On Mon, Apr 02, 2007 at 03:56:59PM +0200, Stig Bj?rlykke wrote:
> 1. When connected to an open network all packages have 4 trailing
> bytes which is not recognized correctly as a "tagged parameter", and
> the packet is tagged malformed. Is this some sort of ICV for
> unprotected packages? See the attached capture ieee80211-clear.pcap.
Got to the preferences, protocols, ieee80211 and select that the frame
is to be treated to include the FCS. That might help.
> 2. When connected to a wep encrypted network the data package is
> marked as protected but the data part is not encrypted and the
> content is not dissected. Is this be because the mac os driver has
> decrypted the data before they are captured with wireshark? In this
> case I think the data should be dissected. See the attached capture
> ieee80211-wep.pcap, with a IPP package which is not dissected.
IIRC, that is configureable as well. Ignore the protection bit.
> 3. A question for the wlancap dissector: The SSI-type seems to have
> wrong endian, and the SSI-signal has a negative value. Should this
> be handled by the dissector?
>
> I do not know anything about the 802.11 protocol (yet), but I am
> willing to make a fix if I understand how to handle this :)
Need to check.
ciao
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
