How to capture filter on BLE address?

asked 2018-08-23

updated 2018-08-24 17:24:55 +0000

Guy Harris

I'm using the AdaFruit BLE sniffer, along with a bunch of software so it can talk to Wireshark. I see BLE packets galore, but I'm interested only in the device I'm testing, not Bill's Android, or the TV, or the... I think everything has BT in it now.

So, I have been trying to filter for the MAC address to no avail. I've tried making filters that look like:

btle.access_address == 00:00:00:00:00:00 (i.e. "some MAC address")
btle.advertising_address == <some MAC address>

One of them does no apparent filtering, the other apparently causes the program distress in that it can't figure out the filter's meaning, I guess.

Can someone tell me what filter string to really use? (This has been a bane of mine in Wireshark from the very beginning, when I was using it on (gasp) wired Ethernet.

Thanks, John

Answer

answered 2018-08-23

grahamb

Are you getting confused between:

The btle fields can only be used with Wireshark Display filters.

edit flag offensive delete link more


I am! Now I know the btle fields don't work for capture. Thank you.

johngriswold ( 2018-08-23 15:10:06 +0000 )

Asked: 2018-08-23

Seen: 177 times

Last updated: Aug 24 '18