TI中文支持网对于开发无线标准协议相关的产品的来说,在实际开发过程中常常需要通过分析空中交互的数据包来分析问题,调试程序。对Zigbee相关产品的开发当然也不例外。
之前在选择TI的Zigbee芯片( CC2530/CC2531/CC2538/CC2630/CC2650/CC2652R )进行产品开发时,我们一般推荐两个抓包工具,一个是TI开发的免费抓包工具Packet Sniffer,另外一个是第三方公司Ubilogix开发的付费软件Ubiqua Packet Analyzer。对于第一个来说,优点是免费的,缺点是对Zigbee协议的解析并不好,没办法具体解析到数据包中每个字节,每个位,另外也没办法对加密的数据包进行解密分析,用户开发产品中如果使用了加密的话,使用起来非常的不方便。对于第二个软件Ubiqua Packet Analyzer来说,优点显而易见,来自一家专业做抓包工具的公司,该软件堪称Zigbee抓包工具中做的最好的一个(没有之一),除了能够完成Zigbee协议的完美解析以外,还有其他的功能可能使用。不太完美的一点是它是一个付费软件,每年需要付一定的license费用。
所以我们也一直在寻找一款既能够完成Zigbee协议数据报文解析,包括MAC,NWK, APS, ZCL等不同层次,又可以对加密数据包进行解密,而且是一款免费的工具。下面我们将介绍使用免费的Wireshark工具完成对Zigbee协议的解析。当然如果工程师想要最求最完美的Zigbee数据包解析效果,还是需要购买Ubiqua Packet Analyzer软件。
(1) Wireshark + CC2531 USB Dongle
- 1. Required Hardware
- TI CC2531 USB Dongle: http://www.ti.com/tool/cc2531emk
- CC Debugger to Program the CC2531 USB Dongle. http://www.ti.com/tool/cc-debugger
- 2. Install the Required Software
- TI TiWsPc tool. Download from 2821.TiWsPc.zip and install to default folder.
- Install TI Packet Sniffer Tool to default folder: http://www.ti.com/tool/packet-sniffer
- Wireshark: https://www.wireshark.org/#download (Wireshark 2.4.x stable release)
- To program the CC2531 USB Dongle, install SmartRF Flash Programmer to default folder: http://www.ti.com/tool/flash-programmer
- 3. Hardware Setup
- Connect CC Debugger(JTAG) to CC2531 USB Dongle via DEBUG connector.
- Plug-in the CC2531 USB Dongle to PC USB port for power on the device.
- Plug-in the CC Debugger USB to PC USB port.
- Open the SmartRF Flash Programmer and choose the sniffer_fw_cc2531.hex and download to CC2531 USB Dongle. The sniffer_fw_cc2531.hex file located at C:\Program Files (x86)\Texas Instruments\SmartRF Tools\Packet Sniffer\bin\general\firmware
- 4. Running the Packet Sniffer
- Connect your sniffing hardware CC2531 USB Dongle to your PC via USB port.
- Start TiWsPc and select Device Configuration
- Select your IEEE channel to sniff and Click Start
- If your TiWsPc looks like this, you are ready to set up Wireshark
- Create a new Desktop shortcut for Wireshark and add the following to the path: -i\\.\pipe\tiwspc_data –k
This will set up the Pipe that sends data from Sniffer Agent into Wireshark.
- Open Wireshark and you will the TiWsPc looks like this.
- In Wireshark, go to Edit > Preferences > Protocols > Zigbee add the Zigbee TC Link Key “5a6967426565416c6c69616e63653039”
- You will see Wireshark sniffing Zigbee data in the setting channel as below.
