Date: Wed, 21 May 2003 08:25:11 +0200 (CEST) From: Pav Lucistnik <pav@oook.cz> To: FreeBSD-gnats-submit@FreeBSD.org Subject: docs/52514: Handbook: new chapter about Bluetooth Message-ID: <200305210625.h4L6PBQk006234@pav.oook.cz> Resent-Message-ID: <200305210630.h4L6U1lo069064@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 52514 >Category: docs >Synopsis: Handbook: new chapter about Bluetooth >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Tue May 20 23:30:00 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Pav Lucistnik >Release: FreeBSD 5.1-BETA i386 >Organization: >Environment: System: FreeBSD pav.oook.cz 5.1-BETA FreeBSD 5.1-BETA #1: Tue May 20 21:30:57 CEST 2003 root@pav.oook.cz:/usr/obj/usr/src/sys/PAV i386 >Description: This is new chapter for Handbook, covering usage of The Bluetooth stack on coming 5.1-RELEASE. It's based on my Bluetooth on FreeBSD webpage. It was reviewed and approved by Maksim Yevmenkin, author of Bluetooth code. Then it was review by Christian Brueffer (brueffer@). We'd like to get a review by at least one docproj elder before brueffer commits it. Another question is where this should go. brueffer@ suggests after Wireless Networking chapter, I suggest putting it after IPv6 as a last chapter of Advanced networking. Apply to /usr/doc/en_US.ISO8859-1/books/handbook/advanced-networking >How-To-Repeat: >Fix: --- chapter.sgml.orig Tue May 20 21:11:44 2003 +++ chapter.sgml Tue May 20 23:15:03 2003 @@ -6687,6 +6687,388 @@ support AAAA records.</para> </sect2> </sect1> + + <sect1 id="network-bluetooth"> + <sect1info> + <authorgroup> + <author> + <firstname>Pav</firstname> + <surname>Lucistnik</surname> + <contrib>Written by </contrib> + <affiliation> + <address><email>pav@oook.cz</email></address> + </affiliation> + </author> + </authorgroup> + </sect1info> + <title>Bluetooth</title> + + <sect2> + <title>Introduction</title> + <para>Bluetooth is a wireless technology for creating personal networks + operating in the 2.4 GHz unlicensed band, with a range of 10 meters. + Networks are usually formed ad-hoc from portable devices like mobile + phones, handhelds and laptops. Unlike the other popular wireless + technology, Wi-Fi, Bluetooth offers higher level service profiles, + e.g. FTP-like file servers, file pushing, voice transport, serial + line emulation and more.</para> + + <para>The Bluetooth stack in FreeBSD is implemented using Netgraph. + A Broad variety of USB dongles is supported by the &man.ng.ubt.4; driver. + The 3Com PC Card 3CRWB60-A is supported by the &man.ng.bt3c.4; driver. + Serial and UART based Bluetooth devices are supported via + &man.ng.h4.4; and &man.hcseriald.8;. This chapter describes using + a USB Bluetooth dongle. Bluetooth support is available only on + FreeBSD 5.0 and newer systems.</para> + </sect2> + + <sect2> + <title>Plugging in the Device</title> + <para>Device drivers are by default available as kernel modules. + Before attaching a device, you need to load the driver into the + kernel:</para> + + <screen>&prompt.root; <userinput>kldload ng_ubt</userinput></screen> + + <para>If the Bluetooth device is present in the system during system + startup, load the module from <filename>/boot/loader.conf</filename>:</para> + + <programlisting>ng_ubt_load="YES"</programlisting> + + <para>Plug in your USB dongle. Similar output will appear on the console + (or in syslog):</para> + + <screen>ubt0: vendor 0x0a12 product 0x0001, rev 1.10/5.25, addr 2 +ubt0: Interface 0 endpoints: interrupt=0x81, bulk-in=0x82, bulk-out=0x2 +ubt0: Interface 1 (alt.config 5) endpoints: isoc-in=0x83, isoc-out=0x3; + wMaxPacketSize=49; nframes=6, buffer size=294</screen> + + <para>Copy <filename>/usr/src/share/examples/netgraph/bluetooth/rc.bluetooth</filename> + to some convenient place, like <filename>/etc/rc.bluetooth</filename>. + This script is used to start and stop the Bluetooth stack. It is a good idea + to stop the stack before unplugging the device, but it is not (usually) + fatal. When starting the stack, you will receive output similar to this:</para> + + <screen>&prompt.root; <userinput>/etc/rc.bluetooth start ubt0</userinput> +BD_ADDR: 00:02:72:00:d4:1a +Features: 0xff 0xff 0xf 00 00 00 00 00 +<3-Slot> <5-Slot> <Encryption> <Slot offset> +<Timing accuracy> <Switch> <Hold mode> <Sniff mode> +<Park mode> <RSSI> <Channel quality> <SCO link> +<HV2 packets> <HV3 packets> <u-law log> <A-law log> <CVSD> +<Paging scheme> <Power