Let’s Try RTL-SDR! – Part 1
Recently, I received a device that was originally marketed as a USB DAB/DVB/FM receiver, containing a chipset compatible with the utilities from the RTL-SDR project.
It cost £17.50 (roughly €22.42/2159円/US$27.45, according to WolframAlpha) including free shipping from the US.
What’s in the kit?
The receiver that I ordered was supplied with only a remote control, and a stubby antenna with a magnetic base. No CD-ROMs, or user manuals were included.
About the hardware
The eBay listing page claims that it contains an Elonics E4000 tuner IC, and a RealTek RTL2832U DVB-T demodulator IC.
lsusb -v Reports:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Bus 001 Device 002: ID 0bda:2838 Realtek Semiconductor Corp. | |
| Device Descriptor: | |
| bLength 18 | |
| bDescriptorType 1 | |
| bcdUSB 2.00 | |
| bDeviceClass 0 (Defined at Interface level) | |
| bDeviceSubClass 0 | |
| bDeviceProtocol 0 | |
| bMaxPacketSize0 64 | |
| idVendor 0x0bda Realtek Semiconductor Corp. | |
| idProduct 0x2838 | |
| bcdDevice 1.00 | |
| iManufacturer 1 Realtek | |
| iProduct 2 RTL2838UHIDIR | |
| iSerial 3 00000088 | |
| bNumConfigurations 1 | |
| Configuration Descriptor: | |
| bLength 9 | |
| bDescriptorType 2 | |
| wTotalLength 34 | |
| bNumInterfaces 2 | |
| bConfigurationValue 1 | |
| iConfiguration 4 USB2.0-Bulk&Iso | |
| bmAttributes 0x80 | |
| (Bus Powered) | |
| MaxPower 500mA | |
| Interface Descriptor: | |
| bLength 9 | |
| bDescriptorType 4 | |
| bInterfaceNumber 0 | |
| bAlternateSetting 0 | |
| bNumEndpoints 1 | |
| bInterfaceClass 255 Vendor Specific Class | |
| bInterfaceSubClass 255 Vendor Specific Subclass | |
| bInterfaceProtocol 255 Vendor Specific Protocol | |
| iInterface 5 Bulk-In, Interface | |
| Endpoint Descriptor: | |
| bLength 7 | |
| bDescriptorType 5 | |
| bEndpointAddress 0x81 EP 1 IN | |
| bmAttributes 2 | |
| Transfer Type Bulk | |
| Synch Type None | |
| Usage Type Data | |
| wMaxPacketSize 0x0200 1x 512 bytes | |
| bInterval 0 | |
| Interface Descriptor: | |
| bLength 9 | |
| bDescriptorType 4 | |
| bInterfaceNumber 1 | |
| bAlternateSetting 0 | |
| bNumEndpoints 0 | |
| bInterfaceClass 255 Vendor Specific Class | |
| bInterfaceSubClass 255 Vendor Specific Subclass | |
| bInterfaceProtocol 255 Vendor Specific Protocol | |
| iInterface 5 Bulk-In, Interface | |
| Device Qualifier (for other device speed): | |
| bLength 10 | |
| bDescriptorType 6 | |
| bcdUSB 2.00 | |
| bDeviceClass 0 (Defined at Interface level) | |
| bDeviceSubClass 0 | |
| bDeviceProtocol 0 | |
| bMaxPacketSize0 64 | |
| bNumConfigurations 2 | |
| Device Status: 0x0000 | |
| (Bus Powered) |
Installing RTL-SDR, and associated utilities
Download and run the build-gnuradio script, as recommended by Andrew Back:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tysonkey@ubuntu:~/SoftRadio$ wget http://www.sbrac.org/files/build-gnuradio | |
| –2012-07-19 12:35:19– http://www.sbrac.org/files/build-gnuradio | |
| Resolving http://www.sbrac.org… 174.142.32.20 | |
| Connecting to http://www.sbrac.org|174.142.32.20|:80… connected. | |
| HTTP request sent, awaiting response… 200 OK | |
| Length: 29181 (28K) [text/plain] | |
| Saving to: `build-gnuradio' | |
| 100%[======================================================================================================================================================>] 29,181 80.8K/s in 0.4s | |
| 2012-07-19 12:35:21 (80.8 KB/s) – `build-gnuradio' saved [29181/29181] | |
| tysonkey@ubuntu:~/SoftRadio$ chmod +x build-gnuradio | |
| tysonkey@ubuntu:~/SoftRadio$ ./build-gnuradio | |
| This script will install Gnu Radio from current GIT sources | |
| You will require Internet access from the computer on which this | |
| script runs. You will also require SUDO access. You will require | |
| approximately 500MB of free disk space to perform the build. | |
| This script will, as a side-effect, remove any existing Gnu Radio | |
