LAUNCHXL-CC1350: Unable to find firmware files for Sniffer setup

Siri,

Thank you I had old information that indicated I could only use the 1.0.x version, so I am glad that a new version was available.  However, I want to use the 15.4 plugins that use the dissector and even though I reinstalled v2.1.18 of the Sniffer I do not see those plugins in the directory under Wireshare\plugins\4.0\ and they don't show up under the About Plugins for the WireShark.  How can I get those setup so I can use them?

Yes, in particular I was trying to do verify the plugins and I don't have them and don't know why they aren't available: 

Wireshark Dissector Setup

1. Open Wireshark and verify that the plugins are installed. Go to Help->About Wireshark and click the Plugins tab. The dissector plugin files

• ti802154ge-x(86/64)-2x.dll,
• tirpi-x(86/64)-2x.dll and
• ti-ble-packet-info-x(86/64)-2x.dll

Kevin

I have the plugins after installing the SmartRF Packet Sniffer 2 software and copying them from the directory indicated in the instructions.  However, I am getting a few error messages, and it doesn't decode the messages.  Here are the errors for two of the frames:

Frame 9: 571 bytes on wire (4568 bits), 571 bytes captured (4568 bits) on interface \\.\pipe\tiwspc_data, id 0

    Section number: 1

    Interface id: 0 (\\.\pipe\tiwspc_data)

        Interface name: \\.\pipe\tiwspc_data

    Encapsulation type: Raw IPv4 (129)

    Arrival Time: Dec 31, 1969 19:23:21.717081000 Eastern Standard Time

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1401.717081000 seconds

    [Time delta from previous captured frame: 51.431852000 seconds]

    [Time delta from previous displayed frame: 51.431852000 seconds]

    [Time since reference or first frame: 463.519968000 seconds]

    Frame Number: 9

    Frame Length: 571 bytes (4568 bits)

    Capture Length: 571 bytes (4568 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: ip:udp:ti-rpi:wpan:data]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Internet Protocol Version 4, Src: 192.168.1.3, Dst: 192.168.1.3

    0100 .... = Version: 4

    .... 0101 = Header Length: 20 bytes (5)

    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)

        0000 00.. = Differentiated Services Codepoint: Default (0)

        .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)

    Total Length: 571

    Identification: 0x0000 (0)

1. .... = Flags: 0x0

        0... .... = Reserved bit: Not set

        .0.. .... = Don't fragment: Not set

        ..0. .... = More fragments: Not set

    ...0 0000 0000 0000 = Fragment Offset: 0

    Time to Live: 128

    Protocol: UDP (17)

    Header Checksum: 0xb55b [validation disabled]

    [Header checksum status: Unverified]

    Source Address: 192.168.1.3

    Destination Address: 192.168.1.3

User Datagram Protocol, Src Port: 17760, Dst Port: 17760

    Source Port: 17760

    Destination Port: 17760

    Length: 551

    Checksum: 0x2ab9 [unverified]

    [Checksum Status: Unverified]

    [Stream index: 0]

    [Timestamps]

    UDP payload (543 bytes)

TI Radio Packet Info

    Interface: COM 22

    Frequency: 908.2 MHz

    Channel: 30

    PHY: 50 Kbps GFSK

    RSSI: -106 dBm

    Frame Check Status: 0x00 - BAD FCS

    Payload Length: 527 Bytes

IEEE 802.15.4 Fragment or Frak, Dst: 0xfffe, Src: 71:cf:18:62:ef:b7:98:3b, Bad FCS

    Frame Control Field: 0xcbae, Frame Type: Fragment or Frak, Security Enabled, Acknowledge Request, Reserved, Sequence Number Suppression, Information Elements Present, Destination Addressing Mode: Short/16-bit, Frame Version: IEEE Std 802.1

        .... .... .... .110 = Frame Type: Fragment or Frak (0x6)

        .... .... .... 1... = Security Enabled: True

        .... .... ...0 .... = Frame Pending: False

        .... .... ..1. .... = Acknowledge Request: True

        .... .... .0.. .... = PAN ID Compression: False

        .... .... 1... .... = Reserved: True

        .... ...1 .... .... = Sequence Number Suppression: True

        .... ..1. .... .... = Information Elements Present: True

        .... 10.. .... .... = Destination Addressing Mode: Short/16-bit (0x2)

        ..00 .... .... .... = Frame Version: IEEE Std 802.15.4-2003 (0)

        11.. .... .... .... = Source Addressing Mode: Long/64-bit (0x3)

    [Expert Info (Warning/Malformed): Sequence Number Suppression invalid for 802.15.4-2003 and 2006]

        [Sequence Number Suppression invalid for 802.15.4-2003 and 2006]

        [Severity level: Warning]

        [Group: Malformed]

