Cannot See Scan Request/Response Packets
An OS X client for the Nordic BTLE sniffer dongle.
Brought to you by:
rolandking
Menu
▾
▴
#10 Cannot See Scan Request/Response Packets
Hello Roland,
I have the sniffer up and running. It is working with an nRF51422 Dongle to observe the exchanges between an nRF822 Beacon Kit and an iOS 8.4 app. In Wireshark I am able to see the advertisement packets being transmitted by the beacon. The iOS app is detecting the advertisement. (I have updated the Beacon Kit software to conform to the iBeacon requirements regarding the Apple Manufacturer ID and the matching UUIDs) I can build the iOS app to use either the Core Location or the Core Bluetooth APIs. Both APIs will detect the beacon's advertisement. When I use the CB API, I am able to obtain the name of the beacon. Here is a logging statement produced by my implementation of the CBCentralManagerDelegate protocol's didDiscoverPeripheral function:
2015-09-05 09:30:23.620 Did discover peripheral [<cbperipheral: 0x1700f3680,="" identifier="8B63C7F8-44D5-F3E2-AD40-2916A2513BA9," name="DfuTarg," state="connecting">]</cbperipheral:> with data [[kCBAdvDataIsConnectable: 0]]
You can see that the value of the CBPeripheral's name name property is DfuTarg, which is the beacon kit's BLE name. This name is not in the advertisement packet. It is my understanding that when CoreBluetooth obtains an advertisement packet it will automatically issue a Scan Request. The name is provided by the Scan Response. However, Wireshark is only showing me packets of type adv_nonconn_ind. I never see scan_req or scan_rsp packets.. Do you have any thoughts regarding this?
Cheers,
Robert
I think this question would do much better in the Nordic forums as it's generically about bluetooth and you'll get a better answer.
What I think is, ADV_NONCONN_IND (which is the beacon scanner mode) is neither connectable NOR scannable so you're not going get see scan packets. The Nordic beacon implementation I'm familiar with has no name in it anywhere. My guess, especially given the name you're seeing, would be that you've used DFU on the beacon previously and paired with it and iOS is just reporting the name it cached at that time. To test that if you can get your device to forget the beacon with any kind of device forget or BTLE reset, or by randomizing the address the beacon uses, and run the app again, you won't see the name any more.