I am in the process of building a ieee80211 interpreter/sniffer in C but I am missing something. I get a raw packet over raw sockets in Linux (on wireless interface so 100% wireless packets), interpret the first few bytes as radiotap and determine from the length field in the radiotap header where the 80211 header starts but the results are wrong. I tried using text2pcap to see the Wireshark interpretation to see what I am missing but Wireshark only shows me a "Ethernet II" header with 2 addresses and a Type. So I have two questions:
-
How can I tell wireshark to interpret my packet as 80211 with radiotap?
-
Are there headers in wireless packets other than radiotap and 80211 that I am missing and are causing my 80211 header to have the wrong offset? (only datalink layer I dont care about IP and above)
No comments:
Post a Comment