Red Hat Bugzilla – Bug 1013330
Bluetooth adapters are not available for capture with wireshark
Last modified: 2014-03-28 19:06:57 EDT
Description of problem:
Bluetooth adapters are not available for capture
Version-Release number of selected component (if applicable): 1.4.0-2
How reproducible: always
Steps to Reproduce:
1. Make sure you have a bluetooth adapter installed and working correctly
2. Install wireshark
3. Get list of adapters available to capture on:
$ su -c 'dumpcap -D'
Actual results: Bluetooth adapter(s) are not shown
Expected results: Bluetooth adapter(s) should be shown if they're available and the program has correct permissions
SELinux is disabled on my machine.
Created attachment 804666 [details]
patch to fix the bug
The issue appears to be a bug in libpcap code. I have already provided patch for and reported it upstream https://github.com/the-tcpdump-group/libpcap/pull/322
/copied from the github pull request/
Trying to capture from my bluetooth with wireshark, I couldn't find my adapter. Here is what I got when running dumpcap -D under root user:
8. lo (Loopback)
Digged in and turns out that add_or_find_if() in inet.c adds my bluetooth adapter to top of the list based on its rules. But bt_findalldevs() in pcap-bt-linux.c doesn't update alldevsp so the caller cannot see the added item. The only way bt_findalldevs() would work is if the bluetooth adapters are added to the list somewhere below the first item. And I assume in tests, this has been the case to date (as the source code seem to have been the same for past 7 years).
I have done a smoke test of running dumpcap and the wireshark GUI with this patch to capture HCI packets and it works fine.
Merged upstream https://github.com/the-tcpdump-group/libpcap/commit/50594b37d959f84701b12876af95828e20f3d82a
Thank you very much for digging into this and providing the patch. I will backport it to Fedora and release an update.
(In reply to Michal Sekletar from comment #3)
> Thank you very much for digging into this and providing the patch. I will
> backport it to Fedora and release an update.
Also, Guy Harris, the upstream maintainer of libpcap found two further counts of this bug elsewhere which when fixed, will cause more interfaces to show up for capture! I don't know if I need to open another bug report for that or just upload the patch here.
I'd be great if you could open bugs for those issues too. Having separate bugzilla entries helps us keep track of changes.
I see the wireless and also LAN port unavailable for the capture as well.
(In reply to Ivo Sarak from comment #6)
> I see the wireless and also LAN port unavailable for the capture as well.
Hmm..Are you running wireshark with sufficient privileges?
This should be fixed now in both rawhide and F20.