Using hcitool to set ad packets

bluetooth bluetooth-lowenergy ibeacon bluez hci
ScottJenson picture ScottJenson · May 6, 2014 · Viewed 22.6k times · Source

There is a well known blog post going around on how to set a usb bluetooth 4 dongle to be an iBeacon. It boils down to this magical command:

sudo hcitool -i hci0 cmd 0x08 0x0008 1e 02 01 1a 1a ff 4c 00 02 15 e2 c5 6d b5 df fb 48 d2 b0 60 d0 f5 a7 10 96 e0 00 00 00 00 c5 00 00 00 00 00 00 00 00 00 00 00 00 00

The issue with this example is that it is so opaque it's hard to use it in any more general format. I've been able to break it apart a bit:

sudo hcitool -i hci0 cmd

sends an hci command to the hci0 device

0x08 0x0008

is just magic to set the ad package, other stackoverflow commands have said "just use it, don't ask

1e

is the length of the ENTIRE following data packet in bytes

02 01 1a 1a

Are flags to set up the ad packet (details on request)

ff 4c 00 ...

is the 'company specific data' that encodes the iBeacon info

What I've tried to do is replace the "FF ..." bytes with the opcodes for setting the NAME parameter "04 09 41 42 43" (which should set it to ABC) but that doesn't work.

I'm surprised the hcitool doesn't give us some examples on how to set the ad packet as this would be very useful in setting all sorts of other params (like TEMP or POWER). Has anyone else had any experience in using hcitool to set things like NAME?

Answer

nomve picture nomve · Dec 17, 2014

Late reply, but somebody might find this useful. I found it as I was looking around for solutions myself when using hcitool.

If you use hcitool cmd --help it will tell you something like this cmd <ogf> <ocf> .... It helps to look at the Bluetooth Core Specification to find out what 0x08 and 0x0008 would be for OGF and OCF. Specifically Vol. 2, Part E, 7.8

For the LE Controller Commands, the OGF code is defined as 0x08

and for the OCF of 0x0008

Advertising_Data_Length, Advertising_Data

So basically, with 0x08 0x0008 you say you are setting (in the LE Controller) the length of the data that is sent. As for the name, since the length of the BLE advertisement packet is 31 bytes (1E), you need to send the whole 31 bytes. So if you only have ABC as the name, setting 04 09 41 42 43 is correct, but that's only five bytes. For 31 you need to add 00 26 times. Just be careful you don't add too much or too little.

Also, I wasn't under the impression that BLE ad. packets are of fixed 31 byte size, but they are at least for hcitool. It doesn't work when you specifically set the outgoing size to something smaller than 1E.

Related questions

Understanding ibeacon distancing

Trying to grasp a basic concept of how distancing with ibeacon (beacon/ Bluetooth-lowenergy/BLE) can work. Is there any true documentation on how far exactly an ibeacon can measure. Lets say I am 300 feet away...is it possible for an …

Read More
What is the iBeacon Bluetooth Profile

I'd like to create my own iBeacon with some Bluetooth Low Energy dev kits. Apple has yet to release a specification for iBeacons, however, a few hardware developers have reverse Engineered the iBeacon from the AirLocate Sample code and started …

Read More
Can an Android device act as an iBeacon?

Can an Android device act as an iBeacon and figure out when other Android devices come in its range? Do those other Android devices need to have Bluetooth turned on? If a customer comes into my shop and he doesn't …

Read More