• State Verified Answer
  • Replies 10 replies
  • Subscribers 73 subscribers
  • Views 9896 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 123526
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How do I filter empty pdu in wireshark?

Mitch996

Hi, I'm new to wireshark, and I want to filter all those empty pdus, they make it really hard for me to find the useful packets.

I tried btle.lendgth != 0, but got an error message telling me that neither length nor 0 are fields or protocol names.

Is there any other way to do this? I tried googling but with no luck.

Parents
  • 0

    One solution is to run with newest version of wireshark. You will have no more plugin problem as is is integrated into default dissector.

    Wireshark 2.4.0 is last release today and it just require one manual configuration the first time you use it.

    For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.4.0 or more (note it could be simplified if Nordic does an update of it's nRFsniffer):

    • open the sniffer
    • press w as explained in docuementation

    For the first time only you open Wireshark:

    • go to edit->preferences->protocols->DLT_USER
    • edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.

    With this, btle.length > 0 should work fine

Reply
  • 0

    One solution is to run with newest version of wireshark. You will have no more plugin problem as is is integrated into default dissector.

    Wireshark 2.4.0 is last release today and it just require one manual configuration the first time you use it.

    For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.4.0 or more (note it could be simplified if Nordic does an update of it's nRFsniffer):

    • open the sniffer
    • press w as explained in docuementation

    For the first time only you open Wireshark:

    • go to edit->preferences->protocols->DLT_USER
    • edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.

    With this, btle.length > 0 should work fine

Children
No Data
Related
Terms of service