username/esp32-hacking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity
Files
70f37ad6dcedbe4bf3727418ee0789de0d1e51cc
esp32-hacking/TASKS.md
user 70f37ad6dc docs: Update TASKS and CHEATSHEET for new STATUS fields, SCANRATE/PROBERATE 
Add csi_count, uptime_s, WiFi reconnect, SCANRATE, PROBERATE to completed
items. Document ESP32 promiscuous mode limitation (breaks CSI).
2026-02-04 19:58:36 +01:00

104 lines
4.4 KiB
Markdown
Raw Blame History

# ESP32 Hacking Tasks
**Last Updated:** 2026-02-04
## Current Sprint: v1.1 - Passive Sensing & Multi-Sensor
### P2 - Normal
- [ ] Multi-sensor BLE correlation in esp-ctl (zone tracking)
- [ ] Test OTA rollback (flash bad firmware, verify auto-revert)
### P3 - Low
- [ ] Document esp-crab dual-antenna capabilities
- [ ] Document esp-radar console features
- [ ] Pin mapping for ESP32-DevKitC V1
## Completed: v1.1
- [x] Sensor ID in data packets (hostname prefix on CSI_DATA, BLE_DATA, EVENT)
- [x] Deauth/disassoc frame detection (ALERT_DATA via promiscuous mode)
- [x] Chip temperature reporting in STATUS reply
- [x] BLE alerting (`esp-ctl ble --known`, alert on unknown MACs)
- [x] BLE dwell time tracking (dwell column in `--track` summary)
- [x] Timestamped event logging (`esp-ctl listen --timestamp`)
- [x] Alert filter in esp-ctl (`listen -f alert`)
- [x] Runtime HOSTNAME command (NVS persisted, mDNS updated)
- [x] WiFi probe request capture (PROBE_DATA via promiscuous mode, 10s dedup)
- [x] mDNS service advertisement (`_esp-csi._udp`)
- [x] mDNS sensor discovery (`esp-ctl discover`)
- [x] Probe filter in esp-ctl (`listen -f probe`)
- [x] OTA fleet to same firmware (ca526ef)
- [x] CSI packet counter in STATUS (`csi_count=`)
- [x] Raw uptime in STATUS (`uptime_s=`)
- [x] WiFi reconnect EVENT emission
- [x] SCANRATE command (BLE scan interval tuning, 5-300s)
- [x] PROBERATE command (probe dedup cooldown tuning, 1-300s)
- [x] Fix: promiscuous mode disables CSI on original ESP32 — guarded with `#if`
## Completed: v0.5 - BLE Scanning
- [x] Enable Bluetooth alongside WiFi (NimBLE, BLE ON/OFF command)
- [x] Periodic BLE advertisement scanning
- [x] Report device MAC, RSSI, name via UDP
- [x] Pi-side BLE device tracking (`esp-ctl ble --track`)
- [x] PROFILE command (heap, stack watermarks, CPU runtime stats)
- [x] TARGET command (runtime UDP destination config)
## Completed: v0.4 - Adaptive Sampling
- [x] On-device CSI wander calculation (coefficient of variation)
- [x] Adaptive rate: 10 pkt/s idle (3s holdoff) → 100 pkt/s on motion
- [x] EVENT notification to Pi on rate change
- [x] ADAPTIVE ON/OFF command (NVS persisted)
- [x] THRESHOLD command for tuning sensitivity (NVS persisted)
- [x] RATE command disables adaptive mode
- [x] adaptive/motion fields in STATUS reply
- [x] OTA deployed and verified on amber-maple
## Completed: v0.3 - OTA Updates
- [x] Dual OTA partition table (`partitions.csv`)
- [x] 4MB flash, custom partitions, rollback in sdkconfig.defaults
- [x] Firmware: OTA command, ota_task, LED_OTA, rollback validation
- [x] Firmware: version in STATUS reply
- [x] Pi-side `esp-ota` tool (HTTP server + OTA orchestration)
- [x] `esp-fleet ota` subcommand (sequential fleet update)
- [x] Build and USB-flash amber-maple (partition table change)
- [x] End-to-end OTA test verified
- [x] Regenerate sdkconfig.sample
- [x] Update CHEATSHEET.md, USAGE.md
## Completed: v0.2 - Remote Management
- [x] Firmware: UDP command listener (port 5501)
- [x] Firmware: LED status indicator (GPIO2)
- [x] Firmware: NVS config persistence (rate, tx_power)
- [x] Firmware: REBOOT, IDENTIFY, STATUS commands
- [x] Firmware: RATE command (10-100 Hz, restarts ping)
- [x] Firmware: POWER command (2-20 dBm)
- [x] Pi-side: `esp-cmd` CLI tool
- [x] Pi-side: `esp-fleet` fleet management tool
- [x] mDNS hostname, watchdog, human-readable uptime
## Completed: v0.1 - Documentation
- [x] Copy firmware sources to project
- [x] Document current firmware and settings
- [x] Document build & flash workflow
- [x] Create .gitignore for build artifacts
- [x] Test building firmware from this repo
- [x] Document CSI config options
## Notes
- Adaptive threshold varies by environment; 0.001-0.01 is a good starting range
- NVS keys: `send_rate`, `tx_power`, `adaptive`, `threshold`, `ble_scan`, `target_ip`, `target_port`, `hostname`
- EVENT packets now include sensor hostname: `EVENT,<hostname>,motion=... rate=... wander=...`
- ALERT_DATA format: `ALERT_DATA,<hostname>,<deauth|disassoc>,<sender_mac>,<target_mac>,<rssi>`
- STATUS now includes `temp=`, `uptime_s=`, `csi_count=` fields
- PROBE_DATA format: `PROBE_DATA,<hostname>,<mac>,<rssi>,<ssid>`
- Probe requests deduped per MAC (default 10s cooldown, tunable via PROBERATE)
- mDNS service: `_esp-csi._udp` on data port (for sensor discovery)
- HOSTNAME command: `HOSTNAME <name>` sets NVS + mDNS, `HOSTNAME` queries current
- **ESP32 limitation:** Promiscuous mode (deauth/probe detection) disabled — breaks CSI. Works on ESP32-C6+.
Reference in New Issue View Git Blame Copy Permalink