    Destination PAN: 0xfff4

    Destination: 0xfffe

    Source PAN: 0x07ff

    Extended Source: 71:cf:18:62:ef:b7:98:3b (71:cf:18:62:ef:b7:98:3b)

    Frame Counter: 0xc16c6c12

    Key Sequence Counter: 0xef

    MIC: 23945db14b134305

    [Expert Info (Warning/Undecoded): No encryption key set - can't decrypt]

        [No encryption key set - can't decrypt]

        [Severity level: Warning]

        [Group: Undecoded]

    FCS: 0xf7a2 (Incorrect, expected FCS=0xd098)

    [Expert Info (Warning/Checksum): Bad FCS]

        [Bad FCS]

        [Severity level: Warning]

        [Group: Checksum]

Data (494 bytes)

    Data: 710dd958c174ada7c83c46f444bca32367df30779b95697dc386f407d55c166530415142…

    [Length: 494]

Frame 10: 58 bytes on wire (464 bits), 58 bytes captured (464 bits) on interface \\.\pipe\tiwspc_data, id 0

    Section number: 1

    Interface id: 0 (\\.\pipe\tiwspc_data)

        Interface name: \\.\pipe\tiwspc_data

    Encapsulation type: Raw IPv4 (129)

    Arrival Time: Dec 31, 1969 19:23:38.949227000 Eastern Standard Time

    [Time shift for this packet: 0.000000000 seconds]

    Epoch Time: 1418.949227000 seconds

    [Time delta from previous captured frame: 17.232146000 seconds]

    [Time delta from previous displayed frame: 17.232146000 seconds]

    [Time since reference or first frame: 480.752114000 seconds]

    Frame Number: 10

    Frame Length: 58 bytes (464 bits)

    Capture Length: 58 bytes (464 bits)

    [Frame is marked: False]

    [Frame is ignored: False]

    [Protocols in frame: ip:udp:ti-rpi:wpan]

    [Coloring Rule Name: UDP]

    [Coloring Rule String: udp]

Internet Protocol Version 4, Src: 192.168.1.3, Dst: 192.168.1.3

    0100 .... = Version: 4

    .... 0101 = Header Length: 20 bytes (5)

    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)

        0000 00.. = Differentiated Services Codepoint: Default (0)

        .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)

    Total Length: 58

    Identification: 0x0000 (0)

1. .... = Flags: 0x0

        0... .... = Reserved bit: Not set

        .0.. .... = Don't fragment: Not set

        ..0. .... = More fragments: Not set

    ...0 0000 0000 0000 = Fragment Offset: 0

    Time to Live: 128

    Protocol: UDP (17)

    Header Checksum: 0xb75c [validation disabled]

    [Header checksum status: Unverified]

    Source Address: 192.168.1.3

    Destination Address: 192.168.1.3

User Datagram Protocol, Src Port: 17760, Dst Port: 17760

    Source Port: 17760

    Destination Port: 17760

    Length: 38

    Checksum: 0x67ef [unverified]

    [Checksum Status: Unverified]

    [Stream index: 0]

    [Timestamps]

    UDP payload (30 bytes)

TI Radio Packet Info

    Interface: COM 22

    Frequency: 908.2 MHz

    Channel: 30

    PHY: 50 Kbps GFSK

    RSSI: -24 dBm

    Frame Check Status: 0x80 - OK

    Payload Length: 14 Bytes

IEEE 802.15.4 Command, Dst: Broadcast, Bad FCS

    Frame Control Field: 0x0803, Frame Type: Command, Destination Addressing Mode: Short/16-bit, Frame Version: IEEE Std 802.15.4-2003, Source Addressing Mode: None

        .... .... .... .011 = Frame Type: Command (0x3)

        .... .... .... 0... = Security Enabled: False

        .... .... ...0 .... = Frame Pending: False

        .... .... ..0. .... = Acknowledge Request: False

        .... .... .0.. .... = PAN ID Compression: False

        .... .... 0... .... = Reserved: False

        .... ...0 .... .... = Sequence Number Suppression: False

        .... ..0. .... .... = Information Elements Present: False

        .... 10.. .... .... = Destination Addressing Mode: Short/16-bit (0x2)

        ..00 .... .... .... = Frame Version: IEEE Std 802.15.4-2003 (0)

        00.. .... .... .... = Source Addressing Mode: None (0x0)

    Sequence Number: 135

    Destination PAN: 0xffff

    Destination: 0xffff

    Command Identifier: Beacon Request (0x07)

    FCS: 0x7c4e (Incorrect, expected FCS=0x29b2)

    [Expert Info (Warning/Checksum): Bad FCS]

        [Bad FCS]

        [Severity level: Warning]

        [Group: Checksum]

Please provide info regarding what data you are trying to sniff/decode.

You should do the testing with one of our default TI15.4 examples so that it will be easy for uss to tst the same here.

