LinuxCommandLibrary

hcidump

Capture Bluetooth HCI packets

SYNOPSIS

hcidump [-hacdDfilnqxESt] [-t ] [-i ] [-m ] [filter]

PARAMETERS

-h, --help
    Print usage summary

-C, --ascii
    Dump packets in ASCII format

-i, --dev
    Listen on specified HCI device (default: hci0)

-t, --timestamp[=TIMEFMT]
    Add timestamps (default: %H:%M:%S.%q)

-x, --extended
    Extended packet information dump

-X , --extended=
    Dump specific types: human, err, cmd, evt, acl, sco

-r, --raw
    Raw hexdump output

-a, --acl
    Dump only ACL data packets

-s, --sco
    Dump only SCO voice packets

-e, --events
    Dump only HCI events

-d, --decimal
    Use decimal for packet codes

-n, --numeric
    Numeric values, no names

-H, --human
    Human-readable format

-I, --inquiry
    Perform inquiry scan

-m, --mask=
    ACL packet type mask

-q, --quiet
    Suppress non-dump output

-f, --follow
    Listen indefinitely

-l, --le
    Bluetooth Low Energy dump

-V, --version
    Show version info

DESCRIPTION

hcidump is a command-line tool from the BlueZ Linux Bluetooth protocol stack used to capture and display Host Controller Interface (HCI) packets exchanged between the Bluetooth host and controller (adapter). It dumps HCI commands, ACL (Asynchronous Connection-Less) data, SCO (Synchronous Connection-Oriented) audio, and events.

Essential for debugging Bluetooth issues, protocol analysis, and development. Supports filtering by packet type, multiple interfaces, timestamps, and formats like hex, ASCII, raw, or human-readable. Can perform device inquiries, page scans, and remote feature reads.

Run typically with root privileges. Output to stdout or files for tools like Wireshark. Filters allow targeting specific connections or types (e.g., LE for Bluetooth Low Energy).

Deprecated in modern BlueZ; succeeded by btmon for enhanced monitoring.

CAVEATS

Requires root or CAP_NET_RAW capability. Deprecated in BlueZ 5.50+; use btmon(8) for new projects. May interfere with normal Bluetooth operation.

COMMON USAGE

hcidump -i hci0 -x -t : Monitor hci0 with extended info and timestamps.
hcidump -a -f > acl.pcap : Capture ACL forever to file.

FILTER SYNTAX

Supports BPF-like filters, e.g., 'acl and bdaddr 00:11:22:33:44:55' to target specific MAC.

HISTORY

Introduced in early BlueZ releases (~2001) by Maxim Krasnyansky and others for HCI debugging. Evolved with BlueZ stack; largely obsoleted by btmon in BlueZ 5.50 (2017) for multi-monitor support.

SEE ALSO

btmon(8), hciconfig(8), hcitool(1), bluetoothctl(1), btsnoop(8)

Copied to clipboard