(2) Wireshark + CC2650/CC2652R LaunchPad
- 1. Required Hardware
- TI CC2652 Launchpad: http://www.ti.com/tool/LAUNCHXL-CC26X2R1
- TI CC2650 Launchpad: http://www.ti.com/tool/LAUNCHXL-CC2650
- 2. Install the Required Software
- TI Packet Sniffer 2: http://www.ti.com/tool/packet-sniffer
- Wireshark: https://www.wireshark.org/#download (Wireshark 2.4.x stable release)
- To program the CC2650/CC2652LP install UniFlash from: http://www.ti.com/tool/UNIFLASH
- 3. Hardware Setup
- Connect the CC2650/CC2652RLP to the computer and determine the correct COM Port for your LaunchPad. It will be the “XDS110 Class Application/User UART” port for your device, you can determine this in Windows by going to Device Manager > Ports
- If necessary, program your relevant sniffer hardware.
- For CC2650/CC2652LP, use sniffer_fw_15_4.hex at C:\Program Files (x86)\Texas Instruments \SmartRF Tools\SmartRF Packet Sniffer 2\sniffer_fw\bin\{your_device}}\15.4 and UniFlash.
- 4. Running the Packet Sniffer
- Connect your sniffing hardware to your PC.
- Start SmartRF Packet Sniffer 2 Sniffer Agent and select Device Configuration
- Select your IEEE channel to sniff
- If your Sniffer Agent looks like this, you are ready to set up Wireshark:
- Add the TI 15.4 Wireshark Dissector to Wireshark (assuming x64 installation)
Navigate to C:\Program Files (x86)\Texas Instruments\SmartRF Tools\ SmartRF Packet Sniffer 2\wireshark\plugins\2.4.x\ and copy ti802154ge-x64-2x.dll and tirpi-x64-2x.dll to C:\Program Files\Wireshark\plugins\2.4.3\
- Open Wireshark go to Edit > Preferences > Protocols > Zigbee add the Zigbee TC Link Key
5a6967426565416c6c69616e63653039
- Close Wireshark and create a new Desktop shortcut for Wireshark and add the following to the path: -i\\.\pipe\tiwspc_data -k
This will set up the Pipe that sends data from Sniffer Agent into Wireshark
- Open Wireshark with the new shortcut and you will see Wireshark sniffing Zigbee data.
此帖子为Victor Xu 所写,有问题可以私信我或者在下面留言。
Thanks VV
Viki Shi:
Alvin,tks~
gaoyang9992006:
多谢分享,看来要想学好必须要买个嗅探器了。
韧明:
多谢分享。我按照文字配置了一下(CC2652R+Wireshark),因为图片无法正常显示(无访问权限)。
Wireshark的抓包界面如下图,这里的Data域应该就是ZigBee协议传输的内容了,请问怎样能够实现像Packet sniffer那样的对于ZigBee协议本身的解析呢?
YiKai Chen:
回复 韧明:
參考一下
仔細比對有沒有漏了什麼步驟
韧明:
回复 YiKai Chen:
谢谢,非常有用的帮助文档。
原来这个对于Wireshark软件的版本还是有要求的:2.4版本
It is important that Wireshark 2.4.x version is used. Older or newer versions may not be compatible.
我测试之后再反馈一下。
韧明:
回复 YiKai Chen:
采用2.4.10版本后,抓包正常!需要注意两个动态链接库文件需要拷贝到对应目录,这个不能忽略。按照原帖的文字教程即可成功设置。设置成功后如下图所示:
YiKai Chen:
回复 韧明:
照著步驟作一定沒問題!
韧明:
回复 YiKai Chen:
嗯,是的,Thread文档虽然设置不同,但是也有帮助!
user4637920:
想抓包,嗅探工具必不可少。TI应该多提供一些嗅探工具和方法,不仅在ZIGBEE,在BT,WIFI都提供好工具才行。
user5912109:
大神你好,我根据你的方案一Wireshark + CC2531 USB Dongle 来操作,出现了一些问题,希望指教指教,方案一中的DEBUG connector这个是什么?我不知道什么用CC DEBUGGER去连接CC2531,还有wireshark 也出错了,如图
软件安装的时候都是按照默认路径来的,希望能指点一二,在此谢过!
