I'm working on a test setup for Bluetooth (classic not BLE). One of the cases I'm studying is when Adaptive Frequency Hopping (AFH) is not functional, i.e. the BT keeps on hoping on the 79 available channels regardless of the present interference if any. AFH is supposed to be turned off using the command:
hciconfig hci0 afhmode 0
This command successfully sets the status of AFH mode to "Disabled" when queried by hciconfig but here's where my problem appears: the LMP_set_AFH message that is transmitted during the link setup phase has the AFH_mode PDU set to "enabled" even though I disabled it prior to the link setup start. I need this message to contain AFH_mode PDU "disabled" according to the standard.
My question is the following: Is there any way to gain control over the LMP part of the protocol stack? I believe that the solution to my problem lies there. I'm open for whatever tool, programming language, ... etc that can help me do this.