+un...@googlegroups.com.
To post to this group, send email to gr-...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/gr-gsm/1f345d55-2e2c-4d30-8580-ccbea4fe3ce6%40googlegroups.com.

[mazen atef]

Dear Vasil ,

i am very sorry i submitted the wrong code . i am already working on it days and nights , please check the below code again is the correct one , and please do not try it with this file (946-2.cfile) , try it with another file that you already have please as it works only with this file as it is single channel as below

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# grgsm_scanner -c 946-6-2.cfile -q 946.6e6

Args=
ARFCN:  975, Freq:  925.2M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -63

root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# grgsm_scanner -c 951.cfile -q 951e6

Args=
root@mazen-ThinkPad-T440p:/usr/local/src/gr-gsm/apps/helpers# grgsm_scanner -c 10M-test.cfile -s 12e6 -q 940e6

Args=

please try with other files , and sorry again for bothering

this is the code

https://github.com/mazen-bassiouny/gr-gsm/blob/development/apps/grgsm_scanner

[Vasil Velichkov]

On 07/16/2018 05:33 PM, mazen atef wrote:
> i am very sorry i submitted the wrong code . i am already working on
> it days and nights ,

Software development is not easy, I know.

> and please do not try it with this file (946-2.cfile) , try it with
> another file that you already have please as it works only with this
> file as it is single channel as below

What do you mean by "single channel"? There are two cells in this file -
the first one on 945.8MHz and the second on 946.6MHz (the center frequency)

> please try with other files , and sorry again for bothering

I'm traveling so don't have access to my SDR right now and I can't test
the modified capture,  but here is a test result using a cfile from
https://github.com/ptrkrysik/gr-gsm/issues/408#issuecomment-394095732

$ ll -h *.cfile
-rw-rw-r--. 1 vasko vasko 1.6G Jun  4 21:05
943.6MHz_ARFCN43_sample2M_g40.cfile

First  I need to cut it as the file is too big

$ head -c $((10 * 8 * 2000000)) 943.6MHz_ARFCN43_sample2M_g40.cfile
> short.cfile
$ grgsm_scanner -c ./short.cfile -q 943.6e6

linux; GNU C++ version 8.0.1 20180207 (Red Hat 8.0.1-0.12);
Boost_106600; UHD_003.010.003.000-0-unknown

Args=
ARFCN:   43, Freq:  943.6M, CID: 10691, LAC: 11613, MCC: 452, MNC:  
4, Pwr: -27
ARFCN:   45, Freq:  944.0M, CID:  3181, LAC: 11613, MCC: 452, MNC:  
4, Pwr: -37

The only change I did is

diff --git a/apps/grgsm_scanner b/apps/grgsm_scanner
index 5b0da27..51de5c6 100755
--- a/apps/grgsm_scanner
+++ b/apps/grgsm_scanner
@@ -340,7 +340,7 @@ def do_scan(samp_rate,fc, band, speed, ppm,
gain,cfile, args, prn = None):

        if detected_c0_channels:
                chans =
numpy.array(scanner.gsm_extract_system_info.get_chans())
-                found_freqs = current_freq + freq_offsets[(chans)]
+                found_freqs = fc + freq_offsets[(chans)]

                 cell_ids =
numpy.array(scanner.gsm_extract_system_info.get_cell_id())
                 lacs =
numpy.array(scanner.gsm_extract_system_info.get_lac())


Without this the reported frequency and ARFCN are wrong.

[mazen atef]

Dear Vasil,

I think now i am done with the scanner code and that is all thanks to you and you help all the time.

The only thing missing now and confusing , i want to capture large bandwidth (10Mhz) for example .. so the only line in the capture app is the blow one

  self.shiftoff = shiftoff = 400e3

  self.rtlsdr_source.set_bandwidth(250e3+abs(shiftoff), 0)

- what i undertand is that you set the bandwidth to 250khz which is channel BW plus (50khz which i do not know :d) and the shifftoff is to start the caputuring earlier to get the right and the left part arround the center freq.

Now i changed the 250khz to be 1Mhz and 2Mhz , with different sampling rates from 2MS/s to 14MS/s and i get the same results also for the 250khz

For example : below are the cells in my area and when i capture with center freq 946.4M , i get only the two cells in (946.6 and 947.6) although it should capture and return more cells if i increase the bandwidth and sampling rate and also time of capturing.... i want to understand the relation between sampling rate and bandwidth and time of capture and how can i approch to return more cells.

ARFCN:  995, Freq:  929.2M, CID: 26821, LAC: 36150, MCC: 262, MNC:   3, Pwr: -60
ARFCN: 1006, Freq:  931.4M, CID:  9058, LAC: 36150, MCC: 262, MNC:   3, Pwr: -65
ARFCN: 1010, Freq:  932.2M, CID:  6822, LAC: 36150, MCC: 262, MNC:   3, Pwr: -59
ARFCN: 1017, Freq:  933.6M, CID: 46821, LAC: 36150, MCC: 262, MNC:   3, Pwr: -50
ARFCN:   19, Freq:  938.8M, CID: 19401, LAC:  4291, MCC: 262, MNC:   2, Pwr: -60
ARFCN:   29, Freq:  940.8M, CID: 19401, LAC:  4291, MCC: 262, MNC:   2, Pwr: -56
ARFCN:   53, Freq:  945.6M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -48
ARFCN:   57, Freq:  946.4M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -41
ARFCN:   63, Freq:  947.6M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -21
ARFCN:   67, Freq:  948.4M, CID:  3322, LAC: 38722, MCC: 262, MNC:   1, Pwr: -51
ARFCN:   73, Freq:  949.6M, CID: 13522, LAC: 38722, MCC: 262, MNC:   1, Pwr: -54
ARFCN:  110, Freq:  957.0M, CID:     0, LAC: 38722, MCC: 262, MNC:   1, Pwr: -45
ARFCN:  120, Freq:  959.0M, CID: 13622, LAC: 38722, MCC: 262, MNC:   1, Pwr: -37

[Vasil Velichkov]

Hi Mazen Atef,

On 07/17/2018 01:29 PM, mazen atef wrote:

I think now i am done with the scanner code

Some of the old code is commented out so it needs some more work to integrate the new feature in a way that does not break anything that was working before.
Once you do this you could open your first pull request to include your changes in the main repository.