control> <Transparent SCO data> +Max. ACL packet size: 192 bytes +Number of ACL packets: 8 +Max. SCO packet size: 64 bytes +Number of SCO packets: 8</screen> + + </sect2> + + <sect2> + <title>HCI and Inquiry</title> + + <para>Now it is time to discover some nearby bluetooth devices. + Discovering devices and many other interesting tasks is done with + the &man.hccontrol.8; utility. You will receive a list of discoverable + devices in a few seconds:</para> + + <screen>&prompt.user; <userinput>hccontrol -n ubt0hci inquiry</userinput> +Inquiry result, num_responses=1 +Inquiry result #0 + BD_ADDR: 00:80:37:29:19:a4 + Page Scan Rep. Mode: 0x1 + Page Scan Period Mode: 00 + Page Scan Mode: 00 + Class: 52:02:04 + Clock offset: 0x78ef +Inquiry complete. Status: No error [00]</screen> + + <para>BD_ADDR is the unique address of a bluetooth device, similar to MAC + addresses of network cards. This address is needed for further + communication with a device. Let us try to read the device's name:</para> + + <screen>&prompt.user; <userinput>hccontrol -n ubt0hci remote_name_request 00:80:37:29:19:a4 0 0 0</userinput> +BD_ADDR: 00:80:37:29:19:a4 +Name: Pav's T39</screen> + + <para>If you perform a discovery on a different bluetooth device, it will find + your computer as <quote>your.host.name (ubt0)</quote>.</para> + + <para>You can list active baseband connections:</para> + + <screen>&prompt.user; <userinput>hccontrol -n ubt0hci read_connection_list</userinput> +Remote BD_ADDR Handle Type Mode Role Encrypt Pending Queue State +00:80:37:29:19:a4 41 ACL 0 MAST NONE 0 0 OPEN</screen> + + <para>Handle is useful for manually disconnecting a connection:</para> + + <screen>&prompt.root; <userinput>hccontrol -n ubt0hci disconnect 41</userinput> +Connection handle: 41 +Reason: Connection terminated by local host [0x16]</screen> + + <para>Refer to <command>hccontrol help</command> for a complete listing of + available commands. Note that the majority of commands does not require + superuser privileges.</para> + + </sect2> + + <sect2> + <title>L2CAP</title> + + <para>L2CAP is a higher level of connection in Bluetooth standards. + A useful command is &man.l2ping.8;, which can be used to ping + other devices. Some devices might not return all of the data + send to them, so <emphasis>0 bytes</emphasis> as in this example + is a normal state.</para> + + <screen>&prompt.root; <userinput>l2ping -a 00:80:37:29:19:a4</userinput> +0 bytes from 0:80:37:29:19:a4 seq_no=0 time=48.633 ms result=0 +0 bytes from 0:80:37:29:19:a4 seq_no=1 time=37.551 ms result=0 +0 bytes from 0:80:37:29:19:a4 seq_no=2 time=28.324 ms result=0 +0 bytes from 0:80:37:29:19:a4 seq_no=3 time=46.150 ms result=0</screen> + + <para>The &man.l2control.8; utility is used to configure L2CAP nodes + and read their state. This example shows file transfer to a Palm + handheld:</para> + + <screen>&prompt.user; <userinput>l2control -a 00:02:72:00:d4:1a read_channel_list</userinput> +L2CAP channels: +Remote BD_ADDR SCID/ DCID PSM IMTU/ OMTU State +00:07:e0:00:0b:ca 66/ 64 3 132/ 672 OPEN +&prompt.user; <userinput>l2control -a 00:02:72:00:d4:1a read_connection_list</userinput> +L2CAP connections: +Remote BD_ADDR Handle Flags Pending State +00:07:e0:00:0b:ca 41 O 0 OPEN</screen> + + <para>Another diagnostic tool is &man.btsockstat.1;. It does a similar + job as &man.netstat.1; does, but for Bluetooth sockets, logical + connections on top of baseband connections. The example output shows + the same connection as l2control above:</para> + + <screen>&prompt.user; <userinput>btsockstat</userinput> +Active L2CAP sockets +PCB Recv-Q Send-Q Local address/PSM Foreign address CID State +c2afe900 0 0 00:02:72:00:d4:1a/3 00:07:e0:00:0b:ca 66 OPEN +Active RFCOMM sessions +L2PCB PCB Flag MTU Out-Q DLCs State +c2afe900 c2b53380 1 127 0 Yes OPEN +Active RFCOMM sockets +PCB Recv-Q Send-Q Local address Foreign address Chan DLCI State +c2e8bc80 0 250 00:02:72:00:d4:1a 00:07:e0:00:0b:ca 3 6 OPEN</screen> + + </sect2> + + <sect2> + <title>Pairing of Devices</title> + + <para>By default, Bluetooth communication is not authorized and any device + can talk to any other device. Some devices, like mobile phones, require + authentication for some functionality, like Internet connections. This + is done with PIN numbers - you enter the same (up to 16 digits long) + number on both devices. This operation is called <emphasis>pairing</emphasis>. + The daemon that answers pairing requests