原始帖子如果像我一样，您在Mac上，则需要: RKNRFGO 以编程自定义固件 nrf-ble-sniffer-osx 与之通信并将数据包通过管道传送到Wireshark. nrf-ble-sniffer-osx Wiki 解释了如何设置它向上.感谢Roland King制作了这些工具.关于Mac设置的两个重要警告:在nrf-ble-sniffer-osx之前安装Wireshark.这是因为nrf-ble-sniffer-osx需要为Wireshark安装一些其他过滤器，以便它可以解码Nordic固件添加到数据包的标头，并且如果以后安装Wireshark也不会这样做.使用Wireshark版本1.12.在撰写本文时，没有新版本可用于此设置.是的，这意味着您必须使用XQuartz.如果您使用的是Linux，请看起来也可以使用此加密狗，但是我还没有尝试过. While trying to study BLE I am wondering if it is possible to analyse it through tools like Wireshark and snort? I came across one by the name "ubertooth" but that's a USB device which needs to be purchased in order for us to do DPI on BLE frames, right? Is it possible to capture and analyse BLE frames on Wireshark? 解决方案 Yes it's possible to use wireshark to analyse BLE packets, but you will need additional hardware. Sniffing a connection requires support from the baseband layer which is implemented inside the Bluetooth chipset. The software of the chipset inside your computer doesn't support sniffing, so you'll need another chipset whose software you can control.I use the nRF51 Dongle, which is a dev kit for the nRF51, a BLE + Cortex M0 SoC from Nordic Semi. Nordic provides firmware for this board that turns it into a sniffer. They also provide an application for Windows that communicates with that firmware over USB to get back the sniffing data, and that formats it in a way understandable for Wireshark.If you're on Windows you can just use the tools provided by Nordic on this page, and follow the instructions in the User Guide.Edit 2018-10: Nordic have released a Mac and Linux app in beta to support their sniffer, so the rest of this post shouldn't be necessary any more. You can download the new tool here.Then once everything is working and you are piping packets to Wireshark you can use all the awesome Wireshark built-in filters for Bluetooth and BLE: btatt, btl2cap, btle,...Original postIf, like me, you are on Mac, you'll need:RKNRFGO to program the custom firmwarenrf-ble-sniffer-osx to communicate with it and pipe the packets to Wireshark.The nrf-ble-sniffer-osx Wiki explains how to set it up. Thanks to Roland King for making these tools.Two important caveats for the Mac setup:Install Wireshark before nrf-ble-sniffer-osx. That's because nrf-ble-sniffer-osx needs to install some additional filters for Wireshark so that it can decode the headers that the Nordic firmware adds to packets, and it won't do it if Wireshark is installed afterwards.Use Wireshark version 1.12. At the time of writing, no newer version worked with this setup. Yes that means you'll have to use XQuartz.If you're on Linux, it looks like it's also possible to use this dongle, but I haven't tried it. 这篇关于分析蓝牙低能耗流量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！ 上岸，阿里云！