BLE data corruption. Rcvd Number of Completed Packets delay/offset
0
votes
0
answers
19
views
I am retrieving bug-report HCI snoop logs from my android 15 mobile phone after my phone app sends chunks of data via BLE to another BLE device (device 2). Then viewing the logs in Wireshark.
The data is transferred through the HCI as 'Write Command' ATT frames which contain a 12 byte header and a 136 byte payload (beginning with b1 b1).
Once one or more of the Write commands are sent, the controller responds to the host with a 'Number of Completed Packets' HCI_EVT frame.
The problem I am having is that my payloads are being corrupted when I 'print' them at application layer on device 2 (always the last 16 bytes of the first corrupted payload and then all bytes of any subsequent payloads). The final 16 bytes of frame 42 (see logs at bottom of question) is the first place that corruption happens.
I have no way to view HCI logs at the device 2 end. And currently no way to sniff the data over the BLE connection.
I have noticed that at the time of corruption, the Number of Completed Packets does not reflect the number of Write Commands sent previously. You can see at frame 44 of the logs the controller reports that only one packet has completed, even though 3 have been sent consecutively. The controller then catches up at frame 47 and reports that 4 packets have completed.
Questions:
1. Could this delay between the write commands and the completed packets response be the cause of my corruption i.e. the host is bombarding the controller with packets faster than it can send them on? Or is it more likely to be a symptom of a problem with the BLE stack etc?
2. I have noticed that the Dynamically Allocated Channel in the Connection oriented channel frames (frame 45) seems to change very frequently (roughly every 2-5 write commands it will increment by 0x0100). Is this normal? I noticed this doesn't happen with my android 13 phone (and also no corruption with android 13 phones).
3. Does any other part of these logs jump out as being non-standard or concerning?
Thanks for your help.
Frame 41: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.690757000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.690757000 UTC
Epoch Arrival Time: 1755612682.690757000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.006802000 seconds]
[Time delta from previous displayed frame: 0.006802000 seconds]
[Time since reference or first frame: 1.338975000 seconds]
Frame Number: 41
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b18000000000008cc66e6c588f0000faa19132916001ec20a1f42f00000000629384000080a0e1d81f0402c7a1462693eaff1f4e634712208112208684ce4147e30fd40c1c40edef8226061bf901f111eccf032061143046221501efdbc600c0346e0c1080e0ee660c044e420c671cef
Frame 42: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.776272000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.776272000 UTC
Epoch Arrival Time: 1755612682.776272000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.085515000 seconds]
[Time delta from previous displayed frame: 0.085515000 seconds]
[Time since reference or first frame: 1.424490000 seconds]
Frame Number: 42
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b18000000000005320291e52c0288c28142aa2ca8432f073c0091e7220088c2814baa40282e0efef81260652f0ef610088629846a28c02d81f8c00f80400046e2cbaa60080e1e9dbfa468024321400208c2003388518046e2c2aa06293840086a40e84019020eac6511b0b27254e22c8
Frame 43: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.860785000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.860785000 UTC
Epoch Arrival Time: 1755612682.860785000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.084513000 seconds]
[Time delta from previous displayed frame: 0.084513000 seconds]
[Time since reference or first frame: 1.509003000 seconds]
Frame Number: 43
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b1800000000000d84801007a42a6ec9884e238ca623210002032f08000ef616238c6800080c0ef2402100046b260ee2605c6153aaba6244710d201a8c4600269c108028081c0e346f08c876e6c08643aa7dbf224321802582f0400eaa48c026e0c8a452080e0ec02840080840e002562
Frame 44: 8 bytes on wire (64 bits), 8 bytes captured (64 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.864229000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.864229000 UTC
Epoch Arrival Time: 1755612682.864229000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.003444000 seconds]
[Time delta from previous displayed frame: 0.003444000 seconds]
[Time since reference or first frame: 1.512447000 seconds]
Frame Number: 44
Frame Length: 8 bytes (64 bits)
Capture Length: 8 bytes (64 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Received (1)
[Protocols in frame: bluetooth:hci_h4:bthci_evt]
[Coloring Rule Name: bthci_evt]
[Coloring Rule String: bthci_evt]
Bluetooth
[Source: controller]
[Destination: host]
Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: HCI Event (0x04)
Bluetooth HCI Event - Number of Completed Packets
Event Code: Number of Completed Packets (0x13)
Parameter Total Length: 5
Number of Connection Handles: 1
Connection Handle: 0x8005
Number of Completed Packets: 1
Frame 45: 496 bytes on wire (3968 bits), 496 bytes captured (3968 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.865584000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.865584000 UTC
Epoch Arrival Time: 1755612682.865584000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.001355000 seconds]