is &man.hcsecd.8;. Copy + <filename>/usr/src/usr.sbin/bluetooth/hcsecd/hcsecd.conf</filename> + to <filename>/usr/local/etc</filename> and edit it. The following is an + example section for a mobile phone, with the PIN arbitrarily set to 1234:</para> + + <programlisting>device { + bdaddr 00:80:37:29:19:a4; + name "Pav's T39"; + key nokey; + pin "1234"; +}</programlisting> + + <para>You can choose any PIN you like. Note that some devices, like + headsets, have a fixed PIN built in. Start <command>hcsecd -d</command>. + The <option>-d</option> switch forces the daemon to stay in the + terminal and not fork to the background, so we can see what is happening. + Set the remote device to receive pairing and initiate the HCI connection + to the remote device. The remote device should say that pairing was + accepted, and let you enter the PIN. Enter the same PIN as you have in your + <filename>hcsecd.conf</filename>. Now your PC and remote device are paired. + Alternatively, you can initiate pairing on the remote device. + This will appear in the <command>hcsecd</command> output:</para> + +<programlisting>hcsecd[16484]: Got Link_Key_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4 +hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', link key doesn't exist +hcsecd[16484]: Sending Link_Key_Negative_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4 +hcsecd[16484]: Got PIN_Code_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4 +hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', PIN code exists +hcsecd[16484]: Sending PIN_Code_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4</programlisting> + + </sect2> + + <sect2> + <title>Service Discovery Protocol (SDP)</title> + <para>If you want to know which services a Bluetooth device offers, and + on which RFCOMM channels, build <application>libbluetooth</application> + and <application>sdp-1.0rc3</application> from <ulink + url="http://www.geocities.com/m_evmenkin/">Maksim Evmenkin's + snapshot</ulink>. Then, run <application>sdptool</application> and + observe (the output is snipped a bit, as this tool is quite talky):</para> + + <screen>&prompt.root; <userinput>sdptool browse 00:80:37:29:19:a4</userinput> +Browsing 00:80:37:29:19:A4 ... +Service Name: Dial-up Networking +Protocol Descriptor List: + "L2CAP" (0x0100) + "RFCOMM" (0x0003) + Channel: 1 + +Service Name: Fax +Protocol Descriptor List: + "L2CAP" (0x0100) + "RFCOMM" (0x0003) + Channel: 2 + +Service Name: Voice gateway +Service Class ID List: + "Headset Audio Gateway" (0x1112) + "Generic Audio" (0x1203) +Protocol Descriptor List: + "L2CAP" (0x0100) + "RFCOMM" (0x0003) + Channel: 3 +</screen> + + <para>... and so on. You will need the channel number later for using + a given service. Some devices do not support browsing, they return + an empty list, but you can try searching for a specific service.</para> + + <screen>&prompt.root; <userinput>sdptool search --bdaddr 00:07:e0:00:0b:ca OPUSH</userinput></screen> + + <para>Offering services on FreeBSD to other devices is done using the + <application>sdpd</application> server.</para> + <screen>&prompt.root; <userinput>sdpd</userinput></screen> + + <para>Registering a given Bluetooth service to a RFCOMM channel number:</para> + <screen>&prompt.root; <userinput>sdptool add --channel=7 LAN</userinput></screen> + + <para>Checking services offered by our computer:</para> + <screen>&prompt.root; <userinput>sdptool browse ff:ff:ff:00:00:00</userinput></screen> + </sect2> + + <sect2> + <title>Dial-up Networking (DUN) and Local Area Network (LAN)</title> + + <para>Bluetooth can be used for connecting to the Internet, either over + PPP (mobile phones) or the local network (access points). The Dial-up Networking + profile on FreeBSD is implemented with &man.ppp.8; and + &man.rfcomm.pppd.8;, a wrapper that converts RFCOMM Bluetooth connections + to something ppp can operate with. Create ppp labels in + <filename>/etc/ppp/ppp.conf</filename>, examples from the &man.rfcomm.pppd.8; + manual page can be used.</para> + + <para>Connecting to the Internet through a mobile phone (DUN profile). First, find + out the correct RFCOMM channel on the remote device using + <application>sdptool</application>. Then, use &man.rfcomm.pppd.8;:</para> + + <screen>&prompt.root; <userinput>rfcomm_pppd -a 00:80:37:29:19:a4 -c -C 1 -l rfcomm-dialup</userinput></screen> + + <para>Running a Bluetooth access point on FreeBSD. First, register a + RFCOMM channel for LAN service on the local <application>sdpd</application>. + Then, start the ppp server. Use BD_ADDR of the local Bluetooth device and + the channel number registered with <application>sdpd</application>.