Skip to content

Directly Controlling Zigbee Lights

Albert Wang edited this page May 7, 2015 · 11 revisions

ZigBeeHACoord

Snooping on unix socket API

ZigbeeHACord exposes a unix socket /tmp/ipc_sock which is connected to by aprond. By using strace on aprond, or by an socat layer of indirection one can snoop on this traffic.

To use socat to snoop:

mv /tmp/ipc_sock /tmp/ipc_mock
socat -x -v UNIX-LISTEN:/var/run/ipc_sock UNIX-CLIENT:/var/run/ipc_mock

On another instance of ssh:

/etc/init.d/S61apron restart

Reverse engineering the unix socket API

Unlike the Ember serial protocol, the unix socket API does not seem to be documented. Other then the command identifiers it is pretty straightforward.

Packet Structure:

MsgType Seq Cmd MsgLen Payload
43 XX 04 00 0f 01 de df 7c e5 24 00 00 0b 6a f0 01 01 00 00

MsgTypes:

  • 43 (C)ommand
  • 52 (R)esponse / Acknowledge from ZigbeeHACord
  • 42 Re(S)ponse from Node

(Seq)uence: This variable is sent monotonically increasing with each new command, however it is not strict. One can choose a sequence number that was previously used, this is primarily for correlating command and responses.

MsgLen: The number of bytes in the payload

Commands:

Cmd # Command
00 00 Network form
01 00 Permit joining
02 00 Network join
03 00 Network leave
04 00 On/off
05 00 Active Endpoint Request
06 00 Simple Descriptor Request
07 00 ZDO Bind Request
08 00 Network find unused
09 00 Network form unused?
0a 00 Remove Device
0b 00 Refresh node index table?
0c 00 Fade to Level
0d 00 ZCL Setup On/Off Reports
0e 00 ZCL Setup Generic Reports
0f 00 Remove Address Table Entry?
10 00 Write Attribute
11 00 Read Attributes
12 00 Setpoint Raise Lower
13 00 Node Descriptor Request
14 00 Group Add Node
15 00 Group Del Node
16 00 Group Node View
17 00 Group Node Membership
18 00 Group Node RemoveAll
19 00 Group Add Node Identifying
1a 00 + Invalid
Command Payload Description
Cmd # Example Payload
On/off Val (01 == OFF) NetAddr LongAddr SrcEnpt DestEnpt GroupId?
04 00 01 de df 7c e5 24 00 00 0b 6a f0 01 01 00 00
Fade to Level New Level (255 = MAX) Transition Time (0.1s increments) NetAddr LongAddr SrcEnpt DestEnpt GroupId?
0c 00 ff 00 0f de df 7c e5 24 00 00 0b 6a f0 01 01 00 00
Permit Joining for N Seconds ?
01 00 3c 01
Request Node Description NetAddr
13 00 6c 83
Read Attribute(s) NetAddr LongAddr Endpoint Cluster NumberOfAttr Attributes (2B each)
11 00 de df 7c e5 24 00 00 0b 6a f0 01 00 00 01 00 05
Request Active Endpoint NetAddr
05 00 6c 83
Request Simple Description NetAddr Endpoint
05 00 6c 83 01
Request ZDO Bind NetAddr LongAddr Endpoint Cluster ID ?
07 00 d9 93 7c e5 24 00 00 01 02 37 01 00 19 00 00 00 00 00 00 00 00 01

Responses:

(R) Ack No payload
00 00

See other

Using ZigBeeHACoord

Ember Protocol Spec

EZSP Protocol

EZSP UART Protocol

EmberZNet 4.7.2 API 2012

EmberZNet Web API

Project Using Ember Library

Clone this wiki locally