Here is a small guide on how to build Wireshark with a BLE plugin under linux, with a small example on using this plugin with the Nordic Sniffer API.
Download the Sniffer API and firmware here: nRF Sniffer
Inside the zip-file you will find another zip-file called SnifferAPI.zip. Unzip the content of this file to your workspace. These are the files you need. The "Sniffer API" folder contains the python API, and the "wireshark_dissector_source" folder contains the plugin source.
sudo apt-get install build-essential automake autoconf libgtk2.0-dev libglib2.0-dev libpcap0.8-dev flex bison
Also check out the Wireshark wiki: https://wiki.wireshark.org/Development
$ mv plugins/nordic_ble/Custom.m4-1.12.0 plugins/Custom.m4 $ mv plugins/nordic_ble/Custom.make-1.12.0 plugins/Custom.make $ mv plugins/nordic_ble/Custom.nmake-1.12.0 plugins/Custom.nmake
$ ./autogen.sh $ ./configure $ make
Flash the chip with the firmware included in the "Firmware" folder in the Sniffer API zip file you downloaded (ble-sniffer_nRF51822_1.0.1_1111_Sniffer.hex), using JLinkExe or preferred tool. No need to flash softdevice first.
pip install pyserial
In the example script under
def setup() you can set the UART port for the nRF USB dongle. In Ubuntu it should enumerate under "/dev/ttyACM0". Check to see if this is the case:
ls -l /dev/ttyACM0
Also set the address of the device you want to sniff (
Run the example script:
sudo python linux_example.py
(You might need to run as sudo to access the UART port)
If the device is found, run Wireshark (from the Wireshark root folder) using:
./wireshark -Y btle -k -i /home/username/snifferAPI_directory/SnifferAPIBuild/logs/nordic_ble.pipe
(This command will also be output from the script when the sniffer successfully finds the device. So you can copy/paste it to get the right path for the nordic_ble.pipe file)
Wireshark should start to show the packets now.