The only thing missing now and confusing , i want to capture large bandwidth (10Mhz) for example .. so the only line in the capture app is the blow one

  self.shiftoff = shiftoff = 400e3

  self.rtlsdr_source.set_bandwidth(250e3+abs(shiftoff), 0)

- what i undertand is that you set the bandwidth to 250khz which is channel BW plus (50khz which i do not know :d) and

From https://en.wikipedia.org/wiki/Um_interface#Radio_modem

GSM uses GMSK or 8PSK modulation with 1 bit per symbol which produces a 13/48 MHz (270.833 kHz or 270.833 K symbols/second) symbol rate and a channel spacing of 200 kHz

Now I don't know why 250 and not 270.833

the shifftoff is to start the caputuring earlier to get the right and the left part arround the center freq.

Some SDR devices have large spike on the center frequency and capturing with an offset is one of the possible solutions.

https://nuand.com/forums/viewtopic.php?t=3510
https://www.rtl-sdr.com/removing-that-center-frequency-dc-spike-in-gnuradio-the-easy-way/

Now i changed the 250khz to be 1Mhz and 2Mhz , with different sampling rates from 2MS/s to 14MS/s and i get the same results also for the 250khz

You need to pass the custom_bandwidth parameter to the grgsm_capture constructor similar to all other command line arguments. And remember that the command line arguments are not stored in a global variables so you need to pass them explicitly.

[mazen atef]

Dear Vasil,

thank you for your response.

But i already said maybe i have problems with passing the arguments.. so for testing i changed the 250 Khz bandwidth of the RTLsdr in capture mode to (1M and 2M and 10 M ) manually without any added arguments and rebuild the app ,, and i got the same results .. just the 2 cells near to the center frequency (1Mhz difference between them ) .. am i missing something ? , should i add something else in the capture code rather than changing the bandwidth ?

[Vasil Velichkov]

Hi,

On 07/19/2018 03:22 PM, mazen atef wrote:

But i already said maybe i have problems with passing the arguments..

Sorry, I somehow missed that.

so for testing i changed the 250 Khz bandwidth of the RTLsdr in capture mode to (1M and 2M and 10 M ) manually without any added arguments and rebuild the app ,, and i got the same results .. just the 2 cells near to the center frequency (1Mhz difference between them ) .. am i missing something ? , should i add something else in the capture code rather than changing the bandwidth ?

It turns out the set_bandwidth is hardware specific and has been implemented differently

For HackRF : https://github.com/osmocom/gr-osmosdr/blob/c98be5dd9d740466197454842092a43f58b70e43/lib/hackrf/hackrf_source_c.cc#L724-L744

724 double hackrf_source_c::set_bandwidth( double bandwidth, size_t chan )
725 {
726   int ret;
727 //  osmosdr::freq_range_t bandwidths = get_bandwidth_range( chan );
728
729   if ( bandwidth == 0.0 ) /* bandwidth of 0 means automatic filter selection */
730     bandwidth = _sample_rate * 0.75; /* select narrower filters to prevent aliasing */
731
732   if ( _dev ) {
733     /* compute best default value depending on sample rate (auto filter) */
734     uint32_t bw = hackrf_compute_baseband_filter_bw( uint32_t(bandwidth) );
735     ret = hackrf_set_baseband_filter_bandwidth( _dev, bw );
736     if ( HACKRF_SUCCESS == ret ) {
737       _bandwidth = bw;
738     } else {
739       HACKRF_THROW_ON_ERROR( ret, HACKRF_FUNC_STR( "hackrf_set_baseband_filter_bandwidth", bw ) )
740     }
741   }
742
743   return _bandwidth;

So it computes a value based on the sample rate and specified bandwidth, set a baseband filter (whatever that means :) ) and returns the value.
Log the returned value in grgsm_caputre and test with different sample rates and bandwidths to determine what values it sets for different input arguments, I don't have HackRF so I can't test this.

Also to simplify things try with 0 bandwidth as in this case it should set it to 75% of the sampling rate, so when testing you will need to change only the sampling rate.

See also :
https://github.com/mossmann/hackrf/wiki/libHackRF-API#hackrf-set-baseband-filter-bandwidth
https://github.com/mossmann/hackrf/wiki/libHackRF-API#hackrf-compute-baseband-filter-bw

For UHD devices : https://github.com/osmocom/gr-osmosdr/blob/c98be5dd9d740466197454842092a43f58b70e43/lib/uhd/uhd_source_c.cc#L370-L375

370 double uhd_source_c::set_bandwidth( double bandwidth, size_t chan )
371 {
372   _src->set_bandwidth(bandwidth, chan);
373
374   return _src->get_bandwidth(chan);
375 }

It dose not compute anything but just set the specified value.

https://www.gnuradio.org/doc/doxygen/classgr_1_1uhd_1_1usrp__block.html#ad6e22e5d5c6a118d3581641d7a3323b5