Name Date Size #Lines LOC

..--

cmake/H25-Apr-2025-353309

tools/H25-Apr-2025-499363

AUTHORSH A D25-Apr-202580 43

CMakeLists.txtH A D25-Apr-20252.1 KiB8969

COPYINGH A D25-Apr-202517.6 KiB341281

Makefile.amH A D25-Apr-20254.2 KiB12635

Makefile.commonH A D25-Apr-20251.4 KiB405

Makefile.nmakeH A D25-Apr-20253.3 KiB10144

READMEH A D25-Apr-20252.1 KiB6245

install_manifest.txtH A D25-Apr-202542 21

moduleinfo.hH A D25-Apr-2025249 188

moduleinfo.nmakeH A D25-Apr-2025865 2923

packet-btle.cH A D25-Apr-202519.3 KiB666521

plugin.rc.inH A D25-Apr-20251 KiB3533

wireshark-1.8-btle-ppi.patchH A D25-Apr-20259.2 KiB247242

README

1BTLE Wireshark plugin
2=====================
3
4This plugin is no longer in use, it has been merged in to the Wireshark source
5tree as of release 1.12.
6
7
8This is the Bluetooth Low Energy plugin for Wireshark.
9
10To build this on Debian/Ubuntu/BackTrack linux distributions:
11  sudo apt-get install wireshark-dev wireshark
12  cd libbtbb/wireshark/plugins/btle/
13  cmake .
14  make
15  make install
16
17This will install to the .wireshark/ in your home directory. To override
18this set the DESTDIR environment variable when running cmake.
19
20PPI Support (Patch)
21-------------------
22
23Ubertooth records capture frequency, internal clock state, and certain
24other metadata about packets in a PPI header. It is not possible to add
25PPI support in an external plugin, so if you wish to access these fields
26you must patch Wireshark.
27
28The patch wireshark-1.8-btle-ppi.patch was built against the Ubuntu
2912.10 Quantal Wireshark package. It can be added to the Ubuntu package
30source or applied directly to vanilla Wireshark.
31
32To build a .deb on Ubuntu, follow these instructions:
33
34	mkdir wireshark && cd wireshark
35	apt-get source wireshark
36	cp wireshark-1.8-btle-ppi.patch wireshark-1.8.2/debian/patches
37	echo wireshark-1.8-btle-ppi.patch >> wireshark-1.8.2/debian/patches/series
38	cd wireshark-1.8.2
39	dpkg-buildpackage -rfakeroot
40
41The .deb will be created in the wireshark directory, and it can be
42installed with dpkg -i.
43
44Attribute Protocol Support
45--------------------------
46
47Wireshark trunk has native support for the Bluetooth Attribute protocol.
48If you are using a distro package that does not support it, install the
49plugin found in the btatt directory (above this directory).
50
51If the protocol column of non-empty data packets says L2CAP, you should
52install the plugin. If it says ATT, you do not need the plugin. If it
53says something else, please email me!
54
55Bluetooth Security Manager Protocol
56-----------------------------------
57
58All security-related exchanges (pairing and identity resolution) take
59place over the Bluetooth Security Manager (SM) protocol, which runs on
60L2CAP. If you would like to dissect these packets, build and install the
61plugin found in the btsm directory above this directory.
62