| installation that was installed from your Linux distribution packages. | |
| It must do this to prevent problems due to interference between | |
| a linux-distribution-installed Gnu Radio/UHD and one installed from GIT source. | |
| The whole process may take up to two hours to complete, depending on the | |
| capabilities of your system. | |
| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | |
| NOTE: if you run into problems while running this script, you can re-run it with | |
| the –verbose option to produce lots of diagnostic output to help debug problems. | |
| This script has been written to anticipate some of the more common problems one might | |
| encounter building ANY large, complex software package. But it is not pefect, and | |
| there are certainly some situations it could encounter that it cannot deal with | |
| gracefully. Altering the system configuration from something reasonably standard, | |
| removing parts of the filesystem, moving system libraries around arbitrarily, etc, | |
| it likely cannot cope with. It is just a script. It isn't intuitive or artificially | |
| intelligent. It tries to make life a little easier for you, but at the end of the day | |
| if it runs into trouble, a certain amount of knowledge on your part about | |
| system configuration and idiosyncrasies will inevitably be necessary. | |
| Proceed? |
At this stage, the script will request elevated privileges, in order to search for prerequisite packages using the system package management utilities.
Since the disclaimer warns that the process may take a long time, I’d recommend obtaining one’s favourite beverage; ensuring that the PC used has a sufficient amount of free disk space, and is well-ventilated (if using a laptop), to prevent it from potentially overheating, and unexpectedly shutting down; and searching for something else to do in the meantime…
For some reason, the Checking for package python-gtk2 step seems to take an unusually long time on my laptop; and temporarily stopping the script yielded:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ^CFailed to find just-installed command 'guile' after pre-requisite installation. | |
| This very likely indicates that the pre-requisite installation failed | |
| to install one or more critical pre-requisites for Gnu Radio/UHD |
It seems that despite my best efforts to prepare things in advance, I ran out of disk space at that stage:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Checking for library libusb …Found library libusb | |
| Checking for library libboost …Found library libboost | |
| Checking for library libcppunit …Found library libcppunit | |
| Checking for library libguile …Found library libguile | |
| Checking for library libfftw …Found library libfftw | |
| Checking for library libgsl …Found library libgsl | |
| Done | |
| Fetching Gnu Radio via GIT…Could not find gnuradio/gnuradio-core after GIT checkout | |
| GIT checkout of Gnu Radio failed! |
Eventually, I resorted to running apt-get clean && apt-get autoclean, and moving some large files to an external disk, in order to free 1.5GB of 9.4GB; and re-ran the script, with more successful results:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Starting function uhd_build at: Thu Jul 19 13:43:39 BST 2012 | |
| Building UHD… | |
| Done building/installing UHD | |
| Done function uhd_build at: Thu Jul 19 14:00:07 BST 2012 | |
| Starting function firmware at: Thu Jul 19 14:00:07 BST 2012 | |
| Downloading images from: http://files.ettus.com/binaries/master_images/archive/uhd-images_003.004.001-109-g6ca39ad9.zip | |
| 6.94 MB/6.94 MB (100.00%) | |
| Images successfully installed to: /usr/local/share/uhd/images | |
| Done downloading firmware to /usr/local/share/uhd/images | |
| Done function firmware at: Thu Jul 19 14:00:19 BST 2012 | |
| Starting function gnuradio_build at: Thu Jul 19 14:00:19 BST 2012 | |
| /usr/local/lib already in ld.so.conf.d | |
