tcpdump mailing list archives
Re: radiotap on linux
From: Mike Kershaw <dragorn () nerv-un net>
Date: Tue, 13 Jun 2006 20:49:21 -0400
On Tue, Jun 13, 2006 at 02:36:50PM -0400, Matthew Belcher wrote:
Hi all,
I'm working on setting up radiotap header capture on Linux. I'm running the
latest kernel (2.6.16.18) with the radiotap extensions compiled in. I'm using
the madwifi-ng driver with an Atheros card. I pulled the latest tcpdump from
CVS. It looks like tcpdump is receiving the radiotap packets, but it can't
decode them. Here's the output I get:
21:22:43.157339 unknown IEEE802.11 frame type (3)(header) unknown IEEE802.11
frame type (3)unknown 802.11 frame type (3)
0x0000: ffff ffff ffff 0002 6f21 e671 0806 0321
0x0010: 0800 0604 0001 0002 6f21 e671 c0a8 0101
0x0020: 0000 0000 0000 c0a8 0102
Has anyone been able to get this to work?
Are you running it with -s0 (or some larger-than-default capture size)? A full RT header can be bigger than the 32 or 64 or whatever the default # of bytes is for tcpdump to process. -m -- Mike Kershaw/Dragorn <dragorn () kismetwireless net> GPG Fingerprint: 3546 89DF 3C9D ED80 3381 A661 D7B2 8822 738B BDB1 Know the rules other people live by. Know them well. Know them in the same way terrorists know about cars: so that you know where to put the bomb.
Attachment:
_bin
Description:
Current thread:
- radiotap on linux Matthew Belcher (Jun 13)
- Re: radiotap on linux Mike Kershaw (Jun 13)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux David Young (Jun 14)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux David Young (Jun 14)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux Matthew Belcher (Jun 14)
- Re: radiotap on linux Mike Kershaw (Jun 13)