Hi all,
I have been looking at correcting the IEEE 802.11 Type/Subtype
field, but would like to know if there are reasons against it. First
let me explain what I think is wrong with the field:
The frame type "QoS Data" is displayed in Wireshark as 40. In IEEE
802.11ma-D9.0 the type field is defined as bits 3,2 and the subtype as
bits 4,5,6,7. In this same document "QoS Data" is defined as type = 10
and subtype = 1000.
In the actual byte the data is presented as such -> 100010XX (Where the
Xs are extraneous to the type/subtype). If this value is bit shifted
right 2 then the value becomes 0x22 or D34.
Looking at the dissector code this is not the way that the type/subtype
fields are put together. Instead it is done as such -> 101000 = 0x28 =
D40. Thus, the type/subtype fields are switched. I would like to
correct the problem but would like to know what type of impact that
would have.
Thank you,
Dustin Johnson
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
