Linux 配置wireshark 分析thread 使用nRF-Sniffer dongle
Linux 配置wireshark nRF-Sniffer-for-802.15.4
1.下载固件和配置文件
https://github.com/NordicSemiconductor/nRF-Sniffer-for-802.15.4
2.烧写固件
使用nRF Connect for Desktop 中的 programmer 4.3烧写
https://www.nordicsemi.com/Products/Development-tools/nrf-connect-for-desktop/download
3.配置wireshark
3.1 给wireshark开放权限
参考:https://www.cnblogs.com/potatosuper/p/14391116.html
1)Create the wireshark group.
$ sudo groupadd wireshark
2) Add your username to the wireshark group
$ sudo usermod -a -G wireshark YOUR_USER_NAME
3) Change the group ownership of file dumpcap to wireshark
$ sudo chgrp wireshark /usr/bin/dumpcap
4) Change the mode of the file dumpcap to allow execution by the group wireshark
$ sudo chmod 750 /usr/bin/dumpcap
5) Grant capabilities with setcap, man capabilities(7), setcap(8), cap_from_text(3) for more info about what are "cap_net_raw", "cap_net_admin" and "eip". Anyway, after we grant the capabilities, the dump can perform various network-related operations, use RAW and PACKET sockets; bind to any address for transparent proxying.
$ sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
6) Verify the change
$ sudo getcap /usr/bin/dumpcap
Output should be like below:
/usr/bin/dumpcap = cap_net_admin,cap_net_raw=eip
7) At this point, you will need to log out, or reset
3.2 安装802.15.4插件
找到Global Extcap path的位置:/usr/lib/x86_64-linux-gnu/wireshark/extcap
从1中下载文件中,拷贝nrf802154_sniffer.py 到/usr/lib/x86_64-linux-gnu/wireshark/extcap,确认nrf802154_sniffer.py的写权限
lsusb查看usb dongle的ID:1915,154a
查看nrf802154_sniffer.py文件
确认python3
确认1915,154a
重启wireshark,之后可以从Plugins中发现:
已经出现nRF Sniffer
双击nRF Sniffer配置channel
从哪找?thread设备命令行channel
Edit/Preference/Protocols
Decryption Keys Edit
从哪种?thread命令行networkkey
已经可以解析 802.15.4,6Lowpan和Coap