tcpdump mailing list archives
Re: radiotap on linux
From: Matthew Belcher <matt () mattbelcher com>
Date: Wed, 14 Jun 2006 11:56:24 -0500
Are you running it with -s0 (or some larger-than-default capture size)? A full RT header can be bigger than the 32 or 64 or whatever the default # of bytes is for tcpdump to process.
Thanks for your suggestion. I tried it with -s0 to see if that would help. Here's what I get now: (none):~# tcpdump -i wifi0 -L Data link types (use option -y to set): IEEE802_11 (802.11) (none):~# tcpdump -vv -i wifi0 -s0 -x tcpdump: listening on wifi0, link-type IEEE802_11 (802.11), capture size 65535 bytes 11:41:33.240612 unknown IEEE802.11 frame type (3)More Data More Fragments Pwr Mgmt Retry Strictly Ordered WEP Encrypted 65535us (header) unknown IEEE802.11 frame type (3)unknown 802.11 frame type (3) 0x0000: ffff ffff ffff 0002 6f21 e671 0806 0321 ........o!.q...! 0x0010: 0800 0604 0001 0002 6f21 e671 c0a8 0164 ........o!.q...d 0x0020: 0000 0000 0000 c0a8 0165 As you can see that doesn't seem to have helped. Are the radiotap packets in Linux formatted differently than in BSD? If so, does tcpdump only accept BSD formatted radiotap packets? I'm trying to figure out whether this functionality needs to be added or whether it is already there and I'm just not setting things up right. Thanks again, Matt - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- radiotap on linux Matthew Belcher (Jun 13)
- Re: radiotap on linux Mike Kershaw (Jun 13)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux David Young (Jun 14)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux David Young (Jun 14)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux Mike Kershaw (Jun 13)