This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

wireshark 2.0.1 and nRFsniffer

Hello,

I Try to use nRFsniffer 1.0.1 on windows with Wireshark 2.0.1. Wireshark seems to crash at startup. (reported bug 12103 on wireshark bugzilla)

Please provide dll plugin for versions 2.0.x

Parents
  • Hello,

    Wireshark support for version 2.0.x is definitelly in progress. The latest devloppement build here already support the nordic_BLE metadata. The pluggin dissector that was needed for versions 1.10.x has been fully integrated into wireshark sources and is not needed anymore. This means any Wireshark version above 2.3.0 (at the day of this post we are at 2.1.1 only) will nativelly support nordic_ble metadata.

    For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.3.0 or more (note it will be simplified if Nordic does an update of it's nRFsniffer):

    • open the sniffer
    • open wireshark
    • go to capture->options->manage interfaces...->pipes
    • add \\.\pipe\wireshark_nordic_ble in the field
    • press OK and start the capture on this interface (for me I have to press several times for it to work)

    For the first time only you open Wireshark:

    • go to edit->preferences->protocols->DLT_USER
    • edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.

    Message for Nordic people: Please do an update to nRFsniffer so that the tool does not copy the dll anymore for Wireshark versions 2.3.0 and above. This is a realy easy update but will help a lot for long term support of BLE.

    Thank you to Wireshark people that have integrated the plugin and for theyr great job on this tool.

    info sources

    =====================================

    EDIT July 2017 => new release 2.4.0 of wireshark has easier procedure

    For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.4.0 or more (note it could be simplified if Nordic does an update of it's nRFsniffer):

    • open the sniffer
    • press w as explained in docuementation

    For the first time only you open Wireshark:

    • go to edit->preferences->protocols->DLT_USER
    • edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.
  • As of today the development version of Wireshark does ignore loading the copied nordic_ble.dll. This should remove the warnings from Wireshark when starting a capture.

Reply Children
No Data
Related