On May 13, 2009, at 3:04 PM, Eddie Harari wrote:
Byte 1 is version
byte 2 is pad
and byte 3-4 is length of radiotap in bytes right ?
Right.
does this info sit in offset 0 of the data i get when i am sniffing ?
At offset 0 of the data you get from libpcap is the version byte.
At offset 1
problem solved. (passed wrong parameter to my parser ...).
On Wed, May 13, 2009 at 6:00 PM, David Young wrote:
> On Wed, May 13, 2009 at 05:49:32PM -0400, Eddie Harari wrote:
> > Hello ,
> >
> > I am sniffing packets and my nic is on monitor mode,
> > the DLT type i get from pcap is 127 whi
Byte 1 is version
byte 2 is pad
and byte 3-4 is length of radiotap in bytes right ?
does this info sit in offset 0 of the data i get when i am sniffing ?
cause the first bytes i get has value 84 and from what i understand it
should have been 0.
and length i get is 40,000 and changing ...
any
On Wed, May 13, 2009 at 05:49:32PM -0400, Eddie Harari wrote:
> Hello ,
>
> I am sniffing packets and my nic is on monitor mode,
> the DLT type i get from pcap is 127 which is RADIOTAP header...
>
> from what i understood byte 3 on the header contains the length of the
> radiotap informatio
Hello ,
I am sniffing packets and my nic is on monitor mode,
the DLT type i get from pcap is 127 which is RADIOTAP header...
from what i understood byte 3 on the header contains the length of the
radiotap information preceding the 802.11 frame,
and 2 bytes prior to byte 3 should be set to