In this chapter, we will go through how to set up nRF Sniffer and test that it is working properly by sniffing a Bluetooth LE packet.
nRF Sniffer has a comprehensive documentation on how to program the nRF Sniffer firmware on to your device, and how to set up Wireshark on your computer, to analyze packets. The content in this chapter closely follows the documentation with some additional information and screenshots to help you along the way.
You can choose to either continue with the instructions here or go to the documentation page and follow the steps there.
Programming the nRF Sniffer firmware
The nRF Sniffer firmware supports the following boards:
nRF52840 DK
nRF52840 Dongle
nRF52833 DK
nRF52 DK
nRF51 DK
nRF51 Dongle
Important
Due to a recent update of the nRF52833 DK version 3 and nRF52840 DK version 3, the new Interface IC on the DK is not fully compatible with the nRF Sniffer software. If you have an nRF52840DK v3, you will need to use the nRF USB port instead of the Interface IC USB port. The nRF52833 DK v3 is not compatible with the sniffer software at the moment, so you will need to use another DK as the sniffer backend. nRF52833 DK v2 and earlier works fine.
Download the firmware
1. Download nRF Sniffer for Bluetooth LE v4.x or later and extract the contents of the zip file into a folder of your choice.
In the following sections, this folder is referred to as Sniffer_Software.
All the firmware HEX files are located in Sniffer_Software/hex.
Development kit/dongle
Firmware file name
nRF52840 DK
sniffer_nrf52840dk_nrf52840_*.hex
nRF52840 Dongle
sniffer_nrf52840dongle_nrf52840_*.hex
nRF52833 DK
sniffer_nrf52833dk_nrf52833_*.hex
nRF52 DK
sniffer_nrf52dk_nrf52832_*.hex
nRF51 DK
sniffer_nrf51dk_nrf51422_*.hex
nRF51 Dongle
sniffer_nrf51dongle_nrf51422_*.hex
2. Open up nRF Connect for Desktop and install and launch the Programmer application.
If you are running an M1-based Mac, you must install the Intel/x86 variants of J-Link.
3. In the upper left hand corner, select the board you are using as the Bluetooth LE sniffer.
4. Select Add file and Browse, then navigate to Sniffer_Software/hex and select the file that applies to the hardware you are using, see the table above. Select Open.
5. Click Erase & write to flash the firmware to your board.
2. In the Stable Release list at the top of the page, select the release package for your operating system.
The download should start automatically.
3. Open up the file when it’s finished downloading, and follow the instructions to download Wireshark.
Wireshark is an open-source packet analyzer, and can be used for many different protocols. To use it with the nRF Sniffer firmware, we offer an external capture plugin to use with Wireshark.
Installing the nRF Sniffer capture tool
The nRF Sniffer capture tool comes as an external capture plugin for Wireshark.
1. Install the Python requirements
1.1 Open a command window and navigate to the folder Sniffer_Software/extcap.
1.2 Depending on your system, run one of the following commands (make sure you have Python installed on your computer):
On Windows with Python launcher, type py -3 -m pip install -r requirements.txt.
On Windows without Python launcher, type python -m pip install -r requirements.txt.
On Linux or macOS, type python3 -m pip install -r requirements.txt.
2. Copy the nRF Sniffer capture tool into Wireshark
2.1 Open Wireshark
2.2 Go to Help > About Wireshark (on Windows or Linux) or Wireshark > About Wireshark (on macOS).
2.3 Select the Folders tab.
2.4 Double-click the location for the Personal Extcap path to open this folder.
You may be prompted with a notice saying The directory does not exist. Click Yes to create it.
2.5 Copy the contents of the Sniffer_Software/extcap/ folder into this folder.
3. Enable the nRF Sniffer capture tool in Wireshark.
3.1 Refresh the interfaces in Wireshark by selecting Capture > Refresh Interfaces or pressing F5.
3.2 Select View > Interface Toolbars > nRF Sniffer for Bluetooth LE to enable the nRF Sniffer interface.
You should see that nRF Sniffer is displayed as one of the interfaces on the Wireshark capture screen, and you should see the nRF Sniffer toolbar.
Note
If you can’t see the nRF Sniffer tools, try performing step 3 in Installing the nRF Sniffer capture tool, to make sure that the nRF Sniffer files can be run correctly.
Running the nRF Sniffer
1. To start sniffing, make sure the nRF Sniffer (your DK or dongle running the nRF Sniffer firmware) is turned on and place it between the two devices that are communicating over Bluetooth LE.
Set up for sniffing Bluetooth LE packets
2. In Wireshark, under Capture, double-click on the hardware interface nRF Sniffer for Bluetooth LE COM port, see below
3. Wireshark should now look something like the image below, listing all Bluetooth LE packets in radio range.
Explaining Wireshark in Live Capture
Before proceeding to the exercise portion of this lesson, let’s explain what we are seeing in the Wireshark window.
