Re: proposal: rename DLT_PRISM_HEADER

[Guy Harris <guy () netapp com>]

On Mon, Nov 18, 2002 at 06:45:48PM -0600, David Young wrote:
> On Mon, Nov 18, 2002 at 04:04:21PM -0500, Stuffed Crust wrote:
> > http://www.shaftnet.org/~pizza/software/capturefrm.txt is the current
> > spec as implemented in the linux-wlan-ng driver and the ethereal
> > dissector.  Have a look; it's considerably more sane and flexible than
> > the old format, and it's not tied closely to any one hardware type.
>
> I will use the AVS capture format in NetBSD, but I have some questions
> and suggestions.

Unfortunately, you didn't CC Solomon on the mail, so he wouldn't see it
unless he's subscribed to tcpdump-workers, and he doesn't seem to be
subcribed to it, so he probably didn't see it.

As the questions are presumably addressed to him, I'm CCing him in this
reply; please keep him CCed in all replies if your replies are intended
for him.

> May we call this DLT_IEEE802_11_RADIO?

As per other mail (which was sent to pizza () shaftnet org, so hopefully
Solomon saw it), I added a new DLT_ type with that name, and the value
127.  That's in the current libpcap CVS tree, so it'll be in libpcap
0.8.  Linux could use it if it ever gets an ARPHRD_IEEE802_11_RADIO (or
whatever it'd be called) ARPHRD_ value; BSD can use it if it picks up
that #define.

I've also checked in support for it (and DLT_PRISM_HEADER) in tcpdump,
although I also need to check in a change to the DLT_PRISM_HEADER code
to check the magic number and, if it's really the magic number for
DLT_IEEE802_11_RADIO, dissect it as such.  (Tcpdump currently just
skips over the radio header stuff; if somebody wants to add in support,
e.g. with "-e", check out "print-802_11.c".)

> What are the units for the mactime? The hosttime? It would be nice if
> the units were standardized (nanoseconds, picoseconds) or if the header
> carried some units indication. Also, is it desirable to indicate which
> packet feature the mactime marks (PLCP header, 802.11 header, packet end)?

Also, why is the hosttime here in the first place?  How does that differ
from the regular frame time stamp that *all* frames passing through BPF
or the Linux networking stack get?
> Is the dot11AntennaList given in the 802.11 spec?
>
> Any idea how the version numbers be coordinated?
>
> Any particular reason for the super-generous, 32-bit fields?
>
> Dave
>
> -- 
> David Young             OJC Technologies
> dyoung () ojctech com      Engineering from the Right Brain
>                         Urbana, IL * (217) 278-3933
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe