LinuxDevCenter.com
oreilly.comSafari Books Online.Conferences.

advertisement


Rediscovering Bluetooth
Pages: 1, 2, 3

Offering and Requesting Services

You have found a device. What can you do with it? Can you use it to go online, send or receive files, or stream audio? This is a job for SDP--a protocol to offer and request services. What does my Zaurus offer?



# sdptool browse 00:A0:96:0A:D1:80
Browsing 00:A0:96:0A:D1:80 ...
#

It looks like there is no service. I need to add some. How about NAP to offer networking, DUN to offer PPP networking, OPUSH to receive files, and SP to let another computer use the Zaurus serial port?

# sdptool add NAP
# sdptool add DUN
# sdptool add OPUSH
# sdptool add SP

Attention: I don't have space in this article to configure DUN, OPUSH, and SP. I'll just show how to fake support for this profile. Why not play pretend for once? An addition benefit is that this approach is useful as a honeypot to find in the syslog devices attempting to take advantage of DUN, OPUSH, and SP for Bluesnarfing or Bluejacking attacks.

Now what does the Zaurus offer?

# sdptool browse 00:A0:96:0A:D1:80
Browsing 00:A0:96:0A:D1:80 ...
Service Name: Network Access Point Service
Service RecHandle: 0x10000
Service Class ID List:
  "Network access point" (0x1116)
Protocol Descriptor List:
  "L2CAP" (0x0100)
    PSM: 15
  "BNEP" (0x000f)
    Version: 0x0100
    SEQ16: 10 20 30 40
Profile Descriptor List:
  "PAN access point" (0x1116)
    Version: 0x0100

Service Name: Dial-Up Networking
Service RecHandle: 0x10001
Service Class ID List:
  "Dialup Networking" (0x1103)
  "Generic Networking" (0x1201)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 1
Profile Descriptor List:
  "Dialup Networking" (0x1103)
    Version: 0x0100

Service Name: OBEX Object Push
Service RecHandle: 0x10002
Service Class ID List:
  "OBEX Object Push" (0x1105)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 4
  "OBEX" (0x0008)
Profile Descriptor List:
  "OBEX Object Push" (0x1105)
    Version: 0x0100

Service Name: Serial Port
Service Description: COM Port
Service RecHandle: 0x10003
Service Class ID List:
  "Serial Port" (0x1101)
Protocol Descriptor List:
  "L2CAP" (0x0100)
  "RFCOMM" (0x0003)
    Channel: 1
Language Base Attr List:
  code_ISO639: 0x656e
  encoding:    0x6a
  base_offset: 0x100
Profile Descriptor List:
  "Serial Port" (0x1101)
    Version: 0x0100

Much better.

Now I want to try some networking. Imagine the Zaurus has a network connection to the internet, and you would like to share that connection with other devices. It's IP over Bluetooth!

On the Zaurus, start the network daemon in server mode:

# pand --listen --master --role NAP

On your PC, look for a NAP:

# sdptool search NAP
Inquiring ...
Searching for NAP on 00:A0:96:0A:D1:80 ...
Service Name: Network Access Point Service
Service RecHandle: 0x10000
Service Class ID List:
  "Network access point" (0x1116)
Protocol Descriptor List:
  "L2CAP" (0x0100)
    PSM: 15
  "BNEP" (0x000f)
    Version: 0x0100
    SEQ16: 10 20 30 40
Profile Descriptor List:
  "PAN access point" (0x1116)
    Version: 0x0100

It looks like the Zaurus correctly advertises its support for PAN. Now connect with pand in client mode:

# /usr/bin/pand --role PANU --service NAP --connect 00:A0:96:0A:D1:80

You can also let pand search in client mode to find a NAP to connect to and then do the connection:

# /usr/bin/pand --role PANU --service NAP --search

Each device will then have a bnep0 device that supports automatic configuration--perhaps with DHCP or with a static IP address.

pand calls a script named dev-up in /etc/bluetooth/pan/ whenever it creates a bnepx interface; this is the easiest way to configure bnep0. You can alternatively try to use hotplug.

On the Zaurus, type (and store in /etc/bluetooth/pan/dev-up for the next time):

ifconfig bnep0 192.168.1.1
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat  -A POSTROUTING -o eth0 -j MASQUERADE

On the PC, type (and store in /etc/bluetooth/pan/dev-up for the next time):

ifconfig bnep0 192.168.1.2
route add default gw 192.168.1.1

You can now ping the Zaurus and use it to connect to the internet.

pand is a network daemon--you can use it to do different things, including peer-to-peer networking, if you use GN instead of NAP. On the client run:

# pand --listen --role GN

This will look for peer-to-peer servers to connect to as you pass by. Along with a DHCP request to get an IP address on bnep0, it offers unique possibilities to share files with passersby who have configured their Bluetooth devices likewise. See The PAN HOWTO for more information.

Conclusion

So far, your Bluetooth device has only reached the feature set provided by WiFi--maybe with more nice options and possibilities for automation.

Even with just networking, there is much more than PAN in Bluetooth.

My next article will play with DUND and SP--respectively, PPP over Bluetooth and serial port export to handle traditional serial port issues. You can take advantage of these profiles to offer dial-on-demand services and wireless synchronization of a Palm pilot featuring Bluetooth.

I will also show how to exchange files with OBEX, and use that to back up a cellphone. I will explain Bluesnarfing and Bluejacking attacks to transform the cellphone backup into a "cellphone slurper," which will attempt to download the content of the phonebook, calendar, pictures, etc. of any passing Bluetooth phone that accepts the transfer.

Guylhem Aznar was the coordinator of The Linux Documentation Project from 1999 to 2006. He has a special interest in Linux embedded devices and health informatics, being a physician with a clinical experience but also a full traditional computer-science education.


Return to the Linux DevCenter.


Linux Online Certification

Linux/Unix System Administration Certificate Series
Linux/Unix System Administration Certificate Series — This course series targets both beginning and intermediate Linux/Unix users who want to acquire advanced system administration skills, and to back those skills up with a Certificate from the University of Illinois Office of Continuing Education.

Enroll today!


Linux Resources
  • Linux Online
  • The Linux FAQ
  • linux.java.net
  • Linux Kernel Archives
  • Kernel Traffic
  • DistroWatch.com


  • Sponsored by: