Skip to content
Nerivec edited this page Jul 9, 2024 · 7 revisions

Sniff Zigbee traffic (to Wireshark, to custom handler or just log in file).

Start sniffing

Start sniffing Zigbee traffic.

Note

If you decline sending to Wireshark, and no custom handler is provided, the raw data will be logged in the file.

Sending to Wireshark

You will be asked the host/IP and port (ZEP) of the Wireshark instance. If Wireshark is running on the same machine, the default values provided should be sufficient.

Configuring Wireshark

Add the proper keys in Edit > Preferences > Protocols > ZigBee > Pre-configured keys > Edit:

  • Default Zigbee key (ZigbeeAlliance09): 5A:69:67:42:65:65:41:6C:6C:69:61:6E:63:65:30:39
  • The network key of the network you want to sniff:
    • In Zigbee2MQTT, the default key is 01:03:05:07:09:0B:0D:0F:00:02:04:06:08:0A:0C:0D. If you changed the default/used GENERATE (recommended), you will need to locate the network key in your coordinator_backup.json file and separate every 2-character with : to get the same format. Alternatively, you can find it in your configuration.yaml file and convert it (each number) to the same hexadecimal format.

Use Adapter for loopback traffic capture. Then set the Zigbee protocol filter: udp.port==17754 (default ZEP port).

Custom handler

You can provide a custom handler by writing it into the file ezspMfglibRxHandler.mjs in the data folder (location printed when starting ember-zli).

Example:

/**
 * @param cmd Command The invoking oclif command object https://oclif.io/
 *        - The EZSP layer is available through `cmd.ezsp`
 *        - The Wireshark sequence is available through `cmd.sequence`
 * @param logger winston.Logger The winston logger https://github.com/winstonjs/winston
 * @param linkQuality number The link quality value associated with the packet
 * @param rssi number The RSSI value associated with the packet
 * @param packetContents Buffer The content of the Zigbee packet
 */
function handler(cmd, logger, linkQuality, rssi, packetContents) {
    // do something here
}

export default handler;
Clone this wiki locally