• State Not Answered
  • Replies 14 replies
  • Subscribers 63 subscribers
  • Views 451 views
  • Users 0 members are here
Attachments (2) Download All
Nordic Case Info
  • Case ID: 323832
Options

nRF52840 dongle as a BLE sniffer in Wireshark

Mindu

Hi,

I've been following the steps indicated by the "nRF_Sniffer_BLE_UG_v4.1.x" document in order to set up my nRF52840 dongle as a BLE sniffer for Wireshark. Unfortunately, I've not achieved my goal despite a great number of tries. Following some more information I'd like to share:

1) Wireshark version: 4.2.3 (v4.2.3-0-ga15d7331476c).

2) Python version: v3.10.9 as shown below.

3) nRF Programmer v4.3.0 to flash the "sniffer_nrf52840dongle_nrf52840_4.1.1.hex" firmware in my dongle. Suceed.

4) A picture of the output after the execution of: 

nrf_sniffer_ble.bat --extcap-interfaces
 

It seems everything is working as expected!

5) Regrettably, when I launch Wireshark, the nRF Sniffer is not included in the Capture list.

I'd like to remark that after executing what is pointed out in step 4, LED1 of the dongle starts blinking really fast in a no periodic way. if I pull the dongle out and reconnect it again to the USB connector, LED1 doesn't blink never again. It doesn't matter if I close Wireshark and restart it.

I don't know what the problem is. Any idea?

Thank you in advance.

  • 0

    Hello,

    It sounds to me like everything actually is set up correctly - especially so since the dongle lights up when you open wireshark, which means that wireshark has opened communication with it.
    Could it possibly be that the scrollbar of the 'capture devices' menu is just not showing, and that the sniffer is located below what is visible in the GUI?
    Please try to scroll downwards in the capture devices menu, just in case. I have occasionally heard of other customers experiencing a missing scrollbar on the home page of wireshark.
    Alternatively, could you try to press ctrl + K, and see what shows up as input options?

    Lastly, could you try to update wireshark to the latest version, or reinstall wireshark completely?

    Best regards,
    Karl

  • 0 in reply to Karl Ylvisaker

    Hello Karl,

    Thanks for your quick answer. I would like to clarify that the dongle doesn't light up when I open Wireshark. It starts blinking when I execute "nrf_sniffer_ble.bat --extcap-interfaces" in the command line. No matter if Wireshark is opened or not. That's the only weird issue I've noticed. Then, if I pull it out and put it into the USB connector again, the light no longer blinks. No matter if I open Wireshark afterwards. The light remains off.

    I've checked the GUI, and pressed ctrl + K but the dongle is missing in the list.

    It's installed the last stable release of Wireshark for Windows (v4.2.3) yet. I've reinstalled it twice for nothing changes. The same behaviour is shown.

  • 0 in reply to Mindu

    Hello,

    Thank you for clarifying.

    It sounds to me like the issue here is wireshark's detection of the sniffer device, which could be because it is not found by wireshark at startup (since the sniffer itself it confirmed to work).
    Could you confirm that you have performed all the necessary steps to add a profile for the nRF Sniffer in Wireshark as described here?

    Best regards,
    Karl

  • 0 in reply to Karl Ylvisaker

    Hello Karl,

    It sounds to me like the issue here is wireshark's detection of the sniffer device

    I suspect it also.

    I confirm I've performed all the steps for adding the nRF Sniffer profile as required in the documentation. Below, some pictures of the status of my folders and the front-end of Wireshark.

    1) Status of my folders

    2) Front-end of Wireshark. It seems that the folder has been detected.

  • 0

    Hi

    Karl is out of office, so I'll be taking over this case in the meantime. Just to confirm, have you added the Sniffer API in the Wireshark extcap folder?

    It seems you're missing the API bar at the top of Wireshark on your end as well:

    Please see the steps here to add the interface to Wireshark: https://infocenter.nordicsemi.com/topic/ug_sniffer_ble/UG/sniffer_ble/installing_sniffer_plugin.html 

    Best regards,

    Simon

Related