Revision history [back]

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and an E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a L2CAP packets in WIreshark. When the measurement is complete, no new packets seem to appear in Wireshark.

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

Thanks!

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and an E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a L2CAP packets in WIreshark. When WIreshar (also, when the measurement is complete, no new packets seem to appear in Wireshark.Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

Thanks!

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and an my E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a L2CAP packets in WIreshar (also, when the measurement is complete, no new packets seem to appear in Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

Thanks!

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and my E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a stream of L2CAP packets in WIreshar WIreshark (also, when the measurement is complete, no new packets seem to appear in Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

Thanks!

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and my E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a stream of L2CAP packets in WIreshark (also, when the measurement is complete, no new packets seem to appear in Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

I'm using Version 3.2.5 (v3.2.5-0-ged20ddea8138) on a Mac.

Thanks!

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and my E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a stream of L2CAP packets in WIreshark (also, when the measurement is complete, no new packets seem to appear in Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

I'm using Version 3.2.5 (v3.2.5-0-ged20ddea8138) on a Mac.

Thanks!

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and my E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a stream of L2CAP packets in WIreshark (also, when the measurement is complete, no new packets seem to appear in Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

I'm using Version 3.2.5 (v3.2.5-0-ged20ddea8138) on a Mac.

Thanks!

[UPDATE] I have been able to get the ATT protocol traffic of the same packet sequence by enabling the Bluetooth HCL log on my Android device and opening up the resulting log file in Wireshark. Wireshark (link). I'm still not sure why this is not showing in Wireshark when capturing over the Hollong packet sniffer device.

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and my E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a stream of L2CAP packets in WIreshark (also, when the measurement is complete, no new packets seem to appear in Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

I'm using Version 3.2.5 (v3.2.5-0-ged20ddea8138) on a Mac.

Thanks!

[UPDATE] I have been able to get the ATT protocol traffic of the same packet sequence by enabling the Bluetooth HCL HCI log on my Android device and opening up the resulting log file in Wireshark (link). I'm still not sure why this is not showing in Wireshark when capturing over the Hollong packet sniffer device.

Hi,

I'm using the Hollong Bluetooth 4.0/4.1/4.2 BLE Sniffer hardware to capture BLE packets which are then displayed in Wireshark.

I'm capturing packets between my Android device and my E3 Airmon air quality checker device. I start the "measurement" process from the Android device, which then seems to show up as a stream of L2CAP packets in WIreshark (also, when the measurement is complete, no new packets seem to appear in Wireshark).

I'm not sure how to decode these L2CAP packets - there's no "conversation" shown as it would be when following IP packets.

Here is a screenshot of the captured packets summary: https://www.dropbox.com/s/shleomhn6cd5ry6/Screenshot%202020-07-06%2019.50.20.png?dl=0

Here is a link to the packet capture: https://drive.google.com/file/d/1H42blFXKvEuV9QN9SikAlo6Gsk9pDoRs/view?usp=sharing

How can I actually see what data is being sent over BLE?

I'm using Version 3.2.5 (v3.2.5-0-ged20ddea8138) on a Mac.

Thanks!

[UPDATE] I have been able to get the ATT protocol traffic of the same packet sequence by enabling the Bluetooth HCI log on my Android device and opening up the resulting log file in Wireshark (link). I'm still not sure why this is not showing in Wireshark when capturing over the Hollong packet sniffer device.