On Tue, Feb 26, 2002 at 11:21:48PM +0900, ?$B>>8M!!9'?(B wrote:
> Hello, I have installed Ethereal 0.8.20 on Windows Me.
> I have also used Lucent IEEE802.11b PC card.
> I can read the packet data as Ethernet wired frame.
> But I can not read the packet data as IEEE802.11b frame.
>
> The Windows version of Ethereal can not express IEEE802.11b frame ?
The Windows version of Ethereal cannot do anything, when capturing
packets, that WinPcap *OR* the driver for the network interface won't
allow it to do.
I suspect, in this case, that the driver will not supply 802.11 frames.
In fact, I'm not sure there's a mechanism within NDIS - the framework
into which Windows link-layer drivers plug - to allow WinPcap, or an
application using WinPcap such as WinDump, Analyzer, or Ethereal, to
tell it to supply 802.11 frames rather than fake Ethernet frames.
Wireless sniffers for Windows probably have their own drivers, with
their own undocumented mechanisms for getting raw 802.11 frames.
Ethereal doesn't provide its own drivers (and will probably not do so
any time soon, if ever), and neither does WinPcap (which probably won't
do so any time soon), so can only do what the vendor's driver lets them
do.
If you want to capture 802.11 frames on a PC, and have them look like
802.11 frames, you'll probably need to run Linux or FreeBSD. (I don't
know whether either of them support doing so with the Lucent card, nor,
if they do, do I know what versions of the Linux kernel, or of FreeBSD,
you'd need.)
