Hi,
We have implemented recently the BLE filter accept list based on this sample : https://github.com/zephyrproject-rtos/zephyr/blob/main/samples/bluetooth/peripheral_accept_list/src/main.c
We are using NCS 2.6.0, and a custom board based on nrf5340 device.
It seems to work pretty well, at least the BT_LE_ADV_OPT_FILTER_CONN functionality we could verify quite easily that it is not possible to connect to device not in the filter accept list.
On the other hand, the scan requests filtering doesn't seem to work consistently. I definitely see that it has an effect, I tested with Ellisys sniffer and just 2 phones (1 in filter accept list and the other not). If the device is advertising, I see that all scan requests from the accepted phone are answered, but sometimes (very randomly, can be once every 2 - 5 minutes), our nrf5340 based device still answers to scan requests from other peers not in the list.
That seems like a bug to me. I'm quite confused by comment of one of your developers here : nRF5340 BLE Filter scan required(whitelist) dose not working...
Hi,
Any central can still scan the peripheral when you use filter accept list. However, only devices in the filter list (previously called whitelist) are allowed to connect.
The only way you can prevent other centrals from scanning a peripheral is to use directed advertising, where you explicitly advertise specifically to a central. That is generally not recommended though, and for instance Apple writes this in the Accessory Design Guidelines for Apple Devices:
ADV_DIRECT_IND should not be used.
Also, note that a sniffer can still read the packets, it is just that the Bluetooth stacks of the central will filter out directed advertising packets that are intended for other devices. That said, if you really need this, then you can take a look at the Bluetooth: Direct Advertising sample.
I definitely see that using BT_LE_ADV_OPT_FILTER_SCAN_REQ has an effect, with the Ellisys logs I see that most Scan Requests from peers not on the list are left unanswered, but still some go through very rarely.
To me that sounds like a bug. I had a discussion on Discord on the nordic channel where Joakim Anderson (I assume he is a nordic employee) seems to agree with me that it looks like a bug. Example of a on occurrence : 
Here it represents the case where device answers to scan request of the non-allowed phone.
As our devices are designed to be used with iOS centrals, we cannot use directed advertisement so it would be wonderful if the scan request filtering worked reliably.
Any help would be much appreciated,
Best regards,
Jimmy