Your window should be divided into three parts, the packet list, packet details and packet bytes.
If you cannot see all three windows, select View and make sure the following three lines are checked off
Packet List: Displays all the packets in the current capture session. Each line corresponds to one packet, and if you select a line, more details about the packet will be displayed in the “Packet Details” and “Packet Bytes” panes, below.
Packet Details: Shows the current packet, selected in the Packet List window, in a more detailed form.
Packet Bytes: Shows the data of the current packet, selected in the Packet List window, in a hexdump style.
Clicking on a specific section of the data in the Packet Bytes window will show where in the Packet Details window. And similarly, selecting a header in the Packet Details window, will show where in the data this information is defined, in the Packet Bytes window.
Columns in the Packet List window
Let’s take a look at the columns in the Packet List window. Your column headers should look like this
If you are missing any of the column headers, go to the Packet Details window and expand nRF Sniffer for Bluetooth LE. Then right-click on any of the parameters you are missing, select Apply as Column and it will show up in the main view as a column.
Now you should have the following column headers in your live capture view.
No.: The packet number, incremented for every packet the sniffer captures.
Time: The timestamp for when the packet was captured, relative to how long the sniffer has been running.
Source: The address of the device that the packet came from.
Protocol: Which Bluetooth LE stack layer the packet came from, most will come from the link layer (LE LL). Connection parameter updates come from L2CAP, while GATT operations come from the ATT layer, and packets having to do with encrypting and pairing come from SMP.
Length: The number of bytes captured in the packet.
Event counter: The instant number of each connection event starting from 0 when the connection is established.
Channel Index: Channel number the packet was captured on.
Delta time (start to start): The time between the start of the previous packet until the start of the current packet. It’s often used to count the distance between each connection event, and very close to the actual connection interval.
Info: Information about the packet.
You are now ready for the exercise portion of this lesson, where we will go into more detail on what you are seeing.
Important
If you have issues setting up the nRF sniffer, there is a Troubleshooting section from the documentation that you can take a look at.
Nordic Developer Academy Privacy Policy
1. Introduction
In this Privacy Policy you will find information on Nordic Semiconductor ASA (“Nordic Semiconductor”) processes your personal data when you use the Nordic Developer Academy.
References to “we” and “us” in this document refers to Nordic Semiconductor.
2. Our processing of personal data when you use the Nordic Developer Academy
2.1 Nordic Developer Academy
Nordic Semiconductor processes personal data in order to provide you with the features and functionality of the Nordic Developer Academy. Creating a user account is optional, but required if you want to track you progress and view your completed courses and obtained certificates. If you choose to create a user account, we will process the following categories of personal data:
Email
Name
Password (encrypted)
Course progression (e.g. which course you have completely or partly completed)
Certificate information, which consists of name of completed course and the validity of the certificate
Course results
During your use of the Nordic Developer Academy, you may also be asked if you want to provide feedback. If you choose to respond to any such surveys, we will also process the personal data in your responses in that survey.
The legal basis for this processing is GDPR article 6 (1) b. The processing is necessary for Nordic Semiconductor to provide the Nordic Developer Academy under the Terms of Service.
2.2 Analytics
If you consent to analytics, Nordic Semiconductor will use Google Analytics to obtain statistics about how the Nordic Developer Academy is used. This includes collecting information on for example what pages are viewed, the duration of the visit, the way in which the pages are maneuvered, what links are clicked, technical information about your equipment. The information is used to learn how Nordic Developer Academy is used and how the user experience can be further developed.
2.2 Newsletter
You can consent to receive newsletters from Nordic from within the Nordic Developer Academy. How your personal data is processed when you sign up for our newsletters is described in the Nordic Semiconductor Privacy Policy.
3. Retention period
We will store your personal data for as long you use the Nordic Developer Academy. If our systems register that you have not used your account for 36 months, your account will be deleted.
4. Additional information
Additional information on how we process personal data can be found in the Nordic Semiconductor Privacy Policy and Cookie Policy.
Nordic Developer Academy Terms of Service
1. Introduction
These terms and conditions (“Terms of Use”) apply to the use of the Nordic Developer Academy, provided by Nordic Semiconductor ASA, org. nr. 966 011 726, a public limited liability company registered in Norway (“Nordic Semiconductor”).
Nordic Developer Academy allows the user to take technical courses related to Nordic Semiconductor products, software and services, and obtain a certificate certifying completion of these courses. By completing the registration process for the Nordic Developer Academy, you are agreeing to be bound by these Terms of Use.
These Terms of Use are applicable as long as you have a user account giving you access to Nordic Developer Academy.
2. Access to and use of Nordic Developer Academy
Upon acceptance of these Terms of Use you are granted a non-exclusive right of access to, and use of Nordic Developer Academy, as it is provided to you at any time. Nordic Semiconductor provides Nordic Developer Academy to you free of charge, subject to the provisions of these Terms of Use and the Nordic Developer Academy Privacy Policy.
