• State Not Answered
  • Replies 20 replies
  • Subscribers 63 subscribers
  • Views 8966 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 129813
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Wireshark 2.4.3 & Sniffer 2.0 Beta - Minor issues

MANGO

Hi, I'm testing

  • nrf_sniffer_2.0.0-beta-1_51296aa

  • 64-bit Windows 10 PC

  • J-Link v6.16c

  • 64-bit Wireshark 2.4.3

  • PCA10031(v1.1.0, 2016.22, nRF51422 based dongle)

  • PCA10040 (flashed as NUS example to generate packets)

/////////////////////////////

- The good scenario

Dongle

The LED LD1 shows the status of the dongle.

I observed that if the LD1 indicates purple only, Wireshark can detect the COMx interface.

Working

After I select COM6, LD1 starts to blink like this. A white color was added periodically.

Looks like this indicates that the dongle is capturing packets.

Blinking

So I can sniff packets with the dongle.

- Close Wireshark 2 and rerunning it

When LD1 was blinking, Wireshark 2 captured packets. I closed and reopened Wireshark 2.

NoInterface

Sadly, Wireshark cannot detect COM6 unless I plug the dongle out and connect it back.

- ETC: Timed out message

Log

I connected my dongle and the PCA10040 which is flashed with the NUS (Nordic UART Service) example.

My iPhone was able to detect the PCA10040's advertisement.

Whereas Wireshark sometimes shows the above log message; Packet read timed out.

The dongle couldn't sniff anything when this message appears.

- ETC: Error by extcap pipe

ErrorMSG

or

Exception2

NoPackets

When LD1 is white, Wireshark 2 cannot detect COMx interface.

However, in some cases, it detects COMx interface. When I start sniffing it, the above Python error is thrown.

Added 1/31 : After connection, Wireshark 2 doesn't capture discovery/characteristic packets

GIFDemo

I flashed the modified BLE UART example; if the central sends data, the nRF52 echoes back.

CaptureExample

I connected the Dongle at the USB hub to show this demo; the result was same if I connect the dongle at the back of my desktop directly.

After pairing, Wireshark 2 doesn't update captured packets anymore.

However, after disconnecting both devices, the ADV packets are captured.

//////////////////

In short

1.Do I always have to turn off and on the dongle before running Wireshark 2?

Without this off/on process, Wireshark 2 fails to find the COMx interface, regardless when the PCA10040 (COM5) was disconnected.

2.Is there a reason for observing the timed out message?

3.Although I have connected the dongle to the DELL' monitor's USB hub, is the hub a reason for creating that Python exception?

I wish to know the reason for this problem, too.

-Regards, MANGO

  • 0 in reply to SRA

    Thanks it worked I now see the interface toolbar, and selected the sniffer, see my answer here, which includes answers to most of the issues here: devzone.nordicsemi.com/.../ However I still do not see the characteristics, mostly get MIC or decryption errors when I am sniffing, even though I sniffed pairing OK.

  • 0 in reply to SRA

    I tried again, same issues. Maybe works 10% of the time with the 51-Dongle, never with the 52. When it works it doesn't show any logging if the packet has to do with characteristics.

  • 0

    I would not call these minor issues... nRF52 is not recognized at all by Wireshark.
    There is no new Wireshark menu, and the interface does not show on the interface list , even though this works:

    c:\Program Files (x86)\Wireshark\extcap>nrf_sniffer.bat --extcap-interfaces

    extcap {version=2.0.0}{display=nRF Sniffer}{help=www.nordicsemi.com/.../nRF-Sniffer interface {value=COM6}{display=nRF Sniffer COM6} control {number=0}{type=selector}{display=Device}{tooltip=Device list} control {number=1}{type=string}{display=Passkey / OOB key}{tooltip=6 digit temporary key or 16 byte Out-of-band (OOB) key in hexadecimal starting with '0x', big endian format. If the entered key is shorter than 16 bytes, it will be zero-padded in front'}{validation=\b^(([0-9]{6})|(0x[0-9a-fA-F]{1,32}))$\b} control {number=2}{type=string}{display=Adv Hop}{default=37,38,39}{tooltip=Advertising channel hop sequence. Change the order in which the siffer switches advertising channels. Valid channels are 37, 38 and 39 separated by comma.}{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true} control {number=3}{type=button}{role=help}{display=Help}{tooltip=Access user guide (launches browser)} control {number=4}{type=button}{role=restore}{display=Defaults}{tooltip=Resets the user interface and clears the log file} control {number=5}{type=button}{role=logger}{display=Log}{tooltip=Log per interface} value {control=0}{value= }{display=All advertising devices}{default=true}

  • 0 in reply to Panometric

    The new entry in Wireshark does work, your python or pyserial isn’t right if that isn’t showing.

    But in my experience that still won’t make the nrf52dk work as a sniffer so it doesn’t really matter.

  • 0 in reply to SRA

    Segger 6.16c is the only segger software supported with the Wireshark beta 1. You will need to downgrade the segger firmware on the jlink emulator, follow the troubleshooting guide to downgrade to segger jlink 6.16c.

Related