Beware that this post is related to an SDK in maintenance mode
More Info: Consider nRF Connect SDK for new designs
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Sniffer on OSX - revisited

It looks like the last discussion of Sniffer on Devzone was 2-3 yrs ago.

I’ve ordered the nRF Dongle and will download the Windows-based nRF Sniffer app.

i can run this with WireShark on a Windows VM on my Mac, though I would like a Mac OSX option.

- Any news on that front?

- Any way the Bluetooth hardware built into the MacBook could serve a Mac Sniffer app?

thanks!

Parents
  • Hello David,

    Please check out the nRF SnifferV2. (download link)

     

    snippet from the documentation:

     

  • OK, not working ...yet

    on Mac OSX 10.13.3, using the DK52 (PCA10040)

    I've followed the nRF_Sniffer_User_Guide_v2.1.pdf:

    1. Downloaded and installed WireShark Ver 2.5.0
                [edit Mar 21st: in my original post, I said pyserial V2.5.0.
                 I have since downgraded to 2.4.5 with no improvement]
    2. Downloaded and installed Python such that "Python --version"  reports "Python 2.7.14"
    3. Installed pyserial 3.4 from https://github.com/pyserial/pyserial 
                 [edit Mar 20th: in my original post, I said pyserial V2.7.  It was indeed the required v3.4]
      As instructed there, I simply used "pip install pyserial" in terminal with no apparent errors.
    4. Downloaded the sniffer software Version 2.0.0-b1 to the Mac from Nordic.  I've played with the location a bit to find the files.
      1. I copied the contents of the sniffer's /extcap directory to Applications/WireShark.app/Contents/MacOS/extcap.  This is the directory reported as the Extcap path in WireShark/About Wireshark
    5. Installed the 6.16c Segger JLink (part of the sniffer download)
      1. Mac Finder now shows a /JLink_V616c folder under Applications/Segger
      2. I removed two other newer versions in the Segger directory by dragging their folders from Finder to the trash
    6. I verified the permissions on nrf_sniffer.py 
      1. ls -l nrf_sniffer.py
        returns 
        -rwxr-xr-x@ 1 davidelvig  admin  20294 Dec 31  1979 nrf_sniffer.py

    7. In Terminal, I launched jlinkexe, then followed these steps
      1. Erase (specifying NRF52832_XXAA, S) SWD, Speed>1000
        --> success ("Erasing done.")
      2. loadfile sniffer_pca10040_51296aa.hex
        -->success ("O.K")
      3. r (reset appears successful)

        Reset delay: 0 ms
        Reset type NORMAL: Resets core & peripherals via SYSRESETREQ & VECTRESET bit.
        Setting AIRCR.SYSRESETREQ

      4. g <enter>... J-Link> prompt returns
        on the PCA10040:
        the power LED is on,
        LED1 is off
        LED3 is blinking variably and slowly
        LED 3&4 are on
    8. I turned on an advertising BLE device (FreeDrum... using an nRF chip, I think), and the LED3 switches to fast consistent blinking (and reverts to slow variable blinking when I turn off the FreeDrum)

    Launching Wireshark does not show an nRF device :

    WireShark Screen

    As Troubleshooting steps, I did the following:

    1. I unplugged, replugged, rebooted, etc.
    2. In the extcap folder in Terminal, I ran python nrf_sniffer.py --extcap-interfaces
      returning
      1. Davids-MacBook-Pro-2:extcap davidelvig$ python nrf_sniffer.py --extcap-interfaces
        extcap {version=2.0.0}{display=nRF Sniffer}{help=http://www.nordicsemi.com/eng/Products/Bluetooth-low-energy/nRF-Sniffer#Downloads}
        interface {value=/dev/cu.usbmodem1431}{display=nRF Sniffer}
        control {number=0}{type=selector}{display=Device}{tooltip=Device list}
        control {number=1}{type=string}{display=Passkey / OOB key}{tooltip=6 digit temporary key or 16 byte Out-of-band (OOB) key in hexadecimal starting with '0x', big endian format. If the entered key is shorter than 16 bytes, it will be zero-padded in front'}{validation=\b^(([0-9]{6})|(0x[0-9a-fA-F]{1,32}))$\b}
        control {number=2}{type=string}{display=Adv Hop}{default=37,38,39}{tooltip=Advertising channel hop sequence. Change the order in which the siffer switches advertising channels. Valid channels are 37, 38 and 39 separated by comma.}{validation=^\s*((37|38|39)\s*,\s*){0,2}(37|38|39){1}\s*$}{required=true}
        control {number=3}{type=button}{role=help}{display=Help}{tooltip=Access user guide (launches browser)}
        control {number=4}{type=button}{role=restore}{display=Defaults}{tooltip=Resets the user interface and clears the log file}
        control {number=5}{type=button}{role=logger}{display=Log}{tooltip=Log per interface}
        value {control=0}{value= }{display=All advertising devices}{default=true}
      2. I see an entry for {display=nRF Sniffer}
    3. I checked the nrf_sniffer.py file mode in step 6 above
    4. in jlinkexe I typed:
      "exec invalidatefw" and followed the other steps (to exit jlinkexe, restart it watch it re-update.)
    5. In WireShark\Preferences\Capture, the Default Interface dropdown includes the same list as in the above graphic, with no nRF entry

    The nRF Dongle arrives today, and I may run the process with that to see if it works where the DK did not.

    ... WAIT... it just arrived.

    Flashed the nRF51 Dongle with sniffer_pca10031_51296aa.hex after choosing nRF51422_xxac as the DEVICE.

    No difference:

    • There is still no nFR Sniffer in the WireShark Interface list.
    • The dongle's purple/green LED has the same slow-flash then fast-flash as noted above for the DK when turning on the FreeDrum BLE advertiser.

    Any suggestions?

    I would be open any time Friday (except 10:00 am US central time) for a screen share.

    Martin, I'll send you my cell number in a private message in the event you have the for that

  • I don't think Wireshark can find the interface. Note that it lists the `ciscodump`, `randpktdump`, `sshdump` and `udpdump` external capture interfaces but it's not showing the nRF Sniffer. The Nordic document does not specify the nRF Sniffer location for OS X. Section 2 of the document includes instructions "for Windows" but not for OS X.

    Maybe someone from Nordic can tell us where/how to install the sniffer python files?

  • Hello David,

    Sorry for the delay. Looking into your issue now.

    First thing first. You say:

    Installed pyserial 2.7

    Please double check that you have the versions mentioned in the documentation.

  • My typo.

    in Terminal, pip reports

    davidelvig$ pip list
    pip (9.0.1)
    pyserial (3.4)
    setuptools (28.8.0)

    So I have the specified version.  I'll edit my previous post.

  • That's good. Also I would like you to use Wireshark 2.4.x because that is known to be stable. (2.5 is for development use)

Reply Children
Related