Re: Patches for wlan filtering

["Gianluca Varenni" <gianluca.varenni () cacetech com>]

> [new BPF code, CVS snapshot. Not working]
> (000) ldb      [3]
> (001) lsh      #8
> (002) tax
> (003) ldb      [2]
> (004) or       x
> (005) st       M[0]
> (006) tax
> (007) txa
> (008) add      #24
> (009) st       M[1]
> (010) ldb      [x + 0]
> (011) jset     #0x8             jt 12   jf 17
> (012) jset     #0x4             jt 17   jf 13
> (013) jset     #0x80            jt 14   jf 17
> (014) ld       #0x2
> (015) add      x
> (016) st       M[1]
> (017) ld       [4]
> (018) jeq      #0x69000000      jt 19   jf 29   <=== this should be done 
> before (010)
> (019) ldx      M[0]
> (020) ldb      [x + 0]
> (021) jset     #0x4             jt 29   jf 22
> (022) ldx      M[0]
> (023) ldb      [x + 0]
> (024) jset     #0x8             jt 25   jf 29
> (025) ldx      M[1]
> (026) ldh      [x + 6]
> (027) jeq      #0x800           jt 28   jf 29
> (028) ret      #65535
> (029) ret      #0

I think I found the problem: after instruction (009)

- A=len(PPI header) + 24 (the normal length of a 802.11 header)
- X=len(PPI header)
- M[0]=len(PPI header)
- M[1]=len(PPI header) + 24

code in (010)-(014) checks if it's DATA+QoS and should add 2 in this case. 
This is done in (014)-(016). The problem is in instruction (015): it adds 2 
to X, that contains the PPI header len, only.

The right code for (014)-(016) should be something like this

(missing)  ldx    M[1]
(014)      ld     #0x2
(015)      add    x
(016)      st     M[1]

Have a nice day
GV



-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.