 | 1 | initial version |
Wireshark seems to "ignore" the BLE LL frames in UDP payload
Wireshark has no way of knowing that they're BLE frames. It's not "ignoring" them, it's displaying them as raw data, because it doesn't know that they're BLE frames.
This cannot be changed without either changing the Wireshark source code or writing a Wireshark plugin.
My advisor says, I should look into Wireshark Remote Capture field
There are two ways to do remote capture with Wireshark.
The first is to use a Wireshark with a version of libpcap/WinPcap/Npcap that includes support for the rpcap remote capture protocol, and to write a server for the remote capture protocol that captures on the TI hardware, using that instead of the software that's sending the packets out as UDP. There's no good documentation on how to do this (the protocol was never documented, and I haven't finished my project of documenting it).
The second is to write an "extcap" program and add it to your Wireshark installation, with that program receiving the UDP packets and writing out a pcap or pcapng file with the pcap file header or the pcapng Interface Description Block having a link-layer header type value of 251 (LINKTYPE_BLUETOOTH_LE_LL, as per the link-layer header types list).
The extcap program would probably be the easiest way to do this.
