tcpdump mailing list archives

Re: Patches for wlan filtering

From: "Gianluca Varenni" <gianluca.varenni () cacetech com>
Date: Mon, 5 Nov 2007 14:49:04 -0800

----- Original Message -----From: "Guy Harris" <guy () alum mit edu>

To: <tcpdump-workers () lists tcpdump org>
Sent: Monday, November 05, 2007 2:03 PM
Subject: Re: [tcpdump-workers] Patches for wlan filtering

Guy Harris wrote:
On Oct 30, 2007, at 3:42 AM, Guy Harris wrote:
I won't be able to fix that tonight, but, if we delay the release acouple of days, I might be able to fix that.
Actually, a combination of a brain spasm (see the time above - that waslocal time...), a possible watch misconfiguration/misbehavior (and lackof a day-of-week indication on said watch), and slightly confusingdisplay in Meeting Maker confused me into thinking today was the 31st. Imight be able to fix the code tonight.
Well, it took a bit longer, but I've checked in changes that
1) appear, at least with the regression testing I've done, don't breakother link layers (after having fixed some bugs in the code without thechanges);
2) appear to do the right thing for various 802.11 link-layer headers -for example, the filter tcp now generates
(000) ldx      #0x0
(001) txa
(002) add      #24
(003) st       M[0]
(004) ldb      [x + 0]
(005) jset     #0x8             jt 6    jf 11
(006) jset     #0x4             jt 11   jf 7
(007) jset     #0x80            jt 8    jf 11
(008) ld       #0x2
(009) add      x
(010) st       M[0]
(011) ldb      [0]
(012) jset     #0x4             jt 21   jf 13
(013) ldb      [0]
(014) jset     #0x8             jt 15   jf 21
(015) ldx      M[0]
(016) ldh      [x + 6]
(017) jeq      #0x86dd          jt 18   jf 21
(018) ldx      M[0]
(019) ldb      [x + 14]
(020) jeq      #0x6             jt 31   jf 21
(021) ldb      [0]
(022) jset     #0x4             jt 32   jf 23
(023) ldb      [0]
(024) jset     #0x8             jt 25   jf 32
(025) ldx      M[0]
(026) ldh      [x + 6]
(027) jeq      #0x800           jt 28   jf 32
(028) ldx      M[0]
(029) ldb      [x + 17]
(030) jeq      #0x6             jt 31   jf 32
(031) ret      #68
(032) ret      #0


Nice!

I plan to compare this with the old version with the three possible linklayers (bare 802.11, radiotap, PPI) within a couple of days (there will be anew beta of WinPcap by the end of the week).


Thanks again for taking care of this
GV

for DLT_IEEE802_11.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.


-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

Re: Patches for wlan filtering Guy Harris (Oct 30)
- Re: Patches for wlan filtering Gianluca Varenni (Oct 30)
- Re: Patches for wlan filtering Guy Harris (Oct 30)
  - Re: Patches for wlan filtering Guy Harris (Nov 05)
    - Re: Patches for wlan filtering Gianluca Varenni (Nov 05)
    - Re: Patches for wlan filtering Guy Harris (Nov 05)
    - Re: Patches for wlan filtering Gianluca Varenni (Nov 06)
    - Re: Patches for wlan filtering Gianluca Varenni (Nov 06)
    - Re: Patches for wlan filtering Guy Harris (Nov 06)
    - Re: Patches for wlan filtering Gianluca Varenni (Nov 06)
    - Re: Patches for wlan filtering Guy Harris (Nov 06)
    - Re: Patches for wlan filtering Gianluca Varenni (Nov 06)
    - Re: Patches for wlan filtering Guy Harris (Nov 07)