Siri

Siri,

This is for the sensor/collector project.

Kevin

Hi Kevin,

Can you post the pncap file?

Did you check the FCS settings in Wireshark?

Cheers,

Marie 

Marie,

Changing the FCS to CRC-32 did not fix the issue.  How can I upload a pcapng file for you to see?

Hi Kevin,

It should be possible by using the Insert button and selecting Image/video/file.

Cheers,

Marie H

BadFCS.zip

Marie H,

That did fix the FCS CRC errors, thank you very much.

I am still seeing No encryption key set - can't decrypt.  What and where do I put the encryption key for the standard key used for the sensor/collector project?  Here is the message in Wireshark:

Expert Info (Warning/Undecoded): No encryption key set - can't decrypt

Thanks,
Kevin

Hi Kevin,

I have never tested decryption with the sniffer on TI 15.4-Stack.

I have tested it with Wi-SUN, here are the instructions:

 Edit -> Preferences -> Protocol -> IEEE 802.15.4 -> Decryption Keys. 

https://dev.ti.com/tirex/content/simplelink_cc13xx_cc26xx_sdk_7_41_00_17/docs/ti_wisunfan/html/wisun-guide/debugging-index.html#wireshark-setup

(Or you can disable encryption on the collector and sensor.)

Cheers,

Marie H

Marie H,

I added the key that I am using (it is a new key and not the default one) where you indicated and put it in for key 0-4 just in case.  I still get the message that it can't decrypt.

Frame 68962: 134 bytes on wire (1072 bits), 134 bytes captured (1072 bits) on interface \\.\pipe\tiwspc_data, id 0
Section number: 1
Interface id: 0 (\\.\pipe\tiwspc_data)
Encapsulation type: Raw IPv4 (129)
Arrival Time: Dec 31, 1969 22:13:49.761324000 Eastern Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 11629.761324000 seconds
[Time delta from previous captured frame: 0.038444000 seconds]
[Time delta from previous displayed frame: 0.038444000 seconds]
[Time since reference or first frame: 11251.298249000 seconds]
Frame Number: 68962
Frame Length: 134 bytes (1072 bits)
Capture Length: 134 bytes (1072 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: ip:udp:ti802.15.4ge.sunphy:data]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Internet Protocol Version 4, Src: 192.168.1.3, Dst: 192.168.1.3
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 134
Identification: 0x0000 (0)
000. .... = Flags: 0x0
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 128
Protocol: UDP (17)
Header Checksum: 0xb710 [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.1.3
Destination Address: 192.168.1.3
User Datagram Protocol, Src Port: 17757, Dst Port: 17757
Source Port: 17757
Destination Port: 17757
Length: 114
Checksum: 0xc061 [unverified]
[Checksum Status: Unverified]
[Stream index: 0]
[Timestamps]
UDP payload (106 bytes)
TI 802.15.4GE SUN PHY without Mode Switch
PHR: 0x0868 without Mode Switch
0... .... .... .... = Mode Switch: False
...0 .... .... .... = FCS Type: Four Bytes (0x0)
.... 1... .... .... = Data Whitening: True
.... .000 0110 1000 = Frame Length: 104
TI 802.15.4GE Data, Dst: 0xaabb, Src: 0x0001
Frame Control Field: 0x9869, Frame Type: Data, Security Enabled, Acknowledge Request, PAN ID Compression, Destination Addressing Mode: Short/16-bit, Source Addressing Mode: Short/16-bit
Sequence Number: 59
Destination PAN: 0x0001
Destination: 0xaabb
Source: 0x0001
[Extended Source: TexasIns_00:15:01:fb:8f (00:12:4b:00:15:01:fb:8f)]
[Origin: 7644]
Auxiliary Security Header:
[Expert Info (Warning/Undecoded): No encryption key set - can't decrypt]
[No encryption key set - can't decrypt]
[Severity level: Warning]
[Group: Undecoded]
32 bit MIC: 0x8a01fe61
32 bit FCS: 0xf5cf7779 (Correct)
Data (77 bytes)
Data: b548031700f77e0a8cda46107d19318a1e7dd12b2343a9d37901e72ae24c316fe1c1dc5f…
[Length: 77]

Kevin

Hi Kevin,

In that case I don't think the sniffer supports encrypted link in the TI 15.4-Stack implementation.

Cheers,

Marie H

Marie H,

Please check with the group for the Smart RF Sniffer Agent as to what they think.  The Wireshark app has been instrumental to finding out issues on this project.  I was going to pare down the messages next and would really need to see what the messages are in them.  While troubleshooting issues with our prototypes, this may become very important.

Thanks,

Kevin

Hi Kevin,

I would advice you to turn off encryption while working on this, then turning it back on when you have resolved any issues.

Cheers,

Marie H