I've been trying to get my 3650 working fully in linux and I've managed to make some progress.
I've managed to get a ppp connection over bluetooth via dund, and also have a fairly good dump of a windows sync in libpcap format (can be opened with ethereal, I can provide this to anyone who wants it). My windows sync was obtained by using a bluetooth capture program and then writing perl scripts to translate its output into a libpcap compatible format.
I'm hoping that someone here may recognize the protocols employed. I think plptools could be adapted to work with most newer nokia phones with some fairly minor tweaks or possibly another protocol layer.
fter using rfcomm to 'probe' the phone, it connects back. When the phone connects back to dund, it attempts to connect to port 3004 of the host returned for wsockhost.mrouter, which it then tries to tell about several ports if it can. It seems to function fine if it cannot connect. The phone then has a couple ports open:
Port 3000, which is based on the ECTCP protocol.
Port 3002, which is CONTPRO
Port 3003, which is BACKUPPRO
A number of connections are made to port 3000, which seem to be RFSV, SCRFS, ECBRDCST, epoccap, AGNDASVR, and gencserv. Some of these connect multiple times.
I managed to find a thread discussing these:
So, in the hopes of someone identifying this, here is part of my dump:
From computer to phone on port 3000:
00 00 00 00 52 50 43 53....RPCS
00 00 9d 00 44 f5 12 00 00 00 01 00 f4 f9 12 00 ....D...........
18 ee 90 7c f0 06 91 7c ff ff ff ff 06 00 00 00 ...|...|........
Phone to computer:
00 00 00 00 ....
Computer to phone:
01 00 00 00 64 ....d
After this a fairly large packet is sent (377 bytes), and things continue back and forth for a while.
If anyone is interested in figuring this out further or has more information, please let me know.