Armageddon421's Hackingblog

LTE USB-Stick Samsung GT-B3740 on Ubuntu!

by on Jun.05, 2011, under Projects, quickhack

Yesterday, Onny from project-insanity.org got himself a Vodafone contract for the new LTE-Mobile-Broadband-Connection that came with a Samsung GT-B3740 USB modem. It works on Windows, it works on Mac,…

So now we come to the interesting part: Can we get it to work on linux?

We got us this driver that is for the B3730, did everything the README file told us to and hoped it would work with our device… It didn’t. So we tried to find out why. Our first guess was the chatscript not initializing the modem corectly. It turned out we were right. After analyzing the USB-traffic on windows, we were able to reconstruct the AT-commands that are being sent to the modem in order to initialize it and establish the connection. We sketched it on paper. Here the pictures of it in case someone needs it for debugging. The right column are the replies that the modem sends back.

After having created the corresponding chatscript and executed it, the light turned first blue, then green and it magically connected. Executing dhclient sets everything else up.

This is how our working chatscript looks like:


ABORT 'TIME OUT' ABORT 'ERROR'
'' ATE1
'OK' AT+CSCS="UCS2"
'OK' AT+CMGF=0
'OK' AT+CHANGEALLPATH?
'OK' AT+VERSNAME=1,0
'OK' AT+VERSNAME=1,1
'OK' AT+CMEE=2
'OK' AT+CGREG=2
'OK' AT+CFUN=5
'OK' AT+CPIN?
'OK' AT+CNUM
'OK' AT+MODESELECT=2
'OK' AT+CSQ?
'OK' AT+COPSNAME
'OK' AT+CSQ?
'OK' AT+CGACT?
'OK' AT+CSQ?
'OK' AT+CSQ?
'OK' AT+CSQ?
'OK' AT+CSQ?
'OK' AT+CSQ?
'OK' AT+CSQ?
'OK' AT+CGDCONT=1,"IP","web.vodafone.de"
'OK' AT+CGATT=1

'CGACT:1,1'

For the more unexperienced folks, I have tried to mash up a little tutorial.


git clone https://github.com/mkotsbak/Samsung-GT-B3730-linux-driver.git
cd Samsung-GT-B3730-linux-driver
sh build.sh
cd option
sh build.sh
cd ..

sudo vim /etc/usb_modeswitch.d/04e8:689a
        #make sure the line "NoDriverLoading=1" has no "#" in front of it
        #also make sure that there is no file "04e8:6889" in that folder

vim chatscript.txt
#replace the content of this file with the chatscript from above


#this was the basic setup, it only has to be done once.
#from here, you can make yourself a script because
#this has to be at least executed after each reboot

sudo modprobe option    #load the default option driver to get the dependencies
sudo rmmod option        #unload it again
sudo insmod ./option/option.ko    #load the custom option module
sudo modprobe usbnet
sudo insmod ./kalmia.ko    #load the driver module for the modem

sh chat.sh    #this initializes and connects the modem using out chatscript.txt!
sudo ifconfig wwan0 up    #bring the ethernet device up
sudo dhclient wwan0        #get an ip, gateway and dns

#finally, you have to monitor the connection to prevent the serial
#buffer on the modem from overflowing

sudo minicom -o -D /dev/ttyUSB0    #just leave this open while you are connected

Voila! It should work!

You might have to adjust some values, for example /dev/ttyUSB1 instead of USB0 if you already have another USB-to-serial device. This has to be changed in the chat.sh script and the minicom command.

If you have promlems, you could also try disabling the Ubuntu network-manager and killing the modem-manager by doing


sudo /etc/init.d/network-manager stop
sudo killall modem-manager

Also remember that you might have to install minicom and usb-modechange.

Finally, a picture of me doing a ubuntu upgrade from 10.10 to 11.04.

I hope I could help you out!

Have a nice connection! See ya!

Edit:

In case you have usb-modeswitch installed and the file in /etc/usb_modeswitch.d/ is still empty or missing, you may create it with the following content:



#######################################################
# Samsung GT-B3730

DefaultVendor= 0x04e8
DefaultProduct=0x689a

TargetVendor=  0x04e8
TargetProduct= 0x6889

MessageContent="55534243785634120100000080000601000000000000000000000000000000"

CheckSuccess=20

NoDriverLoading=1

Update:

Onny from Project-Insanity.org got the new driver version running on Arch Linux x64, Kernel 2.6.39 using the following method


git clone https://github.com/mkotsbak/Samsung-GT-B3730-linux-driver.git
cd Samsung-GT-B3730-linux-driver
wget https://raw.github.com/mkotsbak/linux-2.6/Samsung_kalmia_driver-3.0/drivers/net/usb/kalmia.c
wget -O option/option.c “http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.38.y.git;a=blob_plain;f=drivers/usb/serial/option.c;hb=HEAD”
sh build.sh && sh option/build.sh
* if not grep NoDriver /etc/usb_modeswitch.conf; sudo echo “NoDriverLoading=1″ >> /etc/usb_modeswitch.conf; fi;
sudo modprobe option && sudo rmmod option (to get module deps)
sudo insmod ./option/option.ko
sudo modprobe usbnet
sudo insmod ./kalmia.ko
wget -O chatscript.txt http://onny.project-insanity.org/files/chatscript_vodafone.txt
sudo sh chat.sh
sudo dhcpcd wwan0
minicom -o -D /dev/ttyUSB0

:, , , , , , , , , , , , , , , , , , ,

14 Comments for this entry

  • Ned

    Hey armageddon!

