sorry - should have used the term OFFSET.
My problem was different, for some reason i switched between src and dst
mac,
and indeed it is 22bytes from src ( as it should ).
Thanks for the help...
Eddie.
On Wed, Apr 15, 2009 at 2:48 PM, Guy Harris wrote:
>
> On Apr 15, 2009, at 11:19 AM,
> However, if you're capturing on an Atheros adapter, apparently the card
> puts in some padding between the 802.11 header and the 802.11 payload. If
> you're capturing with a radiotap header, there is a special flag in the
> radiotap information indicating that the frame is padded. What type of
On Apr 15, 2009, at 11:19 AM, Eddie Harari wrote:
how come 22 bytes offset with no Qos ?
in the case both are not set (TO DS and From DS ) then Address 1 is
destination , adress 2 is source and address 3 is bssid , so there
are
18bytes of addresses,
There are 18 bytes of address, *but* wh
That's true *if* neither the "To DS" nor the "From DS" flag is set in the
> packet. According to "7.2.2 Data frames" in IEEE 802.11-2007:
>if neither "To DS" nor "From DS" are set, Address 1 is the
> destination, Address 2 is the source, and Address 3 is the BSSID;
This is indeed the
On Apr 15, 2009, at 2:41 AM, Eddie Harari wrote:
My data link type is 802.11_RADIO,
If you mean DLT_IEEE802_11_RADIO, then that means that the raw packet
data begins with a radiotap header, not an 802.11 header, and the
802.11 header follows the radiotap header.
when i sniff the packet
> does it begin with IP headers or something preceds the IP headers ?
>>
>
> For data frames, the frame body begins with an IEEE 802.2 header, possibly
> followed by a SNAP header, followed by the payload for the protocol being
> carried over 802.11, such as IP.
I did mean the Body part of the
On Tue, Apr 14, 2009 at 09:58:31AM -0700, Guy Harris wrote:
>
> On Apr 14, 2009, at 9:24 AM, David Young wrote:
>
>> On Tue, Apr 14, 2009 at 11:54:50AM -0400, Eddie Harari wrote:
>>> so when i "sniff" a packet from my "monitor" mode intel chipset based
>>> wifi
>>> card ,
>>> how do i know which r
On Apr 14, 2009, at 9:24 AM, David Young wrote:
On Tue, Apr 14, 2009 at 11:54:50AM -0400, Eddie Harari wrote:
so when i "sniff" a packet from my "monitor" mode intel chipset
based wifi
card ,
how do i know which radio info is preceding the 802.11 header ?
The DLT that you have set determin
On Apr 14, 2009, at 8:54 AM, Eddie Harari wrote:
so when i "sniff" a packet from my "monitor" mode intel chipset
based wifi
card ,
how do i know which radio info is preceding the 802.11 header ?
The same way that, when you sniff a packet from any network adapter,
you know what link-layer
On Tue, Apr 14, 2009 at 11:54:50AM -0400, Eddie Harari wrote:
> so when i "sniff" a packet from my "monitor" mode intel chipset based wifi
> card ,
> how do i know which radio info is preceding the 802.11 header ?
The DLT that you have set determines the radio header. For example,
DLT_IEEE802_11_
so when i "sniff" a packet from my "monitor" mode intel chipset based wifi
card ,
how do i know which radio info is preceding the 802.11 header ?
On Tue, Apr 14, 2009 at 11:07 AM, Eddie Harari wrote:
> Thanks for the quick response.
>
> Is there an RFC for 802.11 radio headers ?
> all the cards
On Tue, Apr 14, 2009 at 11:07:52AM -0400, Eddie Harari wrote:
> Thanks for the quick response.
>
> Is there an RFC for 802.11 radio headers ?
> all the cards give same headers ?
The IEEE standard & combined standards for 11b/g/a are now free (they're
linked off wikipedia or google should find the
Thanks for the quick response.
Is there an RFC for 802.11 radio headers ?
all the cards give same headers ?
thanks ,
Eddie.
On Mon, Apr 13, 2009 at 3:42 PM, Guy Harris wrote:
>
> On Apr 12, 2009, at 12:06 AM, Eddie Harari wrote:
>
> 802.11 headers there is data field, what it this data f
On Apr 12, 2009, at 12:06 AM, Eddie Harari wrote:
802.11 headers there is data field, what it this data field ?
According to IEEE Std 802.11-2007, section 7.1.2 "General frame
format", an 802.11 frame has:
a 2-byte frame control field;
a 2-byte duration/ID field;
Hi all ,
simple question:
802.11 headers there is data field, what it this data field ?
does it begin with IP headers or something preceds the IP headers ?
in ethernet environment there is a protocol field in the headers that
tells which protocol is in the body of the packet
(ip /
15 matches
Mail list logo
