more readable power output than with Kalibrate/LTE-Scanner, plus MCC/MNC
bands
uplink downlink P-GSM-900 890.0 – 915.0 935.0 – 960.0 E-GSM-900 880.0 – 915.0 925.0 – 960.0 DCS-1800 1710.2 – 1784.8 1805.2 – 1879.8
search for the strongest tower
assuming you got an approximate idea of your PPM setting to begin with
echo $ppm # RTL grgsm_scanner --band=GSM900 --gain=34 --speed=5 --args=rtl=0 --ppm="$ppm" grgsm_scanner --band=DCS1800 --gain=34 --speed=5 --args=rtl=0 --ppm="$ppm" #--verbose sort -h -k2,2 GSM900.scan.RTL # ARFCN sort -h -k12,12 GSM900.scan.RTL # MNC sort -rh -k14,14 GSM900.scan.RTL # PWR sort -rh -k14,14 DCS1800.scan.RTL # PWR # HRF grgsm_scanner --band=GSM900 --gain=40 --args=hackrf=0 --ppm="$ppm" grgsm_scanner --band=DCS1800 --gain=40 --args=hackrf=0 --ppm="$ppm" sort -rh -k2,2 GSM900.scan.HRF # ARFCN sort -rh -k12,12 GSM900.scan.HRF # ARFCN sort -rh -k14,14 GSM900.scan.HRF # PWR sort -rh -k14,14 DCS1800.scan.HRF # PWR
eventually watch live with auto-scroll enabled
wireshark -k -Y '!icmp && gsmtap' -i lo &
# !mdns && !dns && !udp && !icmp && !tcp
echo $arfcn
freq=`arfcncalc -a $arfcn -d`
echo $freq
echo $ppm
# RTL
grgsm_livemon_headless --fc $freq --gain 34 --ppm "$ppm" --args rtl=0
# HRF
grgsm_livemon_headless --fc $freq --gain 40 --ppm "$ppm" --args hackrf=0
# does not help at all (it's worse)
# --samp-rate 2e6
–or– directly with the GRC flavor (define fc=)
gnuradio-companion grgsm_livemon_headless.grc
can you see some 2bs already? however the livemon tool only gets 0C. and you will get only one FDMA channel at a time anyhow, unless you manage to send to different ports on lo.