> However, if you're capturing on an Atheros adapter, apparently the card
> puts in some padding between the 802.11 header and the 802.11 payload. If
> you're capturing with a radiotap header, there is a special flag in the
> radiotap information indicating that the frame is padded. What type of
On Apr 15, 2009, at 11:19 AM, Eddie Harari wrote:
how come 22 bytes offset with no Qos ?
in the case both are not set (TO DS and From DS ) then Address 1 is
destination , adress 2 is source and address 3 is bssid , so there
are
18bytes of addresses,
There are 18 bytes of address, *but* wh
That's true *if* neither the "To DS" nor the "From DS" flag is set in the
> packet. According to "7.2.2 Data frames" in IEEE 802.11-2007:
>if neither "To DS" nor "From DS" are set, Address 1 is the
> destination, Address 2 is the source, and Address 3 is the BSSID;
This is indeed the
On Apr 15, 2009, at 2:41 AM, Eddie Harari wrote:
My data link type is 802.11_RADIO,
If you mean DLT_IEEE802_11_RADIO, then that means that the raw packet
data begins with a radiotap header, not an 802.11 header, and the
802.11 header follows the radiotap header.
when i sniff the packet
> does it begin with IP headers or something preceds the IP headers ?
>>
>
> For data frames, the frame body begins with an IEEE 802.2 header, possibly
> followed by a SNAP header, followed by the payload for the protocol being
> carried over 802.11, such as IP.
I did mean the Body part of the
