Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: [Wireshark-users] Dissecting RouterOS 802.11 capture files.

From: Sten Daniel Soersdal <netslists@xxxxxxxxx>
Date: Mon, 19 Mar 2007 10:32:42 +0100
Hi, i'm a new Wireshark user, old time Ethereal user.
I noticed Wireshark cannot read properly the capture files captured by
routeros (www.mikrotik.com). It is only the 'radiotap header' that
displays incorrectly.

The packets' radiotap header shows:

Header revision: 0
Header pad: 0
Header lenght: 14

The data fields are not padded for WORD aligned like Wireshark seems to
expect, so the result is that Wireshark does show the 'Rate' field
properly but improperly displays 'Channel' and 'DBM Antenna Signal'
(field names taken from 'Present flags' field). 'Channel' does not need
a mask (like subtracting 0xffff from channel input.) but is spelled out
directly. Also an interpreted field like 'DBM Antenna Signal' is not
displayed by Wireshark but instead the field 'Channel type: unknown
(0xb801)' is displayed instead.

Is anyone perhaps interested in adding this support?
I can put together capture files for development.

-- 
Sten Daniel Soersdal