I've attached a patch to the "wlan capture header" dissector to bring it
in line with the current frame format, and a proper URL to obtain said
format. Nothing major, just the addition of a couple of fields and
definitions. The dissector remains backwards-compatible with the older
format.
Thanks!
- Solomon
--
Solomon Peachy solomon@xxxxxxxxxxxxxx
AbsoluteValue Systems http://www.linux-wlan.com
721-D North Drive +1 (321) 259-0737 (office)
Melbourne, FL 32934 +1 (321) 259-0286 (fax)
Index: epan/dissectors/packet-wlancap.c
===================================================================
--- epan/dissectors/packet-wlancap.c (revision 18860)
+++ epan/dissectors/packet-wlancap.c (working copy)
@@ -10,11 +10,7 @@
*
* See
*
- * http://web.archive.org/web/20040209004121/http://www.shaftnet.org/~pizza/software/capturefrm.txt
- *
- * or, if the site is restored,
- *
- * http://www.shaftnet.org/~pizza/software/capturefrm.txt
+ * https://mail.shaftnet.org/chora/browse.php?rt=wlanng&f=trunk%2Fdoc%2Fcapturefrm.txt
*
* By Solomon Peachy
*
@@ -75,6 +71,15 @@
gint32 encoding;
};
+/* V2 of the header */
+struct wlan_header_v2 {
+ struct wlan_header_v1 v1_hdr;
+ guint32 sequence;
+ guint32 drops;
+ guint8 sniffer_addr[6];
+ guint8 pad[2];
+};
+
static int hf_wlan_version = -1;
static int hf_wlan_length = -1;
static int hf_wlan_mactime = -1;
@@ -89,6 +94,9 @@
static int hf_wlan_ssi_noise = -1;
static int hf_wlan_preamble = -1;
static int hf_wlan_encoding = -1;
+static int hf_wlan_sequence = -1;
+static int hf_wlan_drops = -1;
+static int hf_wlan_sniffer_addr = -1;
static gint ett_wlan = -1;
@@ -133,6 +141,11 @@
{ 1, "CCK" },
{ 2, "PBCC" },
{ 3, "OFDM" },
+ { 4, "DSS-OFDM" },
+ { 5, "BPSK" },
+ { 6, "QPSK" },
+ { 7, "16QAM" },
+ { 8, "64QAM" },
{ 0, NULL },
};
@@ -180,6 +193,12 @@
BASE_DEC, VALS(preamble_type), 0x0, "", HFILL } },
{ &hf_wlan_encoding, { "Encoding Type", "wlancap.encoding", FT_UINT32,
BASE_DEC, VALS(encoding_type), 0x0, "", HFILL } },
+ { &hf_wlan_sequence, { "Receive sequence", "wlancap.sequence", FT_UINT32,
+ BASE_DEC, NULL, 0x0, "", HFILL } },
+ { &hf_wlan_drops, { "Known Dropped Frames", "wlancap.drops", FT_UINT32,
+ BASE_DEC, NULL, 0x0, "", HFILL } },
+ { &hf_wlan_sniffer_addr, { "Sniffer Address", "wlancap.sniffer_addr", FT_ETHER,
+ BASE_NONE, NULL, 0x0, "Sniffer Hardware Address", HFILL } },
};
static gint *ett[] = {
&ett_wlan
@@ -282,6 +301,19 @@
proto_tree_add_uint(wlan_tree, hf_wlan_encoding, tvb, offset,
4, tvb_get_ntohl(tvb, offset));
offset+=4;
+ if (version > 1) {
+ proto_tree_add_uint(wlan_tree, hf_wlan_sequence, tvb, offset,
+ 4, tvb_get_ntohl(tvb, offset));
+ offset+=4;
+ proto_tree_add_uint(wlan_tree, hf_wlan_drops, tvb, offset,
+ 4, tvb_get_ntohl(tvb, offset));
+ offset+=4;
+ proto_tree_add_ether(wlan_tree, hf_wlan_sniffer_addr, tvb,
+ offset, 6,
+ tvb_get_ptr(tvb, offset, 6));
+ /* Yes, this is supposed to be 8. */
+ offset+=8;
+ }
}
offset = length;
Index: epan/dissectors/packet-wlancap.h
===================================================================
--- epan/dissectors/packet-wlancap.h (revision 18860)
+++ epan/dissectors/packet-wlancap.h (working copy)
@@ -31,3 +31,4 @@
#define WLANCAP_MAGIC_COOKIE_BASE 0x80211000
#define WLANCAP_MAGIC_COOKIE_V1 0x80211001
+#define WLANCAP_MAGIC_COOKIE_V2 0x80211002
Index: epan/dissectors/packet-prism.c
===================================================================
--- epan/dissectors/packet-prism.c (revision 18860)
+++ epan/dissectors/packet-prism.c (working copy)
@@ -139,7 +139,8 @@
length = pntohl(pd+sizeof(guint32));
/* Handle the new type of capture format */
- if (cookie == WLANCAP_MAGIC_COOKIE_V1) {
+ if ((cookie == WLANCAP_MAGIC_COOKIE_V1) ||
+ (cookie == WLANCAP_MAGIC_COOKIE_V2)) {
if(!BYTES_ARE_IN_FRAME(offset, len, length)) {
ld->other++;
return;
@@ -196,7 +197,8 @@
/* handle the new capture type. */
msgcode = tvb_get_ntohl(tvb, offset);
- if (msgcode == WLANCAP_MAGIC_COOKIE_V1) {
+ if ((msgcode == WLANCAP_MAGIC_COOKIE_V1) ||
+ (msgcode == WLANCAP_MAGIC_COOKIE_V2)) {
call_dissector(wlancap_handle, tvb, pinfo, tree);
return;
}
Attachment:
pgp_3NROJewGq.pgp
Description: PGP signature
