Ask Your Question
0

Bluetooth traffic not seen by Wireshark on Windows

asked 2021-01-05 20:54:07 +0000

dandreye gravatar image

updated 2021-01-06 08:25:15 +0000

grahamb gravatar image

Hi All,

Are there any known issues capturing Bluetooth traffic with Wireshark? My system is Lenovo ThinkPad X1 Gen6 running W10x64 build 10.0.18363.1256 with Bluetooth v4.2 provided by Intel Dual Band Wireless-AC 8265 combo WiFi+BT card (specs here: https://ark.intel.com/content/www/us/...) and Wireshark 3.4.0 captures no Bluetooth traffic on it whatsoever while there's plenty. Just tried upgrading to 3.4.2 build with the details below and still no difference. In the very first Wireshark screen that opens upon launch Bluetooth is among several other interfaces showing no traffic (straight line) - only WiFi and Loopback interfaces do show some. Are there any peculiarities to make Bluetooth traffic capturing work?

Many thanks in anticipation!

3.4.2 (v3.4.2-0-ga889cf1b1bf9)

Compiled (64-bit) with Qt 5.15.1, with libpcap, with GLib 2.52.3, with zlib
1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3
and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with
Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using
WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler).

Running on 64-bit Windows 10 (1909), build 18363, with Intel(R) Core(TM)
i7-8650U CPU @ 1.90GHz (with SSE4.2), with 16258 MB of physical memory, with
locale English_United Kingdom.utf8, with light display mode, without HiDPI, with
Npcap version 1.00, based on libpcap version 1.9.1, with GnuTLS 3.6.3, with
Gcrypt 1.8.3, with brotli 1.0.2, without AirPcap, binary plugins supported (21
loaded).

Built using Microsoft Visual Studio 2019 (VC++ 14.28, build 29335).
edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
1

answered 2021-01-05 21:46:07 +0000

Guy Harris gravatar image

This is an Npcap issue; there's already an issue on the Npcap issue tracker for Bluetooth support, so you might want to add more information to that issue.

edit flag offensive delete link more

Comments

Thank you! Will do. Btw same problem with Winpcap 4.1.3.

dandreye gravatar imagedandreye ( 2021-01-05 22:27:02 +0000 )edit

I don't think WinPcap ever supported bluetooth and as it's obsolete it never will.

grahamb gravatar imagegrahamb ( 2021-01-06 08:25:53 +0000 )edit
0

answered 2021-04-21 22:06:21 +0000

dlech gravatar image

I don't know of a way to do it directly from Wireshark on Windows, but you can capture it using built-in tools, decode it using the Windows SDK and analyze it using Wireshark. This is described in more detail at https://bleak.readthedocs.io/en/lates....

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2021-01-05 20:54:07 +0000

Seen: 292 times

Last updated: Apr 21