</para> + + <screen>&prompt.root; <userinput>rfcomm_pppd -a 00:02:72:00:d4:1a -s -C 7 -l rfcomm-server</userinput></screen> + + </sect2> + + <sect2> + <title>OBEX Push (OPUSH)</title> + <para>OBEX is a widely used protocol for simple file transfers between + mobile devices. It's main use is in infrared communication, where it is + used for generic file transfers between notebooks or Palm handhelds, + and for sending business cards or calendar entries between mobile + phones and other devices with PIM applications.</para> + + <para>The OBEX client is implemented in the + <application>obexapp</application> utility from <ulink + url="http://www.geocities.com/m_evmenkin/">Maksim Evmenkin's + snapshot</ulink>. It needs the <application>openobex</application> + library from same package and the + <filename role="package">devel/glib12</filename> port. Note that + <application>obexapp</application> does not require root privileges + to operate.</para> + + <para>OBEX client. First, find which channel on the remote device is IrMC + Synchronization or OBEX Object Push. After that, use + <application>obexapp</application>. Here is an example session where + we download a file (device info from a mobile phone) and send + a file (business card to the phone's directory):</para> + + <screen>&prompt.user; <userinput>obexapp -a 00:80:37:29:19:a4 -C 10</userinput> +obex> get +get: remote file> telecom/devinfo.txt +get: local file> devinfo-t39.txt +Success, response: OK, Success (0x20) +obex> put +put: local file> new.vcf +put: remote file> new.vcf +Success, response: OK, Success (0x20) +obex> di +Success, response: OK, Success (0x20)</screen> + + <para>OBEX server. First, register the OPUSH service with the local + <application>sdpd</application>. If OPUSH does not work, + you can try the FTRN service instead. Then, start the OBEX daemon + using the channel number registered with sdpd:</para> + + <screen>&prompt.root; <userinput>obexapp -s -C 10</userinput></screen> + + <para>Received files will appear in <filename>/var/spool/obex</filename>. + This can be overriden with the <option>-r</option> switch. Make sure + the directory exists, <application>obexapp</application> will not + create it. On a typical workstation with a single user it is useful + to set a default owner of received files. See obexapp(1) + for details.</para> + + </sect2> + + <sect2> + <title>Serial Port Profile (SP)</title> + <para>Bluetooth can be used to emulate serial port connections. + To connect to a remote device, first locate the RFCOMM channel with the + Serial Port profile. Then, start the Serial Port Profile Daemon + &man.rfcomm.sppd.1; with a free pseudo tty:</para> + + <screen>&prompt.root; <userinput>rfcomm_sppd -a 00:07:E0:00:0B:CA -c 1 -t /dev/ttyp6</userinput> +rfcomm_sppd[94692]: Starting on /dev/ttyp6...</screen> + + <para>Now connect this pseudo tty to your actual terminal:</para> + + <screen>&prompt.root; <userinput>cu -l ttyp6</userinput></screen> + + </sect2> + + <sect2> + <title>Troubleshooting</title> + + <sect3> + <title>A remote device cannot connect to us</title> + <para>Some older devices do not support role switching. By default, + when FreeBSD is accepting a connection, it tries to switch roles + to become a master. Devices which do not support this will not + be able to connect. Role switching is performed when a connection + is being established, so we cannot ask the remote device if it does + support role switching. There is a driver option to disable role + switching on our side:</para> + <screen>&prompt.root; <userinput>hccontrol -n ubt0hci write_node_role_switch 0</userinput></screen> + </sect3> + + <sect3> + <title>Something is going wrong, can I see what exactly is happening?</title> + <para>Yes, you can. Use the <application>hcidump</application> tool + from <ulink url="http://www.geocities.com/m_evmenkin/">Maksim Evmenkin's + snapshot</ulink>, which works much like &man.tcpdump.1;. You can + use it to display the content of Bluetooth packets on the terminal + and to record Bluetooth communication for later analyzation.</para> + </sect3> + + </sect2> + + </sect1> + </chapter> <!-- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305210625.h4L6PBQk006234>