    This tutorial looks very good, but i have some problems.
    Can you help me out, i want to make this thing work on my laptop with Fedora 14.

    Is this possible?

    I hope for your answer.
    My email is: tirolean91@live.de

    Take care,
    Ned

  • BrEin

    I’ve got an error:

    There is no option/option.ko file.
    When should it be created?

    Do you have an idea of solution?

    Thank You!
    BrEin

    • armageddon

      It seems like there have been some changes to the driver since I’ve written this article.

      https://github.com/mkotsbak/Samsung-GT-B3730-linux-driver/tree/647b1bc89a09d9ac54cd9025d1f1ff76c3e70f4c

      You can still use this driver, however, you will have to read the readme in order to find out where to get the files you need for your specific kernel version. you can find out your kernel version with “uname -a”

      Put the option.c in the option subdirectory and the kalmia.c in the root directory of what you’ve downloaded from github using the link above. You should then be able to follow the rest of the tutorial (starting from build.sh) but refer to the readme for how to connect in case it will not work the way I described it.

      Tell me if you need any further help. Good Luck.

  • S0o0L

    hi armageddon,

    i’m using the ubuntu 10.04 LTS version and i’ve installed all as you described it.
    my question is in which moment you put in the stick and see it under dev/ttyusbx, because i never see it there and can start a connection.
    usb-modeswitcher is installed and should work correct.

    thank you.

    • armageddon

      Good question. I had the stick plugged in all the time. I think you should be able to see the /dev/ttyUSB device with the ubuntu stock drivers already, they will just not establish the connection. On the other hand, I think your problem seems to be the usb-modeswitch thing. Can you please show me the output of lsusb and lsmod? Also run dmesg before and after plugging in the switch and show me what was added to the end after plugging the stick in.

  • disorder

    Hi armageddon,

    Thanks for the howto.
    Everything was working until the point below, stocking on the call setup. Any idea? Where can i monitor what happens?

    #############################################################
    lteclient@hp2540:~$ cd Samsung-GT-B3730-linux-driver/
    lteclient@hp2540:~/Samsung-GT-B3730-linux-driver$ sudo modprobe option
    [sudo] password for lteclient:
    lteclient@hp2540:~/Samsung-GT-B3730-linux-driver$ sudo rmmod option
    lteclient@hp2540:~/Samsung-GT-B3730-linux-driver$ sudo insmod ./option/option.kolteclient@hp2540:~/Samsung-GT-B3730-linux-driver$ sudo modprobe usbnet
    lteclient@hp2540:~/Samsung-GT-B3730-linux-driver$ sudo insmod ./kalmia.ko
    lteclient@hp2540:~/Samsung-GT-B3730-linux-driver$ sh chat.sh
    abort on (TIME OUT)
    abort on (ERROR)
    expect (^M)
    alarm
    Failed
    lteclient@hp2540:~/Samsung-GT-B3730-linux-driver$

    ############################################################

    Thanks in advance!

    • armageddon

      you can try watching the output of dmesg for example. Also, what chatscript have you used? The one I posted or the one that comes with the driver? Are you sure there is a wwan0 device showing up in ifconfig and a /dev/ttyUSBx device before you run chat.sh?

      • disorder

        …thanks for the quick answer!
        I’m using your chatscript.txt… Under /dev/ the ttyUSB0 is visible. After sudo insmod ./kalmia.ko i start “sudo ifconfig wwan0 up” and the dhcp request for wwan0.

  • disorder

    i forward the demsg output in a logfile.
    If you like i will send it to you..
    It’s for sure not a problem of coverage or the Dongle itself. i have anothe laptop here, running windows…without problems!

    • armageddon

      Please upload it somewhere, like pastebin for example, and post the link here so others have a chance to have a look at it, too. I’ll have a look at it then.

  • disorder

    Thank you. I got it. Seems to be something was wrong with my chatscript. Now it works, but i have to start the chat.sh twice. First time failed on every try. Second try works… But the throughput (ftp) is lousy and unstable.
    Between 2 and 18Mbit/s. Windows was 100Mbit/s stable.
    I will investigate. How did you detach the dongle by software?

    • armageddon

      It should be no problem to just unplug the dongle if you don’t need it anymore.
      Alternatively, you can do ifconfig wwan0 down to disable the device and to be sure that the connection is closed remove the option module by doing rmmod option. That’s all I can imagine at the moment.

      Normally you’d have to tell the device via its /dev/ttyUSBx device to disconnect, but I don’t know the right commands for that. Also, I don’t have access to a GT-B3740 anymore so I can neither sniff the commands in windows nor test them. Sorry. I’ll help you where I can, though.

  • MMI

    Thanks for the AT commands. I use Kernel 3.9 where it works without any patched modules.
    But my problem is: After a minute of inactivity the stick seems to switch in stdby mode and it can’t be waked up again. The connection must be established from the beginning.
    A bad workaround is to send a ping every 10 secs. :(

    Is there an AT command or a better solution for this?

  • bro

    Hi,

    can you perhaps update this blog entry for a recent kernel version? I cannot get it to work properly :(

Leave a Reply