nRF Sniffer support for Wireshark v2.0.3

Agree. We will do so.

What has been issued for 1.10.x, or do you mean 'problems'? If you mean that 1.12.x has problems in the dissection what are they?

I'm using 1.12.x right now with nRF51-DK and sniffer 1.0.1 on Windows 10 AMD64, but have not seen problems. Since I haven't done too much experimentation, it may be that there are problems I haven't seen yet, so that's why I'm asking.

1.12.x has dissection problems and they are quite subtle, like messed up channel maps, changes in direction of the packets, not easy to detect and can be a wild goose chase. Use 1.10.x only.

Thanks, that really helps to know. I guess I'll have to change my workflow from using Wireshark 1.12.x to 1.10.x (currently at 1.10.14.)

Hello I'm a bit late but please find here my question for the same problem

Latest update from wireshark is that they have integrated support for the sniffer. Wireshark bug12103 I tried it but doens't work for the moment. I hope the best and will keep you updated.

If this integration works correctly, the update of nrfSniffer would be easy (no more dll to copy for wireshark v2.0.?6+?) and direct support.

EDIT

Hello,

Wireshark support for version 2.0.x is definitelly in progress. The latest devloppement build here already support the nordic_BLE metadata. The pluggin dissector that was needed for versions 1.10.x has been fully integrated into wireshark sources and is not needed anymore. This means any Wireshark version above 2.3.0 (at the day of this post we are at 2.1.1 only) will nativelly support nordic_ble metadata.

For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.3.0 or more (note it will be simplified if Nordic does an update of it's nRFsniffer):

• open the sniffer
• open wireshark
• go to capture->options->manage interfaces...->pipes
• add \\.\pipe\wireshark_nordic_ble in the field
• press OK and start the capture on this interface (for me I have to press several times for it to work)

For the first time only you open Wireshark:

• go to edit->preferences->protocols->DLT_USER
• edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.

Message for Nordic people: Please do an update to nRFsniffer so that the tool does not copy the dll anymore for Wireshark versions 2.3.0 and above. This is a realy easy update but will help a lot for long term support of BLE.

Thank you to Wireshark people that have integrated the plugin and for theyr great job on this tool.

info sources

EDIT 2 : July 2017##

Wireshark 2.4.0 has better support it just require one manual configuration the first time you use it. (I think you shouldn't go with a version as old a 1.10.x)

For the "simple user" with NRFsniffer1.0.1 here is a basic help on how to use wireshark 2.4.0 or more (note it could be simplified if Nordic does an update of it's nRFsniffer):

• open the sniffer
• press w as explained in docuementation

For the first time only you open Wireshark:

• go to edit->preferences->protocols->DLT_USER
• edit the encapsulation table and add "user10 (DLT=157)" with "nordic_ble" in payload protocol field.