Wireshark mailing list archives
Re: [tcpdump-workers] regarding wireless data frames
From: abhinav narain <abhinavnarain10 () gmail com>
Date: Sat, 10 Mar 2012 13:18:38 -0500
Oh, and one more thing: Some network adapters, when running in a mode where they supply an 802.11 header (such as monitor mode), put some padding in between the 802.11 header and the payload, so the 802.2 LLC header in a data frame might not immediately follow the 802.11 header (regardless of whether the payload is encrypted or not). The radiotap header includes a flag for that - it's the 0x20 flag bit in the Flags field: http://www.radiotap.org/defined-fields/Flags I have two questions.
I believe, the data packets destined for my AP, will be decrypted by the hardware itself In any case, when I get them in userland, they should be unencrypted. right ? If I look at tpdump code, for each data frame, I need to check FC_WEP(fc), if only its false, I should check further. then get the header length. int hdrlen = (FC_TO_DS(fc) && FC_FROM_DS(fc)) ? 30 : 24; if (DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) hdrlen += 2 And then, if then jump this length to check for ether type, using the llc frame . I hope I am not missing any detail. As on doing the above .. i get very low frequency of arp,udp packets, but I never get tcp packets output on my screen , even though I am browsing. Any comments ? Abhinav
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- regarding wireless data frames abhinav narain (Mar 08)
- Re: [tcpdump-workers] regarding wireless data frames Guy Harris (Mar 08)
- Re: [tcpdump-workers] regarding wireless data frames Guy Harris (Mar 08)
- Re: [tcpdump-workers] regarding wireless data frames abhinav narain (Mar 08)
- Re: [tcpdump-workers] regarding wireless data frames abhinav narain (Mar 08)
- Re: [tcpdump-workers] regarding wireless data frames Guy Harris (Mar 09)
- Re: [tcpdump-workers] regarding wireless data frames Guy Harris (Mar 08)
- Re: [tcpdump-workers] regarding wireless data frames Mike Kershaw (Mar 09)
- Re: [tcpdump-workers] regarding wireless data frames Guy Harris (Mar 09)
- Re: [tcpdump-workers] regarding wireless data frames abhinav narain (Mar 10)
- Re: [tcpdump-workers] regarding wireless data frames Guy Harris (Mar 10)
- Re: [tcpdump-workers] regarding wireless data frames abhinav narain (Mar 11)
- Re: [tcpdump-workers] regarding wireless data frames abhinav narain (Mar 11)
- Re: [tcpdump-workers] regarding wireless data frames abhinav narain (Mar 13)
- Re: [tcpdump-workers] regarding wireless data frames abhinav narain (Mar 10)
- Re: [tcpdump-workers] regarding wireless data frames Guy Harris (Mar 08)