From: Guy Harris Date: Fri, 28 May 2010 06:58:01 +0000 (-0700) Subject: Add a -h flag, and only attempt to recognize 802.11s mesh headers if it's set. X-Git-Tag: tcpdump-4.2.1~105 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/fe209f3b17b2dbe0c1d81c3787744cb9c7517582 Add a -h flag, and only attempt to recognize 802.11s mesh headers if it's set. I give up. I have no access to the 802.11s drafts, I can't find anything that suggests whether a heuristic check for an 802.11s header should check for To DS and From DS both being set or either being set or unset, or whether it should check for a QoS frame type (the examples in all the documentation I can find have To DS and From DS set, and have a QoS field, in the 802.11 header, but that might just be an example 802.11 header showing all the fields), so I'm just adding a -h command-line flag; you need to specify it to get tcpdump to try to guess whether a frame has a mesh header or not. I'll leave it up to somebody else to figure out what the best heuristic for detecting the presence of mesh headers is (note that tcpdump and Wireshark have different heuristics, both of which can probably get false positives, especially with encrypted frames where the first payload byte just *happens* not to have any of the reserved bits in the mesh header flags set). --- diff --git a/interface.h b/interface.h index 6e04b058..58ccbfce 100644 --- a/interface.h +++ b/interface.h @@ -384,6 +384,7 @@ extern netdissect_options *gndo; #define Cflag_count gndo->ndo_Cflag_count #define Gflag_count gndo->ndo_Gflag_count #define Gflag_time gndo->ndo_Gflag_time +#define hflag gndo->ndo_hflag #define snaplen gndo->ndo_snaplen #define snapend gndo->ndo_snapend diff --git a/netdissect.h b/netdissect.h index 757cd7bf..dbdb1377 100644 --- a/netdissect.h +++ b/netdissect.h @@ -116,6 +116,7 @@ struct netdissect_options { time_t ndo_Gflag_time; /* The last time_t the dump file was rotated. */ int ndo_Wflag; /* recycle output files after this number of files */ int ndo_WflagChars; + int ndo_hflag; /* dissect 802.11s draft mesh standard */ int ndo_suppress_default_print; /* don't use default_print() for unknown packet types */ const char *ndo_dltname; diff --git a/print-802_11.c b/print-802_11.c index 088840ab..e29b8fb8 100644 --- a/print-802_11.c +++ b/print-802_11.c @@ -1321,7 +1321,8 @@ ieee802_11_print(const u_char *p, u_int length, u_int orig_caplen, int pad, hdrlen = extract_header_length(fc); if (pad) hdrlen = roundup2(hdrlen, 4); - if (FC_TYPE(fc) == T_DATA && DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) { + if (hflag && FC_TYPE(fc) == T_DATA && + DATA_FRAME_IS_QOS(FC_SUBTYPE(fc))) { meshdrlen = extract_mesh_header_length(p+hdrlen); hdrlen += meshdrlen; } else diff --git a/tcpdump.1.in b/tcpdump.1.in index 5e1a00f8..8760afee 100644 --- a/tcpdump.1.in +++ b/tcpdump.1.in @@ -29,7 +29,7 @@ tcpdump \- dump traffic on a network .na .B tcpdump [ -.B \-AbdDefIKlLnNOpqRStuUvxX +.B \-AbdDefhIKlLnNOpqRStuUvxX ] [ .B \-B .I buffer_size @@ -319,6 +319,9 @@ If used in conjunction with the .B \-C option, filenames will take the form of `\fIfile\fP'. .TP +.B \-h +Attempt to detect 802.11s draft mesh headers. +.TP .B \-i Listen on \fIinterface\fP. If unspecified, \fItcpdump\fP searches the system interface list for the diff --git a/tcpdump.c b/tcpdump.c index a051e4d4..b26188f5 100644 --- a/tcpdump.c +++ b/tcpdump.c @@ -603,7 +603,7 @@ main(int argc, char **argv) opterr = 0; while ( - (op = getopt(argc, argv, "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:i:" I_FLAG "KlLm:M:nNOpqr:Rs:StT:u" U_FLAG "vw:W:xXy:Yz:Z:")) != -1) + (op = getopt(argc, argv, "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hi:" I_FLAG "KlLm:M:nNOpqr:Rs:StT:u" U_FLAG "vw:W:xXy:Yz:Z:")) != -1) switch (op) { case 'a': @@ -696,6 +696,10 @@ main(int argc, char **argv) } break; + case 'h': + ++hflag; + break; + case 'i': if (optarg[0] == '0' && optarg[1] == 0) error("Invalid adapter index");