Posted 2017-12-15 07:30:51 +0100

blogs->all

One minute to understand BLE advertising data package

    No tags

Note: only registered user could see all pictures by log in. One minute to understand BLE advertising data package BLE =》 BTLE (Bluetooth Low Energy)

  1. How to capture BLE advertising data (full channel at 37,38,39 simutanueously)
    • Hardware:One BLE device (has feature of advertising);
      One HOLLONG BLE SNIFFER
      
    • Software:Hollong BLE sniffer software Download:

http://www.viewtool.com/index.ph ... 0option=com_content

  1. Profile BLE Advertising package introduction:
    • Payload data maximum length: 37 bytes
    • Advertising channels:37,38,39 (hopping)
    • Transmission power:usually 0dBm, Maximum 10dBm

In each section below, pay attention on blue color marked portion (the raw data captured) and related data interpret portion(data interpretation) image description

  1. Access Address It is fixed length (4 bytes) and fixed data (0x8e89bed6) used for master device access address identification.

image description

  1. Header Info Fixed 2 bytes:used by 16 bits BIT[0:3]:Advertising package(PDUs) type,there are following PDU Types:

     PDU Type
     b3b2b1b0 Packet Name
     0000 ADV_IND: connectable undirected advertising event
     0001 ADV_DIRECT_IND:connectable directed advertising event
     0010 ADV_NONCONN_IND:non-connectable undirected advertising event
     0011 SCAN_REQ:scan request
     0100 SCAN_RSP: scan response
     0101 CONNECT_REQ:connection request
     0110 ADV_SCAN_IND:scannable undirected advertising event
     0111-1111 Reserved
    

BIT[4:5]:Reserved BIT[6]:RxAdd BIT[7]:TxAdd BIT[8:13]:advertising data length (Maximum 37 bytes) BIT[14:15]:Reserved

image description

  1. MAC Address Fixed 6 bytes image description
  1. Advertising data:flag field 02 01 06 02:field length 2 bytes   01: as flag 06:BIT1,BIT2 = 1, based on definition below, interept as:    * LE General Discoverable Mode
    • BR/EDR Not Supported (i.e. bit 37 of LMP Extended Feature bits Page 0)

0 LE Limited Discoverable Mode 1 LE General Discoverable Mode 2 BR/EDR Not Supported (i.e. bit 37 of LMP Extended Feature bits Page 0) 3 Simultaneous LE and BR/EDR to Same Device Capa- ble (Controller) (i.e. bit 49 of LMP Extended Feature bits Page 0) 4 Simultaneous LE and BR/EDR to Same Device Capa- ble (Host) (i.e. bit 66 of LMP Extended Feature bits Page 1) 5..7 Reserved

image description

  1. Service tag field 03 03 02 18 03:field length 2 bytes   03: service tag field 02 18:=》18 02 => Immediate Alert Service

image description

  1. Device name field 0e 09 45 .... 6d 65 0e: field length 14 bytes 09:device name field 45,。。。6d 65: device name (ASCII)

image description

  1. CRC: Fixed 3 bytes image description

Get complete Hollong BLE Sniffer captured data file:

Get advertising data format specification:

0 comments

Sign in to comment.

User menu

    or sign up

Recent questions

Related posts by tag

No results