problem solved. (passed wrong parameter to my parser ...).
On Wed, May 13, 2009 at 6:00 PM, David Young wrote:
> On Wed, May 13, 2009 at 05:49:32PM -0400, Eddie Harari wrote:
> > Hello ,
> >
> > I am sniffing packets and my nic is on monitor mode,
> > the DLT
...
anyidea ?
On Wed, May 13, 2009 at 6:00 PM, David Young wrote:
> On Wed, May 13, 2009 at 05:49:32PM -0400, Eddie Harari wrote:
> > Hello ,
> >
> > I am sniffing packets and my nic is on monitor mode,
> > the DLT type i get from pcap is 127 which is RADIOTAP head
Hello ,
I am sniffing packets and my nic is on monitor mode,
the DLT type i get from pcap is 127 which is RADIOTAP header...
from what i understood byte 3 on the header contains the length of the
radiotap information preceding the 802.11 frame,
and 2 bytes prior to byte 3 should be set to
BUGS section:
" Filter expressions on fields other than those in 802.11 headers will
not correctly handle 802.11 data packets with both To DS and From DS
set."
is this only for libpcap programmers ? or also tcpdump users ?
I have same program that basically sets a filter and sniff th
Hi ,
I have a strange problem and would like to know what might be the problem (
maybe known issue ?).
I have been programming an application that get packets from a Wi-Fi
network (monitor mode), i have set a simple filter
"TCP" to fetch only tcp packets.
for now this is very simple , i use
:19 AM, Eddie Harari wrote:
>
> how come 22 bytes offset with no Qos ?
>> in the case both are not set (TO DS and From DS ) then Address 1 is
>> destination , adress 2 is source and address 3 is bssid , so there are
>> 18bytes of addresses,
>>
>
> There are 1
> However, if you're capturing on an Atheros adapter, apparently the card
> puts in some padding between the 802.11 header and the 802.11 payload. If
> you're capturing with a radiotap header, there is a special flag in the
> radiotap information indicating that the frame is padded. What type of
That's true *if* neither the "To DS" nor the "From DS" flag is set in the
> packet. According to "7.2.2 Data frames" in IEEE 802.11-2007:
>if neither "To DS" nor "From DS" are set, Address 1 is the
> destination, Address 2 is the source, and Address 3 is the BSSID;
This is indeed the
> does it begin with IP headers or something preceds the IP headers ?
>>
>
> For data frames, the frame body begins with an IEEE 802.2 header, possibly
> followed by a SNAP header, followed by the payload for the protocol being
> carried over 802.11, such as IP.
I did mean the Body part of the
so when i "sniff" a packet from my "monitor" mode intel chipset based wifi
card ,
how do i know which radio info is preceding the 802.11 header ?
On Tue, Apr 14, 2009 at 11:07 AM, Eddie Harari wrote:
> Thanks for the quick response.
>
> Is there an RFC for 802.11 ra
Thanks for the quick response.
Is there an RFC for 802.11 radio headers ?
all the cards give same headers ?
thanks ,
Eddie.
On Mon, Apr 13, 2009 at 3:42 PM, Guy Harris wrote:
>
> On Apr 12, 2009, at 12:06 AM, Eddie Harari wrote:
>
> 802.11 headers there is data field, what
Hi all ,
simple question:
802.11 headers there is data field, what it this data field ?
does it begin with IP headers or something preceds the IP headers ?
in ethernet environment there is a protocol field in the headers that
tells which protocol is in the body of the packet
(ip /
12 matches
Mail list logo
