Bluetooth detects MAC addresses only

[regeland]

Expected Behavior

Bluetooth LE devices (iBeacon) should have full data packets captured.

Actual Behavior

Detects MAC addresses only.

Steps to Reproduce the Problem

See command line below and debugging output.

root@raspberrypi:~# find3-cli-scanner -i wlan1 -device rbp0 -family XXXX -bluetooth -passive -no-modify -server https://cloud.internalpositioning.com -forever -debug 2018-04-02 04:26:56 [INFO] main.go main:79 reverse scanning with wlan1 2018-04-02 04:26:56 [DEBUG] reverse.go ReverseScan:21 saving tshark data to /tmp/tshark-yHOEFhQKTj 2018-04-02 04:26:56 [DEBUG] reverse.go ReverseScan:21 tshark -I -i wlan1 -a duration:10 -w /tmp/tshark-yHOEFhQKTj 2018-04-02 04:26:56 [DEBUG] utils.go RunCommand:14 tshark -I -i wlan1 -a duration:10 -w /tmp/tshark-yHOEFhQKTj 2018-04-02 04:26:56 [INFO] bluetooth.go scanBluetooth:19 scanning bluetooth 2018-04-02 04:26:56 [DEBUG] utils.go RunCommand:14 btmgmt find 2018-04-02 04:26:59 [ERROR] utils.go RunCommand:40 exit status 1: tshark -I -i wlan1 -a duration:10 -w /tmp/tshark-yHOEFhQKTj 2018-04-02 04:26:59 [DEBUG] utils.go RunCommand:14 /usr/bin/tshark -r /tmp/tshark-yHOEFhQKTj -T fields -e frame.time_epoch -e wlan.sa -e wlan.bssid -e radiotap.dbm_antsignal 2018-04-02 04:27:03 [ERROR] utils.go RunCommand:40 exit status 2: /usr/bin/tshark -r /tmp/tshark-yHOEFhQKTj -T fields -e frame.time_epoch -e wlan.sa -e wlan.bssid -e radiotap.dbm_antsignal 2018-04-02 04:27:03 [INFO] reverse.go ReverseScan:21 collected 0 packets 2018-04-02 04:27:06 [DEBUG] utils.go RunCommand:42 btmgmt find done gracefully without error 2018-04-02 04:27:06 [DEBUG] bluetooth.go btmgmtFind:48 finished btmgmt find 2018-04-02 04:27:06 [DEBUG] main.go reverseCapture:106 bluetooth data:map[bluetooth:map[41:8c:ea:8a:9c:eb:-52 51:a3:b9:d9:52:65:-51 4e:ee:9e:70:37:9d:-71 43:69:1c:bd:ec:b6:-50 3c:2b:ef:ea:2e:38:-90 65:3e:b3:ef:a0:89:-79 c4:d9:87:54:b1:c1:-93]] 2018-04-02 04:27:06 [DEBUG] main.go reverseCapture:87 { "t": 1522643216052, "f": "XXXX", "d": "rbp0", "l": "", "s": { "bluetooth": { "3c:2b:ef:ea:2e:38": -90, "41:8c:ea:8a:9c:eb": -52, "43:69:1c:bd:ec:b6": -50, "4e:ee:9e:70:37:9d": -71, "51:a3:b9:d9:52:65": -51, "65:3e:b3:ef:a0:89": -79, "c4:d9:87:54:b1:c1": -93 } } } 2018-04-02 04:27:06 [ERROR] main.go reverseCapture:118 no packets found 2018-04-02 04:27:06 [INFO] main.go main:79 reverse scanning with wlan1 2018-04-02 04:27:06 [DEBUG] reverse.go ReverseScan:21 saving tshark data to /tmp/tshark-iuvgQQPyNv 2018-04-02 04:27:06 [DEBUG] reverse.go ReverseScan:21 tshark -I -i wlan1 -a duration:10 -w /tmp/tshark-iuvgQQPyNv 2018-04-02 04:27:06 [DEBUG] utils.go RunCommand:14 tshark -I -i wlan1 -a duration:10 -w /tmp/tshark-iuvgQQPyNv 2018-04-02 04:27:06 [INFO] bluetooth.go scanBluetooth:19 scanning bluetooth 2018-04-02 04:27:06 [DEBUG] utils.go RunCommand:14 btmgmt find

[schollz]

What is the output of sudo btmgmt find?

[regeland]

See below for output as requested from btmgmt find:

root@raspberrypi:~# btmgmt find Discovery started hci0 type 7 discovering on hci0 dev_found: 51:A3:B9:D9:52:65 type LE Random rssi -56 flags 0x0000 AD flags 0x1a eir_len 30 hci0 dev_found: 3C:2B:EF:EA:2E:38 type LE Random rssi -88 flags 0x0004 AD flags 0x00 eir_len 31 hci0 dev_found: 41:8C:EA:8A:9C:EB type LE Random rssi -69 flags 0x0004 AD flags 0x00 eir_len 38 hci0 dev_found: 43:69:1C:BD:EC:B6 type LE Random rssi -36 flags 0x0004 AD flags 0x00 eir_len 28 hci0 dev_found: 09:88:BF:16:42:74 type LE Random rssi -89 flags 0x0004 AD flags 0x1b eir_len 15 hci0 dev_found: 4E:EE:9E:70:37:9D type LE Random rssi -66 flags 0x0004 AD flags 0x00 eir_len 28 hci0 dev_found: 43:69:1C:BD:EC:B6 type LE Random rssi -54 flags 0x0004 AD flags 0x00 eir_len 10 hci0 dev_found: 4E:EE:9E:70:37:9D type LE Random rssi -84 flags 0x0004 AD flags 0x00 eir_len 10 hci0 dev_found: 65:3E:B3:EF:A0:89 type LE Random rssi -80 flags 0x0004 AD flags 0x00 eir_len 38 hci0 dev_found: D0:03:4B:4F:F7:ED type LE Public rssi -88 flags 0x0000 AD flags 0x1a eir_len 14 hci0 type 7 discovering off

[regeland]

See also the extended BTLE data stream seems to be captured correctly by bluetoothctl (see https://ukbaz.github.io/howto/beacon_scan_cmd_line.html for reference).

root@raspberrypi:~# bluetoothctl [NEW] Controller B8:27:EB:F5:43:E4 raspberrypi [default] [bluetooth]# set-scan-filter-clear SetDiscoveryFilter success [bluetooth]# scan on Discovery started [CHG] Controller B8:27:EB:F5:43:E4 Discovering: yes [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Key: 0x004c [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x02 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x15 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0xb9 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x40 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x7f [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x30 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0xf5 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0xf8 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x46 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x6e [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0xaf [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0xf9 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x25 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x55 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x6b [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x57 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0xfe [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x6d [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x00 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x00 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x00 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0x00 [CHG] Device 49:AC:3F:F8:66:CE ManufacturerData Value: 0xc5

[schollz]

This should be fixed now