I give up. I have no access to the 802.11s drafts, I can't find
anything that suggests whether a heuristic check for an 802.11s header
should check for To DS and From DS both being set or either being set or
unset, or whether it should check for a QoS frame type (the examples in
all the documentation I can find have To DS and From DS set, and have a
QoS field, in the 802.11 header, but that might just be an example
802.11 header showing all the fields), so I'm just adding a -h
command-line flag; you need to specify it to get tcpdump to try to guess
whether a frame has a mesh header or not. I'll leave it up to somebody
else to figure out what the best heuristic for detecting the presence of
mesh headers is (note that tcpdump and Wireshark have different
heuristics, both of which can probably get false positives, especially
with encrypted frames where the first payload byte just *happens* not to
have any of the reserved bits in the mesh header flags set).
#define Cflag_count gndo->ndo_Cflag_count
#define Gflag_count gndo->ndo_Gflag_count
#define Gflag_time gndo->ndo_Gflag_time
+#define hflag gndo->ndo_hflag
#define snaplen gndo->ndo_snaplen
#define snapend gndo->ndo_snapend
time_t ndo_Gflag_time; /* The last time_t the dump file was rotated. */
int ndo_Wflag; /* recycle output files after this number of files */
int ndo_WflagChars;
+ int ndo_hflag; /* dissect 802.11s draft mesh standard */
int ndo_suppress_default_print; /* don't use default_print() for unknown packet types */
const char *ndo_dltname;
hdrlen = extract_header_length(fc);
if (pad)
hdrlen = roundup2(hdrlen, 4);
- if (FC_TYPE(fc) == T_DATA && DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) {
+ if (hflag && FC_TYPE(fc) == T_DATA &&
+ DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) {
meshdrlen = extract_mesh_header_length(p+hdrlen);
hdrlen += meshdrlen;
} else
.na
.B tcpdump
[
-.B \-AbdDefIKlLnNOpqRStuUvxX
+.B \-AbdDefhIKlLnNOpqRStuUvxX
] [
.B \-B
.I buffer_size
.B \-C
option, filenames will take the form of `\fIfile\fP<count>'.
.TP
+.B \-h
+Attempt to detect 802.11s draft mesh headers.
+.TP
.B \-i
Listen on \fIinterface\fP.
If unspecified, \fItcpdump\fP searches the system interface list for the
opterr = 0;
while (
- (op = getopt(argc, argv, "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:i:" I_FLAG "KlLm:M:nNOpqr:Rs:StT:u" U_FLAG "vw:W:xXy:Yz:Z:")) != -1)
+ (op = getopt(argc, argv, "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hi:" I_FLAG "KlLm:M:nNOpqr:Rs:StT:u" U_FLAG "vw:W:xXy:Yz:Z:")) != -1)
switch (op) {
case 'a':
}
break;
+ case 'h':
+ ++hflag;
+ break;
+
case 'i':
if (optarg[0] == '0' && optarg[1] == 0)
error("Invalid adapter index");
projects / tcpdump / commitdiff
