This thread has been locked.
If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.
Tool/software:
I have the CC1350 LaunchPad and need to use it for packet sniffing the 15.4 protocol. I am unable to find the firmware files needed to be installed on the board. I downloaded the Simplelink-CC13x0-SDK and it downloaded a newer version of the SDK (simplelink_cc13x0_sdk_4_20_02_07) and it doesn't have the C:\ti\simplelink_cc13x0_sdk_1_30_00_xx\tools\ti154stack\TiWsPc2\sniffer_fw\bin file needed to update with SmartRF Flash.
Where can I find the files or is there a new version of all this I can install?
Thanks,
Kevin
The sniffer firmware is deliever together with the installation of the SmartRF Packet Sniffer 2 (as explained in the user guide that you get when downloading the sniffer).
If installed at the default location, you will find it here:
C:\Program Files (x86)\Texas Instruments\SmartRF Tools\SmartRF Packet Sniffer 2\sniffer_fw\bin\cc13x0lp
Siri
Siri,
Thank you I had old information that indicated I could only use the 1.0.x version, so I am glad that a new version was available. However, I want to use the 15.4 plugins that use the dissector and even though I reinstalled v2.1.18 of the Sniffer I do not see those plugins in the directory under Wireshare\plugins\4.0\ and they don't show up under the About Plugins for the WireShark. How can I get those setup so I can use them?
Have you followed the guide found here:
and here:
SmartRF Packet Sniffer 2 v1.9.0 User’s Guide — SmartRF Packet Sniffer 2 User Guide documentation
Siri
Yes, in particular I was trying to do verify the plugins and I don't have them and don't know why they aren't available:
1. Open Wireshark and verify that the plugins are installed. Go to Help->About Wireshark and click the Plugins tab. The dissector plugin files
Kevin
Hi Kevin
If you cannot find the dissector plugin after the installation, you can add them manually as explained in the user guide Ilinked to:
I first tried with Wireshark 3.0.14, but in that case I did not get the files installed.
When I tried Wireshark 4.0.16 it worked as expected.
I used the latest Packet Sniffer 2.
Please note that Wireshark needs to be installed BEFORE the packet Sniffer 2, as explained in the guide.
Siri
I have the plugins after installing the SmartRF Packet Sniffer 2 software and copying them from the directory indicated in the instructions. However, I am getting a few error messages, and it doesn't decode the messages. Here are the errors for two of the frames:
Frame 9: 571 bytes on wire (4568 bits), 571 bytes captured (4568 bits) on interface \\.\pipe\tiwspc_data, id 0
Section number: 1
Interface id: 0 (\\.\pipe\tiwspc_data)
Interface name: \\.\pipe\tiwspc_data
Encapsulation type: Raw IPv4 (129)
Arrival Time: Dec 31, 1969 19:23:21.717081000 Eastern Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1401.717081000 seconds
[Time delta from previous captured frame: 51.431852000 seconds]
[Time delta from previous displayed frame: 51.431852000 seconds]
[Time since reference or first frame: 463.519968000 seconds]
Frame Number: 9
Frame Length: 571 bytes (4568 bits)
Capture Length: 571 bytes (4568 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: ip:udp:ti-rpi:wpan:data]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Internet Protocol Version 4, Src: 192.168.1.3, Dst: 192.168.1.3
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 571
Identification: 0x0000 (0)
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 128
Protocol: UDP (17)
Header Checksum: 0xb55b [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.1.3
Destination Address: 192.168.1.3
User Datagram Protocol, Src Port: 17760, Dst Port: 17760
Source Port: 17760
Destination Port: 17760
Length: 551
Checksum: 0x2ab9 [unverified]
[Checksum Status: Unverified]
[Stream index: 0]
[Timestamps]
UDP payload (543 bytes)
TI Radio Packet Info
Interface: COM 22
Frequency: 908.2 MHz
Channel: 30
PHY: 50 Kbps GFSK
RSSI: -106 dBm
Frame Check Status: 0x00 - BAD FCS
Payload Length: 527 Bytes
IEEE 802.15.4 Fragment or Frak, Dst: 0xfffe, Src: 71:cf:18:62:ef:b7:98:3b, Bad FCS
Frame Control Field: 0xcbae, Frame Type: Fragment or Frak, Security Enabled, Acknowledge Request, Reserved, Sequence Number Suppression, Information Elements Present, Destination Addressing Mode: Short/16-bit, Frame Version: IEEE Std 802.1