[Time delta from previous displayed frame: 0.001355000 seconds]
[Time since reference or first frame: 1.513802000 seconds]
Frame Number: 45
Frame Length: 496 bytes (3968 bits)
Capture Length: 496 bytes (3968 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Received (1)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 1110 1101 1100 = Connection Handle: 0xedc
..10 .... .... .... = PB Flag: First Automatically Flushable Packet (2)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 491
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 487
CID: Dynamically Allocated Channel (0x5bff)
Payload […]: 0019000001007eea5b60db014340df5965059f65052e0a86658c019c4348df89601e011e431ce086601e011e4324e089322601264348e086322601264360e05965059f65052f0a86658c019c4368e0883226012686322601264374e086321e01264398e089601e011643e8e086601e01
Frame 46: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.942814000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.942814000 UTC
Epoch Arrival Time: 1755612682.942814000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.077230000 seconds]
[Time delta from previous displayed frame: 0.077230000 seconds]
[Time since reference or first frame: 1.591032000 seconds]
Frame Number: 46
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b1800000000000d80f0802f754bc0112b42510f771efa111e038002af2f60f6ac1880f000010e1e64afc0f004000000000000000000000000000000000000000000000000000006ee901026ce8010228800004b21a12010d70d0822289d20193030570000000ef0d90930ea35351b292
Frame 47: 8 bytes on wire (64 bits), 8 bytes captured (64 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.956493000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.956493000 UTC
Epoch Arrival Time: 1755612682.956493000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.013679000 seconds]
[Time delta from previous displayed frame: 0.013679000 seconds]
[Time since reference or first frame: 1.604711000 seconds]
Frame Number: 47
Frame Length: 8 bytes (64 bits)
Capture Length: 8 bytes (64 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Received (1)
[Protocols in frame: bluetooth:hci_h4:bthci_evt]
[Coloring Rule Name: bthci_evt]
[Coloring Rule String: bthci_evt]
Bluetooth
[Source: controller]
[Destination: host]
Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: HCI Event (0x04)
Bluetooth HCI Event - Number of Completed Packets
Event Code: Number of Completed Packets (0x13)
Parameter Total Length: 5
Number of Connection Handles: 1
Connection Handle: 0x8005
Number of Completed Packets: 4
I have no way to view HCI logs at the device 2 end. And currently no way to sniff the data over the BLE connection.
I have noticed that at the time of corruption, the Number of Completed Packets does not reflect the number of Write Commands sent previously. You can see at frame 44 of the logs the controller reports that only one packet has completed, even though 3 have been sent consecutively. The controller then catches up at frame 47 and reports that 4 packets have completed.
Questions:
1. Could this delay between the write commands and the completed packets response be the cause of my corruption i.e. the host is bombarding the controller with packets faster than it can send them on? Or is it more likely to be a symptom of a problem with the BLE stack etc?
2. I have noticed that the Dynamically Allocated Channel in the Connection oriented channel frames (frame 45) seems to change very frequently (roughly every 2-5 write commands it will increment by 0x0100). Is this normal? I noticed this doesn't happen with my android 13 phone (and also no corruption with android 13 phones).
3. Does any other part of these logs jump out as being non-standard or concerning?
Thanks for your help.
Frame 41: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.690757000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.690757000 UTC
Epoch Arrival Time: 1755612682.690757000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.006802000 seconds]
[Time delta from previous displayed frame: 0.006802000 seconds]
[Time since reference or first frame: 1.338975000 seconds]
Frame Number: 41
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b18000000000008cc66e6c588f0000faa19132916001ec20a1f42f00000000629384000080a0e1d81f0402c7a1462693eaff1f4e634712208112208684ce4147e30fd40c1c40edef8226061bf901f111eccf032061143046221501efdbc600c0346e0c1080e0ee660c044e420c671cef
Frame 42: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.776272000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.776272000 UTC
Epoch Arrival Time: 1755612682.776272000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.085515000 seconds]
[Time delta from previous displayed frame: 0.085515000 seconds]
[Time since reference or first frame: 1.424490000 seconds]
Frame Number: 42
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b18000000000005320291e52c0288c28142aa2ca8432f073c0091e7220088c2814baa40282e0efef81260652f0ef610088629846a28c02d81f8c00f80400046e2cbaa60080e1e9dbfa468024321400208c2003388518046e2c2aa06293840086a40e84019020eac6511b0b27254e22c8
Frame 43: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.860785000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.860785000 UTC
Epoch Arrival Time: 1755612682.860785000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.084513000 seconds]
[Time delta from previous displayed frame: 0.084513000 seconds]
