Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

asked 2018-08-23 14:23:36 +0000

johngriswold gravatar image

How to capture filter on BLE address?

I'm using the AdaFruit BLE sniffer, along with a bunch of software so it can talk to Wireshark. I see BLE packets galore, but I'm interested only in the device I'm testing, not Bill's Android, or the TV, or the... I think everything has BT in it now.

So, I have been trying to filter for the MAC address to no avail. I've tried making filters that look like: btle.access_address == 00:00:00:00:00:00 (i.e. "some MAC address") btle.advertising_address == <some mac="" address="">

One of them does no apparent filtering, the other apparently causes the program distress in that it can't figure out the filter's meaning, I guess.

Can someone tell me what filter string to really use? (This has been a bane of mine in Wireshark from the very beginning, when I was using it on (gasp) wired Ethernet.

Thanks, John

click to hide/show revision 2
None

updated 2018-08-23 14:34:32 +0000

grahamb gravatar image

How to capture filter on BLE address?

I'm using the AdaFruit BLE sniffer, along with a bunch of software so it can talk to Wireshark. I see BLE packets galore, but I'm interested only in the device I'm testing, not Bill's Android, or the TV, or the... I think everything has BT in it now.

So, I have been trying to filter for the MAC address to no avail. I've tried making filters that look like: btle.access_address == 00:00:00:00:00:00 (i.e. "some MAC address") btle.advertising_address == <some mac="" address="">

One of them does no apparent filtering, the other apparently causes the program distress in that it can't figure out the filter's meaning, I guess.

Can someone tell me what filter string to really use? (This has been a bane of mine in Wireshark from the very beginning, when I was using it on (gasp) wired Ethernet.

Thanks, John

click to hide/show revision 3
None

updated 2018-08-23 14:34:59 +0000

grahamb gravatar image

How to capture filter on BLE address?

I'm using the AdaFruit BLE sniffer, along with a bunch of software so it can talk to Wireshark. I see BLE packets galore, but I'm interested only in the device I'm testing, not Bill's Android, or the TV, or the... I think everything has BT in it now.

So, I have been trying to filter for the MAC address to no avail. I've tried making filters that look like: btle.access_address like:

btle.access\_address    == 00:00:00:00:00:00 (i.e. "some MAC address")
btle.advertising_address btle.advertising\_address == <some mac="" address="">
MAC address>

One of them does no apparent filtering, the other apparently causes the program distress in that it can't figure out the filter's meaning, I guess.

Can someone tell me what filter string to really use? (This has been a bane of mine in Wireshark from the very beginning, when I was using it on (gasp) wired Ethernet.

Thanks, John

click to hide/show revision 4
None

updated 2018-08-24 17:24:55 +0000

Guy Harris gravatar image

How to capture filter on BLE address?

I'm using the AdaFruit BLE sniffer, along with a bunch of software so it can talk to Wireshark. I see BLE packets galore, but I'm interested only in the device I'm testing, not Bill's Android, or the TV, or the... I think everything has BT in it now.

So, I have been trying to filter for the MAC address to no avail. I've tried making filters that look like:

btle.access\_address    btle.access_address == 00:00:00:00:00:00 (i.e. "some MAC address")
btle.advertising\_address btle.advertising_address == <some MAC address>

One of them does no apparent filtering, the other apparently causes the program distress in that it can't figure out the filter's meaning, I guess.

Can someone tell me what filter string to really use? (This has been a bane of mine in Wireshark from the very beginning, when I was using it on (gasp) wired Ethernet.

Thanks, John