.... .... .... .110 = Frame Type: Fragment or Frak (0x6)
.... .... .... 1... = Security Enabled: True
.... .... ...0 .... = Frame Pending: False
.... .... ..1. .... = Acknowledge Request: True
.... .... .0.. .... = PAN ID Compression: False
.... .... 1... .... = Reserved: True
.... ...1 .... .... = Sequence Number Suppression: True
.... ..1. .... .... = Information Elements Present: True
.... 10.. .... .... = Destination Addressing Mode: Short/16-bit (0x2)
..00 .... .... .... = Frame Version: IEEE Std 802.15.4-2003 (0)
11.. .... .... .... = Source Addressing Mode: Long/64-bit (0x3)
[Expert Info (Warning/Malformed): Sequence Number Suppression invalid for 802.15.4-2003 and 2006]
[Sequence Number Suppression invalid for 802.15.4-2003 and 2006]
[Severity level: Warning]
[Group: Malformed]
Destination PAN: 0xfff4
Destination: 0xfffe
Source PAN: 0x07ff
Extended Source: 71:cf:18:62:ef:b7:98:3b (71:cf:18:62:ef:b7:98:3b)
Frame Counter: 0xc16c6c12
Key Sequence Counter: 0xef
MIC: 23945db14b134305
[Expert Info (Warning/Undecoded): No encryption key set - can't decrypt]
[No encryption key set - can't decrypt]
[Severity level: Warning]
[Group: Undecoded]
FCS: 0xf7a2 (Incorrect, expected FCS=0xd098)
[Expert Info (Warning/Checksum): Bad FCS]
[Bad FCS]
[Severity level: Warning]
[Group: Checksum]
Data (494 bytes)
Data: 710dd958c174ada7c83c46f444bca32367df30779b95697dc386f407d55c166530415142…
[Length: 494]
Frame 10: 58 bytes on wire (464 bits), 58 bytes captured (464 bits) on interface \\.\pipe\tiwspc_data, id 0
Section number: 1
Interface id: 0 (\\.\pipe\tiwspc_data)
Interface name: \\.\pipe\tiwspc_data
Encapsulation type: Raw IPv4 (129)
Arrival Time: Dec 31, 1969 19:23:38.949227000 Eastern Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1418.949227000 seconds
[Time delta from previous captured frame: 17.232146000 seconds]
[Time delta from previous displayed frame: 17.232146000 seconds]
[Time since reference or first frame: 480.752114000 seconds]
Frame Number: 10
Frame Length: 58 bytes (464 bits)
Capture Length: 58 bytes (464 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: ip:udp:ti-rpi:wpan]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Internet Protocol Version 4, Src: 192.168.1.3, Dst: 192.168.1.3
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 58
Identification: 0x0000 (0)
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 128
Protocol: UDP (17)
Header Checksum: 0xb75c [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.1.3
Destination Address: 192.168.1.3
User Datagram Protocol, Src Port: 17760, Dst Port: 17760
Source Port: 17760
Destination Port: 17760
Length: 38
Checksum: 0x67ef [unverified]
[Checksum Status: Unverified]
[Stream index: 0]
[Timestamps]
UDP payload (30 bytes)
TI Radio Packet Info
Interface: COM 22
Frequency: 908.2 MHz
Channel: 30
PHY: 50 Kbps GFSK
RSSI: -24 dBm
Frame Check Status: 0x80 - OK
Payload Length: 14 Bytes
IEEE 802.15.4 Command, Dst: Broadcast, Bad FCS
Frame Control Field: 0x0803, Frame Type: Command, Destination Addressing Mode: Short/16-bit, Frame Version: IEEE Std 802.15.4-2003, Source Addressing Mode: None
.... .... .... .011 = Frame Type: Command (0x3)
.... .... .... 0... = Security Enabled: False
.... .... ...0 .... = Frame Pending: False
.... .... ..0. .... = Acknowledge Request: False
.... .... .0.. .... = PAN ID Compression: False
.... .... 0... .... = Reserved: False
.... ...0 .... .... = Sequence Number Suppression: False
.... ..0. .... .... = Information Elements Present: False
.... 10.. .... .... = Destination Addressing Mode: Short/16-bit (0x2)
..00 .... .... .... = Frame Version: IEEE Std 802.15.4-2003 (0)
00.. .... .... .... = Source Addressing Mode: None (0x0)
Sequence Number: 135
Destination PAN: 0xffff
Destination: 0xffff
Command Identifier: Beacon Request (0x07)
FCS: 0x7c4e (Incorrect, expected FCS=0x29b2)
[Expert Info (Warning/Checksum): Bad FCS]
[Bad FCS]
[Severity level: Warning]
[Group: Checksum]
Please provide info regarding what data you are trying to sniff/decode.
You should do the testing with one of our default TI15.4 examples so that it will be easy for uss to tst the same here.
