Problems decoding BLE capture from another Wireshark program

asked 2017-11-27 02:54:48 +0000

cswanson
1 ●1 ●2 ●1

updated 2017-12-02 16:00:59 +0000

Stig

138 ●7 ●6

HI,

I captured a BLE conversation on a PC running Wireshark 1.10. I work on another machine so I copied the capture file to a Mac and opened the file with Wireshark 2.42.

For some reason, the packets are not being decodes but only presented as raw frames.

Am I missing something or is this expected?

edit retag flag offensive close merge delete

Comments

Does Wireshark 1.10 decode them correctly as Bluetooth Low Energy?

Guy Harris ( 2017-11-27 10:26:35 +0000 )edit

Awesome! Thank you!

This was just what was needed.

Now onto the trace analysis!

cswanson ( 2017-11-28 12:42:30 +0000 )edit

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2017-11-27 20:51:23 +0000

Stig

138 ●7 ●6

updated 2017-11-27 20:54:43 +0000

Is this captured using the Nordic BLE Sniffer?

If so then you need to go to Preferences -> Protocols -> DLT_USER -> DLT Table and add a new entry for DLT User 10 (DLT=157) with Payload protocol nordic_ble.

edit flag offensive delete link

Comments

The newly released nRF Sniffer 2.0.0-1.beta is updated with improved support for macOS, Linux and Windows, and is designed to work with Wireshark 2.4 and later. This version works without manual configuration.

Stig ( 2017-12-06 08:05:41 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-11-27 02:54:48 +0000

Seen: 1,350 times

Last updated: Nov 27 '17

Problems decoding BLE capture from another Wireshark program edit

Comments

1 Answer

Comments