Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] Wireshark Bluetooth

From: "Paul Raine" <praine@xxxxxxxxxxxxxxxxx>
Date: Wed, 16 Jul 2014 08:35:23 -0500
>>So what happens if you run:
>>
>>	sudo tcpdump -D
>>
>>	sudo tcpdump -i bluetooth0
>>
>>from the command line?

[root@FoxForce5 rainey]# sudo tcpdump -D
1.eth0
2.bluetooth0 (Bluetooth adapter number 0)
3.eth1
4.usbmon1 (USB bus number 1)
5.usbmon2 (USB bus number 2)
6.usbmon3 (USB bus number 3)
7.usbmon4 (USB bus number 4)
8.any (Pseudo-device that captures on all interfaces)
9.lo
[root@FoxForce5 rainey]# 2
bash: 2: command not found...
[root@FoxForce5 rainey]# sudo tcpdump -i bluetooth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bluetooth0, link-type BLUETOOTH_HCI_H4_WITH_PHDR (Bluetooth HCI
UART transport layer plus pseudo-header), capture size 65535 bytes

^C
0 packets captured
157 packets received by filter
0 packets dropped by kernel
[root@FoxForce5 rainey]# sudo tcpdump -i bluetooth0 -v
tcpdump: listening on bluetooth0, link-type BLUETOOTH_HCI_H4_WITH_PHDR
(Bluetooth HCI UART transport layer plus pseudo-header), capture size 65535
bytes
^C
0 packets captured
269 packets received by filter
0 packets dropped by kernel



-----Original Message-----
From: Paul Raine [mailto:praine@xxxxxxxxxxxxxxxxx] 
Sent: Wednesday, July 16, 2014 8:29 AM
To: 'Guy Harris'
Cc: 'wireshark-users@xxxxxxxxxxxxx'
Subject: RE: [Wireshark-users] Wireshark Bluetooth

>>So what happens if you run:
>>
>>	sudo tcpdump -D
>>
>>	sudo tcpdump -i bluetooth0
>>
>>from the command line?


<user> is not in the sudoers file. This incident will be reported.


-----Original Message-----
From: Guy Harris [mailto:guy@xxxxxxxxxxxx] 
Sent: Monday, July 14, 2014 5:54 PM
To: Paul Raine
Cc: wireshark-users@xxxxxxxxxxxxx
Subject: Re: [Wireshark-users] Wireshark Bluetooth


On Jul 14, 2014, at 2:50 PM, "Paul Raine" <praine@xxxxxxxxxxxxxxxxx> wrote:

>> What happens if you don't open the Capture Interfaces window, but just
select "bluetooth0" from the main window and start a capture?
> 
> Same thing - blank main window during and after capture.

So what happens if you run:

	sudo tcpdump -D

	sudo tcpdump -i bluetooth0

from the command line?