Script for sniffing OpenBeacon packets with NRF.

[goodfet] / client / goodfet.nrf

diff --git a/client/goodfet.nrf b/client/goodfet.nrf
index 1a5a503..6cb92ae 100755 (executable)
--- a/client/goodfet.nrf
+++ b/client/goodfet.nrf
@@ -6,6 +6,7 @@
 import sys;
 import binascii;
 import array;
+import time;
 
 from GoodFETNRF import GoodFETNRF;
 from intelhex import IntelHex;
@@ -47,4 +48,40 @@ if(sys.argv[1]=="regs"):
     for r in range(0,30):
         print "r[0x%02x]=0x%02x" % (r,client.peek(r));
 
-
+if(sys.argv[1]=="sniffob"):
+    #Reversal of transmitter code from nRF_CMD.c
+    client.poke(0x00,0x00); #Stop nRF
+    client.poke(0x01,0x00); #Disable Shockburst
+    client.poke(0x02,0x01); #Set RX Pipe 0
+    client.poke(0x03,0x03); #SETUP_AW for 5-byte addresses.
+    client.RF_freq(2481 * 10**6);
+    client.poke(0x06,0x09); #2MBps, -18dBm in RF_SETUP
+    client.poke(0x07,0x78); #Reset status register
+    
+    #OpenBeacon defines these in little endian as follows.
+    #0x01, 0x02, 0x03, 0x02, 0x01
+    client.RF_setsmac(0x0102030201);
+    #'O', 'C', 'A', 'E', 'B'
+    client.RF_settmac(0x424541434F);
+    
+    #Set packet length of 16.
+    client.poke(0x11,16);
+    
+    client.status();
+    #Power radio, prime for RX, checksum.
+    client.poke(0x00,0x70|0x03|0x08);
+    
+    
+    print "Listening as %010x on channel %03i" % (client.RF_getsmac(),client.peek(0x05));
+    #Now we're ready to get packets.
+    
+    while 1:
+        packet=None;
+        while packet==None:
+            time.sleep(0.1);
+            client.status();
+            packet=client.RF_rxpacket();
+        s="";
+        for foo in packet:
+            s="%s %02x" % (s,ord(foo));
+        print "Got %s" %s;