[Time since reference or first frame: 1.509003000 seconds]
Frame Number: 43
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b1800000000000d84801007a42a6ec9884e238ca623210002032f08000ef616238c6800080c0ef2402100046b260ee2605c6153aaba6244710d201a8c4600269c108028081c0e346f08c876e6c08643aa7dbf224321802582f0400eaa48c026e0c8a452080e0ec02840080840e002562
Frame 44: 8 bytes on wire (64 bits), 8 bytes captured (64 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.864229000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.864229000 UTC
Epoch Arrival Time: 1755612682.864229000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.003444000 seconds]
[Time delta from previous displayed frame: 0.003444000 seconds]
[Time since reference or first frame: 1.512447000 seconds]
Frame Number: 44
Frame Length: 8 bytes (64 bits)
Capture Length: 8 bytes (64 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Received (1)
[Protocols in frame: bluetooth:hci_h4:bthci_evt]
[Coloring Rule Name: bthci_evt]
[Coloring Rule String: bthci_evt]
Bluetooth
[Source: controller]
[Destination: host]
Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: HCI Event (0x04)
Bluetooth HCI Event - Number of Completed Packets
Event Code: Number of Completed Packets (0x13)
Parameter Total Length: 5
Number of Connection Handles: 1
Connection Handle: 0x8005
Number of Completed Packets: 1
Frame 45: 496 bytes on wire (3968 bits), 496 bytes captured (3968 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.865584000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.865584000 UTC
Epoch Arrival Time: 1755612682.865584000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.001355000 seconds]
[Time delta from previous displayed frame: 0.001355000 seconds]
[Time since reference or first frame: 1.513802000 seconds]
Frame Number: 45
Frame Length: 496 bytes (3968 bits)
Capture Length: 496 bytes (3968 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Received (1)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 1110 1101 1100 = Connection Handle: 0xedc
..10 .... .... .... = PB Flag: First Automatically Flushable Packet (2)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 491
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 487
CID: Dynamically Allocated Channel (0x5bff)
Payload […]: 0019000001007eea5b60db014340df5965059f65052e0a86658c019c4348df89601e011e431ce086601e011e4324e089322601264348e086322601264360e05965059f65052f0a86658c019c4368e0883226012686322601264374e086321e01264398e089601e011643e8e086601e01
Frame 46: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.942814000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.942814000 UTC
Epoch Arrival Time: 1755612682.942814000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.077230000 seconds]
[Time delta from previous displayed frame: 0.077230000 seconds]
[Time since reference or first frame: 1.591032000 seconds]
Frame Number: 46
Frame Length: 148 bytes (1184 bits)
Capture Length: 148 bytes (1184 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Sent (0)
[Protocols in frame: bluetooth:hci_h4:bthci_acl:btl2cap:btatt]
[Coloring Rule Name: Write Command]
[Coloring Rule String: btatt.opcode == 0x52]
Bluetooth
[Source: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination: 00:00:00_00:00:00 (00:00:00:00:00:00)]
Bluetooth HCI H4
[Direction: Sent (0x00)]
HCI Packet Type: ACL Data (0x02)
Bluetooth HCI ACL Packet
.... 0000 0000 0101 = Connection Handle: 0x005
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 143
Data
[Expert Info (Error/Protocol): Frame is out of any "connection handle" session]
[Source BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Source Device Name: ]
[Source Role: Unknown (0)]
[Destination BD_ADDR: 00:00:00_00:00:00 (00:00:00:00:00:00)]
[Destination Device Name: ]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]
Bluetooth L2CAP Protocol
Length: 139
CID: Attribute Protocol (0x0004)
Bluetooth Attribute Protocol
[Expert Info (Warning/Protocol): Packet size exceed current ATT_MTU]
Opcode: Write Command (0x52)
Handle: 0x0013 (Unknown)
Value […]: b1b1800000000000d80f0802f754bc0112b42510f771efa111e038002af2f60f6ac1880f000010e1e64afc0f004000000000000000000000000000000000000000000000000000006ee901026ce8010228800004b21a12010d70d0822289d20193030570000000ef0d90930ea35351b292
Frame 47: 8 bytes on wire (64 bits), 8 bytes captured (64 bits)
Encapsulation type: Bluetooth H4 with linux header (99)
Arrival Time: Aug 19, 2025 15:11:22.956493000 GMT Daylight Time
UTC Arrival Time: Aug 19, 2025 14:11:22.956493000 UTC
Epoch Arrival Time: 1755612682.956493000
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.013679000 seconds]
[Time delta from previous displayed frame: 0.013679000 seconds]
[Time since reference or first frame: 1.604711000 seconds]
Frame Number: 47
Frame Length: 8 bytes (64 bits)
Capture Length: 8 bytes (64 bits)
[Frame is marked: False]
[Frame is ignored: False]
Point-to-Point Direction: Received (1)
[Protocols in frame: bluetooth:hci_h4:bthci_evt]
[Coloring Rule Name: bthci_evt]
[Coloring Rule String: bthci_evt]
Bluetooth
[Source: controller]
[Destination: host]
Bluetooth HCI H4
[Direction: Rcvd (0x01)]
HCI Packet Type: HCI Event (0x04)
Bluetooth HCI Event - Number of Completed Packets
Event Code: Number of Completed Packets (0x13)
Parameter Total Length: 5
Number of Connection Handles: 1
Connection Handle: 0x8005
Number of Completed Packets: 4
Asked by HazCam
(1 rep)
Aug 27, 2025, 09:27 AM