Error when launching wireshark (1.8.3) in nRF Sniffer

Wireshark 2.4.0 has better support it just require one manual configuration the first time you use it. (I think you shouldn't go with a version as old a 1.10.x)

For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.4.0 or more (note it could be simplified if Nordic does an update of it's nRFsniffer):

• open the sniffer
• press w as explained in docuementation

For the first time only you open Wireshark:

• go to edit->preferences->protocols->DLT_USER
• edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.

Wireshark 2.4.0 has better support it just require one manual configuration the first time you use it. (I think you shouldn't go with a version as old a 1.10.x)

For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.4.0 or more (note it could be simplified if Nordic does an update of it's nRFsniffer):

• open the sniffer
• press w as explained in docuementation

For the first time only you open Wireshark:

• go to edit->preferences->protocols->DLT_USER
• edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.

Thanks a lot Julien. You are right. Seems that the Nordic plugin can be nicely used using what you suggested.

In fact the "plugin" is not used in this case. Wireshark has integrated it as part of the tool a long time ago. However Nordic never made the necessary work to use it correctly and continues to recommend using completely out of date versions to keep compatibility.

I see, sorry I thought it was our plugin. The reason started few years back when the native BLE protocol parsing on Wireshark was not very good compare to our plugin and we then suggested customer to continue using our. From that time until now, unfortunately we don't have enough staff to follow and update the sniffer. From my impression seems that the current native BLE protocol in wireshark now have same information as in our plugin. Will try to test more.

I just had a look into wireshark sources. It seems that BLE has been more maintained in Wireshark than in your plugin (in 2017 even by a Nordic person) this is good . The reason why 1.14.x and more did not work was because Nordic plugin became incompatible after a Wireshark interface modification. I don't know how they corrected to not throw error on 2.4.0 as the tool still copy the plugin (that I suppose still incompatible). For the lack of resource to maintain the sniffer, all what you should do is remove the automatic dll plugin copy for newer versions of wireshark and update the doc to recommend 2.4.0 or more. (this should be less than a day if you didn't loss the sources of the tool). After that you will have nothing to maintain as all bugs can be submitted to wireshark instead of Nordic.