• State Not Answered
  • Replies 8 replies
  • Subscribers 66 subscribers
  • Views 443 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 327555
Options

nrfSniffer only works one time at Wireshark startup

kw_martin

I have the software installed and I am using the nRF52840DK with Ubuntu 22.04. The uart link is /dev/ttyACM0

When I start wireshark and do a capture on all advertising channels, it works fine. However, when I stop the capture and then try to restart a second capture, I get no Packets found.

If I stop wireshark and restart, again I can do one but only one capture; this is repeatable.

Before starting a second capture I have done a >lsof /dev/ttyACM0 in case it was still open and locked, but this command came back with nothing. I have also started to try some of the straight python examples from the doc ble-sniffer subdirectory, and so far these seem to work as expected. However, it would be nice to get wireshark usable. Any suggestions? 

  • 0 in reply to JONATHAN LL

    VERSION_STRING = "4.1.1"

    and copied from nrf_sniffer_ble.sh (last line of bash script):

    exec $py3 $script_path/nrf_sniffer_ble.py "$@"

    All software was downloaded in the last 4 weeks from scratch.

    On a related note: copying example_linux.py from doc to .config/wireshark/extcap and running the first time gives:

    ```> python example_linux.py
    Just ran usercustomize, path: ['/home/Dropbox/programming/Python/lib/', '/usr/lib/python310.zip', '/usr/lib/python3.10', '/usr/lib/python3.10/lib-dynload', '/home/martin/.local/lib/python3.10/site-packages', '/usr/local/lib/python3.10/dist-packages', '/usr/lib/python3/dist-packages']


    ***** open_ports:
    [<serial.tools.list_ports_linux.SysFS object at 0x7bdb055f48b0>]
    Opening serial port /dev/ttyACM0
    closing UART
    Opening serial port /dev/ttyACM0
    args: ()
    kwargs: {'callbacks': [('*', <bound method Notifier.passOnNotification of <Sniffer(Thread-3, initial)>>)]}
    board ID: 0
    starting scan```

    This leaves behind the lock file, but the process of the pid of the lock file doesn't exist. Running a second time gives:

    ```

    > python example_linux.py
    Just ran usercustomize, path: ['/home/Dropbox/programming/Python/lib/', '/usr/lib/python310.zip', '/usr/lib/python3.10', '/usr/lib/python3.10/lib-dynload', '/home/martin/.local/lib/python3.10/site-packages', '/usr/local/lib/python3.10/dist-packages', '/usr/lib/python3/dist-packages']


    ***** open_ports:
    [<serial.tools.list_ports_linux.SysFS object at 0x7749c5a7c8b0>]
    Opening serial port /dev/ttyACM0
    Lockfile is stale. Overriding it..
    closing UART
    Opening serial port /dev/ttyACM0
    args: ()
    kwargs: {'callbacks': [('*', <bound method Notifier.passOnNotification of <Sniffer(Thread-3, initial)>>)]}
    board ID: 0
    starting scan```

    Note the "Lockfile is stale" which is from lines 48-49 of FileLock.py

    ``` logging.info("Lockfile is stale. Overriding it..")
    os.remove(lockfile)```

    Finally, line 96 of Devices.py ```if dev.name in [id, '"'+id+'"']:``` doesn't work if device.name has trailing  nulls which is the case for some commercial peripherals. Better would be ```if id in dev.name:```

    Summary: the most recent version of the SnifferAPI is not handling the lock files properly and has some edge cases where it doesn't work.

     

  • 0 in reply to kw_martin

    Thanks for all the details, forwarding this to our developer so that we can try to have this fixed

  • 0 in reply to JONATHAN LL

    There is something else you could try in the mean time, the nRFUtil tool does use a has a ble-sniffer bootstrap and uses a different extcap. Might be worth a try. 

    https://github.com/NordicSemiconductor/nrfutil-package-index/tree/master/nr/fu 

Related