| Doing ldconfig… | |
| Building Gnu Radio… | |
| …Doing cmake | |
| …Cmaking | |
| …Building | |
| Application asked to unregister timer 0x45000016 which is not registered in this thread. Fix application. | |
| …Installing | |
| Done building and installing Gnu Radio | |
| GRC freedesktop icons install …Done | |
| Done function gnuradio_build at: Thu Jul 19 14:41:05 BST 2012 | |
| Starting function rtl_build at: Thu Jul 19 14:41:05 BST 2012 | |
| Building rtl-sdr… | |
| Done building/installing rtl-sdr/gr-osmosdr | |
| Done function rtl_build at: Thu Jul 19 14:42:46 BST 2012 | |
| Starting function extras at: Thu Jul 19 14:42:46 BST 2012 | |
| Doing GIT checkout for extra module gr-baz | |
| Building extra module gr-baz | |
| Doing GIT checkout for extra module grextras | |
| Building extra module grextras | |
| Done function extras at: Thu Jul 19 14:51:02 BST 2012 | |
| Starting function mod_groups at: Thu Jul 19 14:51:02 BST 2012 | |
| ******************************************************************************** | |
| This script has just modified /etc/group to place your userid '('$USER')' into group 'usrp' | |
| In order for this change to take effect, you will need to log-out and log back | |
| in again. You will not be able to access your USRP1 device until you do this. | |
| If you wish to allow others on your system to use the USRP1 device, you will need to use: | |
| sudo usermod -a -G usrp userid | |
| For each userid you wish to allow access to the usrp | |
| ******************************************************************************** | |
| Further | |
| Done function mod_groups at: Thu Jul 19 14:51:03 BST 2012 | |
| Starting function mod_udev at: Thu Jul 19 14:51:03 BST 2012 | |
| Done function mod_udev at: Thu Jul 19 14:51:03 BST 2012 | |
| Starting function mod_sysctl at: Thu Jul 19 14:51:03 BST 2012 | |
| Applying updates to /etc/sysctl.conf | |
| Group 'usrp' now has real-time scheduling privileges | |
| You will need to log-out and back in again for this to | |
| take effect | |
| Done function mod_sysctl at: Thu Jul 19 14:51:03 BST 2012 | |
| Starting function pythonpath at: Thu Jul 19 14:51:03 BST 2012 | |
| ************************************************************ | |
| You should probably set your PYTHONPATH to: | |
| /usr/local/lib/python2.7/dist-packages | |
| Using: | |
| export PYTHONPATH=/usr/local/lib/python2.7/dist-packages | |
| in your .bashrc or equivalent file prior to attempting to run | |
| any Gnu Radio applications or Gnu Radio Companion. | |
| ************************************************************* | |
| Done function pythonpath at: Thu Jul 19 14:51:04 BST 2012 | |
| Done all functions at: Thu Jul 19 14:51:04 BST 2012 | |
| All Done | |
It seems that on a 64-bit Ubuntu installation, a full instance of the script’s working directory (containing all source code, and binaries) is about 520MB in size.
Notes on AirProbe installation
For readers wishing to install AirProbe using the instructions on the project’s Website, I recommend running sudo ln -s /usr/local/include/gruel/swig/gruel_common.i /usr/local/include/gnuradio/swig/ && ldconfig, after installing GNURadio, in order to avoid some frustrating bugs in various build scripts related to missing “Gruel”, and “SWIG”-related files.
Testing the result
Since this post is becoming rather long, and I’m unsatisfied with the content that I planned for this section, I’ll follow up with a second post related to testing the software post-installation, soon.
Explore posts in the same categories: Everything
Tags: DAB, DVB, GSM, Hardware, Linux, Open Source, Radio, RTL-SDR, SDR, Software, Tinkering
You can comment below, or link to this permanent URL from your own site.
Tyson Key's Outpost 
August 9, 2012 at 10:47 pm
I just wanted to say thanks for the tip on compiling airprobe on backtrack x64. I was having the same issue of airprobe failing to find gruel library files.
