• State Not Answered
  • Replies 12 replies
  • Subscribers 70 subscribers
  • Views 272 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 337310
Options

Coded PHY on BLE sniffer not working?

Emil Lenngren

I'm trying to use nordic's BLE sniffer on a nRF52833-DK. I have programmed it with the firmware "sniffer_nrf52833dk_nrf52833_4.1.1.hex".

I've then tried both the command "nrfutil ble-sniffer sniff --port /dev/ttyACM4 --coded" as well as "nrfutil ble-sniffer sniff --port /dev/ttyACM4 --coded --scan-follow-aux --scan-follow-aux-chain --scan-follow-aux-rsp" but I cannot see any Coded PHY advertising packets in the resulting Wireshark .pcap file. I only see a bunch of 1M advertisements from the surroundings. I have a few peripherals nearby that are advertising only on the Coded PHY and I can see them in the Android app nRF Connect and it says "LE Coded". Is there a known issue with the sniffer?

I'm using Ubuntu 24.04. FYI I had hoped to be able to use the sniffer plugin in Wireshark but that one doesn't work at all (nrf sniffer device does not show up) even though I've installed the plugin according to the instructions. So for now I'm using the sniffer on the command line.

Parents
  • 0

    Hi Emil,

    Could you let me know which nRF Sniffer version you are using ? 
    Also please let me know the wireshark version. 

    I'm not so familiar with the installation on Linux but could you try to do step 3 at section 2.2 in this document ? https://docs.nordicsemi.com/bundle/nrfutil_ble_sniffer_pdf/resource/nRF_Sniffer_BLE_UG_v4.0.0.pdf

    It's the best if you can run in it with Wireshark.  
    I assume you can capture BLE advertising packet at 1Mbps and only having trouble with CODED PHY ? 

  • 0 in reply to Hung Bui

    Sniffer version is 4.1.1. "nrfutil ble-sniffer" version is 0.14.1.

    Python version is 3.12.3.

    Wireshark version is whatever comes with Ubunut 24.04, i.e. 4.2.2.

    I managed to get the Wireshark plugin working by running "/usr/bin/python3 -m pip install -r requirements.txt --break-system-packages" in the extcap folder. I don't know why the "break system packages" was necessary. The system package python3-pyserial does not exist.

    The coded phy options on the command line seem broken but it works with the settings in the Wireshark GUI. However, whenever I press the stop button I get a popup with this error:

    Error from extcap pipe: /home/emil/.local/lib/wireshark/extcap/nrf_sniffer_ble.py:187: SyntaxWarning: invalid escape sequence '\s'
  "{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}" % CTRL_ARG_ADVHOP)
/home/emil/.local/lib/wireshark/extcap/nrf_sniffer_ble.py:716: SyntaxWarning: invalid escape sequence '\s'
  m = re.search("^\s*rssi\s*(>=?)\s*(-?[0-9]+)\s*$", capture_filter, re.IGNORECASE)

Reply
  • 0 in reply to Hung Bui

    Sniffer version is 4.1.1. "nrfutil ble-sniffer" version is 0.14.1.

    Python version is 3.12.3.

    Wireshark version is whatever comes with Ubunut 24.04, i.e. 4.2.2.

    I managed to get the Wireshark plugin working by running "/usr/bin/python3 -m pip install -r requirements.txt --break-system-packages" in the extcap folder. I don't know why the "break system packages" was necessary. The system package python3-pyserial does not exist.

    The coded phy options on the command line seem broken but it works with the settings in the Wireshark GUI. However, whenever I press the stop button I get a popup with this error:

    Error from extcap pipe: /home/emil/.local/lib/wireshark/extcap/nrf_sniffer_ble.py:187: SyntaxWarning: invalid escape sequence '\s'
  "{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}" % CTRL_ARG_ADVHOP)
/home/emil/.local/lib/wireshark/extcap/nrf_sniffer_ble.py:716: SyntaxWarning: invalid escape sequence '\s'
  m = re.search("^\s*rssi\s*(>=?)\s*(-?[0-9]+)\s*$", capture_filter, re.IGNORECASE)

Children
Related