To access select features of Nordic Developer Academy, you need to create a user account. You are solely responsible for the security associated with your user account, including always keeping your login details safe.
You will able to receive an electronic certificate from Nordic Developer Academy upon completion of courses. By issuing you such a certificate, Nordic Semiconductor certifies that you have completed the applicable course, but does not provide any further warrants or endorsements for any particular skills or professional qualifications.
Nordic Semiconductor will continuously develop Nordic Developer Academy with new features and functionality, but reserves the right to remove or alter any existing functions without notice.
3. Acceptable use
You undertake that you will use Nordic Developer Academy in accordance with applicable law and regulations, and in accordance with these Terms of Use. You must not modify, adapt, or hack Nordic Developer Academy or modify another website so as to falsely imply that it is associated with Nordic Developer Academy, Nordic Semiconductor, or any other Nordic Semiconductor product, software or service.
You agree not to reproduce, duplicate, copy, sell, resell or in any other way exploit any portion of Nordic Developer Academy, use of Nordic Developer Academy, or access to Nordic Developer Academy without the express written permission by Nordic Semiconductor. You must not upload, post, host, or transmit unsolicited email, SMS, or \”spam\” messages.
You are responsible for ensuring that the information you post and the content you share does not;
contain false, misleading or otherwise erroneous information
infringe someone else’s copyrights or other intellectual property rights
contain sensitive personal data or
contain information that might be received as offensive or insulting.
Such information may be removed without prior notice.
Nordic Semiconductor reserves the right to at any time determine whether a use of Nordic Developer Academy is in violation of its requirements for acceptable use.
Violation of the at any time applicable requirements for acceptable use may result in termination of your account. We will take reasonable steps to notify you and state the reason for termination in such cases.
4. Routines for planned maintenance
Certain types of maintenance may imply a stop or reduction in availability of Nordic Developer Academy. Nordic Semiconductor does not warrant any level of service availability but will provide its best effort to limit the impact of any planned maintenance on the availability of Nordic Developer Academy.
5. Intellectual property rights
Nordic Semiconductor retains all rights to all elements of Nordic Developer Academy. This includes, but is not limited to, the concept, design, trademarks, know-how, trade secrets, copyrights and all other intellectual property rights.
Nordic Semiconductor receives all rights to all content uploaded or created in Nordic Developer Academy. You do not receive any license or usage rights to Nordic Developer Academy beyond what is explicitly stated in this Agreement.
6. Liability and damages
Nothing within these Terms of Use is intended to limit your statutory data privacy rights as a data subject, as described in the Nordic Developer Academy Privacy Policy. You acknowledge that errors might occur from time to time and waive any right to claim for compensation as a result of errors in Nordic Developer Academy. When an error occurs, you shall notify Nordic Semiconductor of the error and provide a description of the error situation.
You agree to indemnify Nordic Semiconductor for any loss, including indirect loss, arising out of or in connection with your use of Nordic Developer Academy or violations of these Terms of Use. Nordic Semiconductor shall not be held liable for, and does not warrant that (i) Nordic Developer Academy will meet your specific requirements, (ii) Nordic Developer Academy will be uninterrupted, timely, secure, or error-free, (iii) the results that may be obtained from the use of Nordic Developer Academy will be accurate or reliable, (iv) the quality of any products, services, information, or other material purchased or obtained by you through Nordic Developer Academy will meet your expectations, or that (v) any errors in Nordic Developer Academy will be corrected.
You accept that this is a service provided to you without any payment and hence you accept that Nordic Semiconductor will not be held responsible, or liable, for any breaches of these Terms of Use or any loss connected to your use of Nordic Developer Academy. Unless otherwise follows from mandatory law, Nordic Semiconductor will not accept any such responsibility or liability.
7. Change of terms
Nordic Semiconductor may update and change the Terms of Use from time to time. Nordic Semiconductor will seek to notify you about significant changes before such changes come into force and give you a possibility to evaluate the effects of proposed changes. Continued use of Nordic Developer Academy after any such changes shall constitute your acceptance of such changes. You can review the current version of the Terms of Use at any time at https://academy.nordicsemi.com/terms-of-service/
8. Transfer of rights
Nordic Semiconductor is entitled to transfer its rights and obligation pursuant to these Terms of Use to a third party as part of a merger or acquisition process, or as a result of other organizational changes.
9. Third Party Services
To the extent Nordic Developer Academy facilitates access to services provided by a third party, you agree to comply with the terms governing such third party services. Nordic Semiconductor shall not be held liable for any errors, omissions, inaccuracies, etc. related to such third party services.
10. Dispute resolution
The Terms of Use and any other legally binding agreement between yourself and Nordic Semiconductor shall be subject to Norwegian law and Norwegian courts’ exclusive jurisdiction.
