RFTap: A Bridge Between GNURadio and Wireshark
Recently a new Linux based tool called RFTap has been released. RFTap acts as a bridge between GNURadio flow graphs and Wireshark. GNU Radio is a visual based programming environment for digital signal processing applications, such as RF signal decoders. GNURadio supports many different SDR’s including the RTL-SDR. Wireshark is a network packet analyzer/dissector that aides with troubleshooting and analysis of network protocols. RFTap also supports other DSP languages like Pothos, liquidsdr, LuaRadio as well as other packet analyzers like TShark, tcpdump, Scapy.
The author has already released three RFTap tutorials/demos. The first shows how to decode Radio Data System (RDS) and use RFTap and Wireshark to dissect each packet. The second shows how to use RFTap and Wireshark to detect MAC spoofing on WiFi networks. For that tutorial you will need a more advanced SDR that can tune to the 5 GHz WiFi frequencies and receive the full WiFi bandwidth of 20 MHz. The third tutorial shows how to use RFTap to analyze Zigbee packets.