Nordic Semiconductor nRF5 AirFuel SDK
version 2.2.0
|
Nordic Semiconductor ASA offers a BLE Sniffer which works on any PCA10000 or PCA10001 device. It is capable of following a slave device through advertisements and connections, and supports encryption (given that it is provided with the encryption keys). The nRF Sniffer uses Wireshark to display the packets sniffed, and also provides a simple python API often used in testing automation.
Wireshark provides dissection (interpretation) of BLE all the way down to the ATT protocol. However, an extension to this dissection can be found in this SDK, which allows for WPT packets to be dissected as well, as seen in the figure below.
Note that this plugin currently supports System Baseline Specification (BSS) v1.3 Final (05.11.2014) v5.
First download and install Wireshark (version 1.10 and 1.12 supported).
Next, download the nRF Sniffer.
To install the nRF Sniffer, simply unzip it do the desired install location, and run nRF Sniffer.exe.
Lastly, to enable dissection of WPT packets, copy the file [nRF AirFuel SDK path]/lib/wpt Wireshark dissector/[x86/x64]/btle_wpt.dll to [wireshark install path]/plugins/[version]/plugins . Use the version corresponding to the installed Wireshark version (x86 vs x64).
When using the nRF Sniffer with WPT, the typical use case is to follow a PRU, setting up Wireshark to display the desired data, and perform the actions required on the PTU and PRU while paying attention to the data sent over the air.
Start the nRF Sniffer application, flash the sniffer firmware if required, wait for sniffer to be located, and start Wireshark by pressing "W". It is important that Wireshark is started before any WPT data is to be sniffed, as Wireshark depends on some state in order to identify that the ongoing traffic is of type WPT.
To follow a PRU, press "L" to list available devices, and pay attention to the devices listed while enabling test mode on the PRU. The nRF Sniffer should in most cases be capable of identifying the PRU before it connects to the PTU (only advertise channels are used when identifying devices). If a new device pops up in the list as you enable test mode, select that you would like to follow that device. This can be done by either using the arrow keys (up, down) to locate the device entry, and then hit return, or by simply pressing the number key for the device entry index. If the device is not found, try again.
Ones the correct PRU has been located and followed, it is time to configure Wireshark to display the desired data.
To display some field as a column, simply select a packet with the desired data field (i.e. if you want V_RECT, select a PRU Dynamic Parameter packet), right click the data field, and select "Apply as column".
A filter can be used to stop packets that are not of any interest from being displayed. When creating filters, standard C-like boolean expressions are used with the values from the packets. To find the identifier of some data, select the desire data field, and look at the bottom of the Wireshark window, as shown in the figure below.
By using filters, and carefully selecting what data fields that should be displayed as a column, debugging becomes much easier than just studying UART logs.
Some examples of filters are shown below.
btle.data_header.length!=0 || btle.advertising_header.length != 0 | Display only advertise channel packets and non-empty data packets |
nordic_ble.wpt_handle == 0x2 | Display only WPT PRU Control packets |