This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Wireshark 2.4.3 cannot detect PCA10031 COM port interface

-Dear Nordic Devteam

Thanks for your endeavor for the nRF Sniffer 2. Although it is a beta version, this is sincerely anticipating.

To set up the Sniffer you will need one of the following kits:

nRF51 Development Kit (PCA10028) v1.0 or later and a micro USB cable

nRF51 Dongle (PCA10031)

nRF52 Development Kit (PCA10040) and a micro USB cable

I'm testing this with

  • nrf_sniffer_2.0.0-beta-1_51296aa

  • 64-bit Windows 10 PC

  • J-Link v6.22c

  • 64-bit Wireshark 2.4.3

  • PCA10031(v1.1.0, 2016.22, nRF51422 based dongle)

In my screenshot, due to the Korean language pack, you will see the WON sign instead of the backslash. That symbol doesn't affect anything and that currency sign is equivalent to the backslash character.

I followed the User Guide v2.0 and I used the sniffer_pca10031_51296aa.hex file for flashing.

The jlink.exe showed the O.K. message.

The Install firmware with SEGGER J-Link. step is done. My PC10031 dongle turns on the purple looking LED.

Open Wireshark. You should see “nRF Sniffer on xxxxx” as one of the interfaces.

Unfortunately, I do not see that.

Troubleshooting - The nRF sniffer is not listed in the Wireshark interface.

Check

See if the hardware has been enumerated on USB and the drivers are loaded

My dongle was connected; the Device Manager showsCOM6 port and that's my nRF dongle.

I connected only my dongle while doing this.

Check that the HEX file for the hardware has been flashed.

HexCheck

Although the jlink.exe showed the O.K. message, I didn't observe the SoftDevice for Region 0 using the nRFgo Studio. Looks like this doesn't use the SoftDevice.

When I use the nRFgo Studio, my PC10031 dongle turns on the purple looking LED as well.

So this step is passed.

For Windows: Run nrf_sniffer.bat --extcap-interfaces to list the interface

For OS X and Linux: Run nrf_sniffer.py --extcap-interfaces to list the interface.

I tried both methods. When executing nrf_sniffer.bat, I executed the bat file as a normal user and the admin, just in case.

PyCheck

The pyserial was installed so no errors were observed from the terminal.

However, I cannot see my nRF dongle interface from Wireshark.

///////////////////////////////////////////////

0.Compared to the manual,

View

I couldn't find the Interface Toolbars. Would this be the problem?

It would be a great help if you can elaborate why I don't have that Interface Toolbars menu.

  1. I placed the nRF Sniffer 2 file location correctly, didn't I?

JLinkDir

I placed all the files in the C:\Program Files\Wireshark\extcap directory.

2.What might have I missed to make that interface appear?

Or is the PCA10031's purple LED indicating some kind of error?

Hope to sniff packets with the new Sniffer in the future.

-Warm Regards (and Merry Christmas to everyone who reads this), MANGO

////////////// Added in 1/10/2018

Before

I compared my Wireshark Plugin paths referring Petter Myhre's picture.

Find and copy the nrf_sniffer__ ZIP file to the folder associated with “Extcap path”.

Unzip the ZIP's extcap content to the Wireshark Extcap path found in "About Wireshark” (shown here as C:\Program Files\Wireshark\extcap).

I followed the nRF Sniffer User Guide v2.0 and I comprehended that I have to unzip nrf_sniffer_2.0.0-beta-1_51296aa in C:\Program Files\Wireshark\extcap.

So the file directory was C:\Program Files\Wireshark\extcap\nrf_sniffer_2.0.0-beta-1_51296aa\extcap\nrf_sniffer.bat .

Whereas Petter's configured path was C:\Program Files\Wireshark\extcap\nrf_sniffer.bat.

Step

So I moved all the files, just like the above picture shows.

After moving files and executing the nrf_sniffer.bat, now I was able to see the Wireshark - View - Interface Toolbars - nRF Sniffer menu.

Click View>Interface Toolbars>nRF Sniffer to enable the Sniffer interface.

While reading the user guide, I felt like I was able to see that View - Interface Toolbars as a default option regardless of executing the nrf_sniffer.bat.

Since the guide didn't mention something like "After executing nrf_sniffer.bat or nrf_sniffer.py, the Interface Toolbars has to appear`", this made me confusing.

After

After changing files path, I can observe nrf_sniffer.bat in the Plugins menu.

NoPacket

Although I'm having this INFO: Packet read timed out. problem, I wish to discuss this in another thread later on.

The point is, where should the user unzip the nrf_sniffer_2.0.0-beta-1_51296aa.zip?

Let's clear things out and help other users.

  • Hi Mango,

    I do have the interface toolbar, but not the interface COM port...it is just blank. BR

  • Sorry to hear that, Bjarke. I sometimes cannot see COM ports from Wireshark, too.

    I observed that if your PCA10040 sniffs packets, LED2 will blink rapidly.

    This is my assumption; if you execute Wireshark 2 while PCA10040 is capturing packets, most of the time, Wireshark fails to find the COM port.

    This might sound funny, but can you turn all your Bluetooth devices so that your PCA10040 cannot capture packets?

    Now connect your PCA10040 to your computer. If your PCA10040 is not capturing packets, LED2 will not blink.

    After checking this, turn on Wireshark 2 and you might see COM x port.

    This is quite cumbersome, but give it a try, please.

    By the way, I posted a question that summarizes a problem similar to yours.

    If you keep an eye on it, maybe it will help you, too.

    -BR

  • Cannot get this to work properly with nRF52 DK running the sniffer_pca10040_51296aa.hex included with nRF Sniffer version 2 (beta) on Windows 7 64-bit:

    • nRF Sniffer 2.0.0-1.beta
    • Wireshark 2.4.3
    • Python 2.7.14
    • pyserial 3.4
    • nRFgo Studio 1.21.2
    • Segger J-Link 6.16c

    The Sniffer interface is available in Wireshark but only sometimes the nRF Sniffer COM6 (in my case) shows up but no traffic is ever captured.

    For example, I plug in the nRF52 DK and is enumerated as JLink CDC UART Port (COM6) in Device Manager. First time running C:\Program Files\Wireshark\extcap\nrf_sniffer.bat --extcap-interfaces shows “interface {value=COM6}{display=nRF Sniffer COM6}” as expected. But the interface disappears when running the command again right after. On the nRF52 DK LED2 is flashing when my peripheral is advertising so I assume the application is running ok. I have downgraded the hardware from J-Link 6.20b to 6.16c without any improvements.

    This explains why the interface is not always showing up in the Sniffer in Wireshark but what is causing this?

  • Please add a new question, and link to this one if relevant.

Related