August 10, 2012 at 10:14 am
No problem. Thanks for letting me know that it works on other Linux distributions, too. 🙂
August 25, 2012 at 9:57 pm
hi,
great blog – having some issues with compiling airprobe….
maybe anybody has a solution installed the latest ubuntu:
gsm.cc:3110:13: error: ‘ptrdiff_t’ does not name a type
gsm.cc:3147:21: error: expected ‘;’ at end of member declaration
gsm.cc:3147:39: error: expected ‘)’ before ‘n’
gsm.cc:3162:34: error: declaration of ‘operator+=’ as non-function
gsm.cc:3162:30: error: expected ‘;’ at end of member declaration
gsm.cc:3162:44: error: expected ‘)’ before ‘n’
gsm.cc:3167:34: error: declaration of ‘operator-=’ as non-function
gsm.cc:3167:30: error: expected ‘;’ at end of member declaration
gsm.cc:3167:44: error: expected ‘)’ before ‘n’
gsm.cc:3172:33: error: declaration of ‘operator+’ as non-function
gsm.cc:3172:30: error: expected ‘;’ at end of member declaration
gsm.cc:3172:43: error: expected ‘)’ before ‘n’
gsm.cc:3177:33: error: declaration of ‘operator-‘ as non-function
gsm.cc:3177:30: error: expected ‘;’ at end of member declaration
gsm.cc:3177:43: error: expected ‘)’ before ‘n’
gsm.cc:3182:5: error: ‘ptrdiff_t’ does not name a type
gsm.cc:3550:15: error: ‘swig::check_index’ declared as an ‘inline’ variable
gsm.cc:3550:15: error: ‘ptrdiff_t’ was not declared in this scope
gsm.cc:3550:15: note: suggested alternatives:
/usr/include/c++/4.6/i686-linux-gnu/./bits/c++config.h:156:28: note: ‘std::ptrdiff_t’
/usr/include/c++/4.6/i686-linux-gnu/./bits/c++config.h:156:28: note: ‘std::ptrdiff_t’
gsm.cc:3550:35: error: expected primary-expression before ‘size’
gsm.cc:3550:41: error: expected primary-expression before ‘bool’
gsm.cc:3550:60: error: expression list treated as compound expression in initializer [-fpermissive]
gsm.cc:3550:62: error: expected ‘,’ or ‘;’ before ‘{‘ token
In file included from /usr/include/boost/detail/sp_typeinfo.hpp:109:0,
from /usr/include/boost/smart_ptr/detail/sp_counted_base_gcc_x86.hpp:27,
from /usr/include/boost/smart_ptr/detail/sp_counted_base.hpp:36,
from /usr/include/boost/smart_ptr/detail/shared_count.hpp:29,
from /usr/include/boost/smart_ptr/shared_ptr.hpp:32,
from /usr/include/boost/shared_ptr.hpp:17,
from /usr/local/include/gnuradio/gr_types.h:27,
from /usr/local/include/gnuradio/gr_runtime_types.h:27,
from /usr/local/include/gnuradio/gr_basic_block.h:27,
from /usr/local/include/gnuradio/gr_block.h:27,
from gsm_receiver_cf.h:27,
from gsm.cc:4101:
/usr/include/c++/4.6/typeinfo:42:37: error: expected ‘}’ before end of line
/usr/include/c++/4.6/typeinfo:42:37: error: expected declaration before end of line
October 19, 2012 at 12:04 pm
Hey,
We run into troubles when installing airprobe on backtrack.
Installing gnuradio worked fine.
The symlinks were indeed necessary to fix gruel_common.i errors.
But with the symlinks, we get new errors.
gsm.cc (generated by swig) contains uses of SWIG_exception, but “make” tells us the exception “is not defined in this scope”.
Is there anything we are missing here?
October 19, 2012 at 12:15 pm
Hi,
I’m unfamiliar with BackTrack, and I’m away from home without my laptop, right now – so I can’t do much to test things. With that in mind, are you attempting to build the version of AirProbe at the GNUMonks site?
Unfortunately, my recollection of all of the steps involved in building AirProbe is hazy – although I’m sure that some components failed to build, but were generally unnecessary for operation with RTL-SDR devices.
I hope that helps, for the time being.
Tyson.
October 20, 2012 at 11:46 am
Hey,
Thank you for your quick reply.
No we tried to build airprobe from the ccc.de site.
The error is in the gsm-tvoid component of airprobe.
For an assignment at the university, we need to sniff gms traffic.
I have no idea if we actually need the tvoid component.
We’ll see how far we get without it.
Thanks again for your help :).
Willem
October 20, 2012 at 12:10 pm
No worries, Willem. I suggested using the GNUMonks version of it – since the code in the repository seemed to have been the newest, at the time, as far as RTL-SDR support was concerned. (Some scripts were missing from other versions).