Siri
Hi Kevin,
Can you post the pncap file?
Did you check the FCS settings in Wireshark?
Cheers,
Marie
Marie,
Changing the FCS to CRC-32 did not fix the issue. How can I upload a pcapng file for you to see?
Hi Kevin,
It should be possible by using the Insert button and selecting Image/video/file.
Cheers,
Marie H
Hi Kevin,
Can you try the following:
In the Sniffer Agent, select Options -> Pipe Config. For the Port, select TIMAC/TI 802.15.4ge
Then start the sniffer and Wireshark.
Cheers,
Marie H
Marie H,
That did fix the FCS CRC errors, thank you very much.
I am still seeing No encryption key set - can't decrypt. What and where do I put the encryption key for the standard key used for the sensor/collector project? Here is the message in Wireshark:
Expert Info (Warning/Undecoded): No encryption key set - can't decrypt
Thanks,
Kevin
Hi Kevin,
I have never tested decryption with the sniffer on TI 15.4-Stack.
I have tested it with Wi-SUN, here are the instructions:
Edit -> Preferences -> Protocol -> IEEE 802.15.4 -> Decryption Keys.
(Or you can disable encryption on the collector and sensor.)
Cheers,
Marie H
Marie H,
I added the key that I am using (it is a new key and not the default one) where you indicated and put it in for key 0-4 just in case. I still get the message that it can't decrypt.
Frame 68962: 134 bytes on wire (1072 bits), 134 bytes captured (1072 bits) on interface \\.\pipe\tiwspc_data, id 0
Section number: 1
Interface id: 0 (\\.\pipe\tiwspc_data)
Encapsulation type: Raw IPv4 (129)
Arrival Time: Dec 31, 1969 22:13:49.761324000 Eastern Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 11629.761324000 seconds
[Time delta from previous captured frame: 0.038444000 seconds]
[Time delta from previous displayed frame: 0.038444000 seconds]
[Time since reference or first frame: 11251.298249000 seconds]
Frame Number: 68962
Frame Length: 134 bytes (1072 bits)
Capture Length: 134 bytes (1072 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: ip:udp:ti802.15.4ge.sunphy:data]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Internet Protocol Version 4, Src: 192.168.1.3, Dst: 192.168.1.3
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 134
Identification: 0x0000 (0)
000. .... = Flags: 0x0
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 128
Protocol: UDP (17)
Header Checksum: 0xb710 [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.1.3
Destination Address: 192.168.1.3
User Datagram Protocol, Src Port: 17757, Dst Port: 17757
Source Port: 17757
Destination Port: 17757
Length: 114
Checksum: 0xc061 [unverified]
[Checksum Status: Unverified]
[Stream index: 0]
[Timestamps]
UDP payload (106 bytes)
TI 802.15.4GE SUN PHY without Mode Switch
PHR: 0x0868 without Mode Switch
0... .... .... .... = Mode Switch: False
...0 .... .... .... = FCS Type: Four Bytes (0x0)
.... 1... .... .... = Data Whitening: True
.... .000 0110 1000 = Frame Length: 104
TI 802.15.4GE Data, Dst: 0xaabb, Src: 0x0001
Frame Control Field: 0x9869, Frame Type: Data, Security Enabled, Acknowledge Request, PAN ID Compression, Destination Addressing Mode: Short/16-bit, Source Addressing Mode: Short/16-bit
Sequence Number: 59
Destination PAN: 0x0001
Destination: 0xaabb
Source: 0x0001
[Extended Source: TexasIns_00:15:01:fb:8f (00:12:4b:00:15:01:fb:8f)]
[Origin: 7644]
Auxiliary Security Header:
[Expert Info (Warning/Undecoded): No encryption key set - can't decrypt]
[No encryption key set - can't decrypt]
[Severity level: Warning]
[Group: Undecoded]
32 bit MIC: 0x8a01fe61
32 bit FCS: 0xf5cf7779 (Correct)
Data (77 bytes)
Data: b548031700f77e0a8cda46107d19318a1e7dd12b2343a9d37901e72ae24c316fe1c1dc5f…
[Length: 77]
Kevin
Hi Kevin,
In that case I don't think the sniffer supports encrypted link in the TI 15.4-Stack implementation.
Cheers,
Marie H
Marie H,
Please check with the group for the Smart RF Sniffer Agent as to what they think. The Wireshark app has been instrumental to finding out issues on this project. I was going to pare down the messages next and would really need to see what the messages are in them. While troubleshooting issues with our prototypes, this may become very important.
Thanks,
Kevin
Hi Kevin,
I would advice you to turn off encryption while working on this, then turning it back on when you have resolved any issues.
Cheers,
Marie H