If I remember correctly, the situation for each source module directory was:
I hope that summary helps.
I’ll probably reboot into Ubuntu later, have a look at the state of my last build attempt, and report back, though. I don’t know if there’s a recommended order for installation – but I’m sure that rebuilding each in a bruteforce manner would probably “work”…
November 5, 2012 at 1:13 pm
Hey Tyson,
Thanks for your explanation.
Compiling gsm-receiver works fine.
I’ve read somewhere that the tvoid part of airprobe is much like like the receiver, but it does not work, so we went on with the receiver.
Running it still gives us problems though.
When we try to capture traffic with the URSP from our university, by running capture.sh, it complains about being unable to find usrp_rx_cfile. It should be installed with gnuradio, but it isn’t.
We got our hands on an RTL-SDR last friday, so now we tried to run gsm_receiver_rtl.py from the gsm-receiver software collection.
This works and we get nice graphics. Output to file does not work however.
Do you know how to really capture the traffic to an analyzable file?
Thanks for your help!
Regards,
Willem
November 5, 2012 at 1:17 pm
Hi Willem,
The AirProbe tools don’t actually produce a trace file. Instead, they output data using a broadcast UDP socket that just “throws data into the wind”, containing GSM packets with “GSMTap” encapsulation, which can be captured from the loopback interface (or the “any” pseudo-interface in Wireshark).
I hope that helps,
Tyson.
November 5, 2012 at 1:19 pm
PS – I’ll admit that I was also very confused by the behaviour of it, since some (encrypted?) traffic isn’t even forwarded on via the UDP interface; and things like uplink traffic, and GPRS packets are not supported by that version of the AirProbe tools.
December 20, 2012 at 4:12 am
Hey Wuburger,
You need to install the old version of gnuradio which contains usrp_rx_cfile I would suggest gnuradio 3.4.2 without UHD, If you have it installed then locate usrp_rx_cfile default location on ubuntu is /usr/local/bin, could be changed in backtrack and then copy this file path to capture.sh, then it will work fine!
March 26, 2013 at 9:32 pm
We indeed used an older version of gnuradio for the capture script to finally work.
In the end I just installed the gnuradio via the packet manager.
Though we were able to get the capture script working, we were not able to capture any data. We don’t exactly know why the capture files stay empty. This could be because our USRP did not have a modified clock.
Thank you for your reply. I hope this topic will help others!
March 23, 2013 at 1:56 am
hi wburgers i have almost the same project for my universite . Did you managed to capture gsm traffic ?
March 26, 2013 at 9:38 pm
Hi Tibillys,
Unfortunately I have to tell you that we were not able to capture any gsm traffic.
As you can see in my reply above, we were able to get the capture script working for our USRP. But the resulting file had no gsm packets in it.
For the RTL-SDR, we gave up after we found out that the capture_rtl.sh script was bugged, because it did not put any data in the output file we specified. So to be clear, the script created a file, but it was 0 bytes big…
I hope this topic will help people get it working! 🙂
Regards, Willem
April 9, 2013 at 11:36 am
helló!
can help?
April 9, 2013 at 11:44 am
Hi Sasvari,
Thanks for your comment. Please can you let me know what you’re trying to do, so that I can try to help you?
Tyson.
June 24, 2013 at 4:50 pm
Hi,
I want to ask about your Airprobe-GPRS code, that is available on github. Can the code be used with USRP? My aim is to capture and decode the uplink traffic using USRP. IF the code cannot be directly applied to USRP, what changes do I need to make in order to make it work.
Thank you,
Fahad.
June 24, 2013 at 5:15 pm
Hi Farad,
That code is an experimental mess that I created by trying to merge two divergent versions of the AirProbe codebase together (the mainline one supporting RTL-SDR devices, and a third-party one based upon an older SCM revision that didn’t support RTL-SDR devices, but was patched to support GPRS capturing).
It was made by copying both repositories, finding their divergence points, and then manually grafting patches from the GPRS repository back onto mainline.
To be honest, although I’m able to compile it (with some work), it doesn’t actually work at all with my device (no waterfall is displayed in the GNURadio Companion); and I can’t afford a USRP, so I haven’t been able to test it.
I believe that the original version of the AirProbe GPRS code would have supported USRP devices, though.
Sorry about that,
Tyson.