summaryrefslogtreecommitdiff
path: root/proto_80211_mac_hdr.c
AgeCommit message (Collapse)AuthorFilesLines
2015-05-04netsniff-ng mac80211: Print probe response frameVadim Kochan1-1/+2
As Probe Response frame is very similar to Beacon (except some IEs which are identified dynamically) so lets just use the same func to dissect it. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2015-05-02netsniff-ng mac80211: Print IE prefix before paramVadim Kochan1-66/+67
Print 'IE:' prefix before each mgmt IE parameter which should be more readable and it allows easy identify next element while the listing the big one: Also removed 1 TAB in "HT Capabilities" fields. P mon0 288 1430230360s.696547150ns [ Radiotap Version (0), Length (26), Flags (0x0000482f) ] [ 802.11 Frame Control (0x0080)] [ Proto Version (0), Type (0, Management), Duration (0), Destination (ff:ff:ff:ff:ff:ff) Source (00:00:00:00:01:13) => (XEROX CORPORATION:00:01:13) BSSID (00:00:00:00:01:13) => (XEROX CORPORATION:00:01:13) Fragmentnr. (0), Seqnr. (2844). Subtype (8, Beacon) ] [ Subtype Beacon: Timestamp 0x0000000021ac5c5c, Beacon Interval (0.102400s) ment;) IE: SSID (0, Len (6)): 000114 IE: Supp. Rates (1, Len (8)): 1(B) 2(B) 5.5(B) 11(B) 18 24(B) 4 22 IE: DSSS Param Set (3, Len(1)): Current Channel: 1 IE: TIM (5, Len(4)): DTIM Count: 0, DTIM Period: 1 IE: ERP (42, Len(1)): Non ERP Present (0), Use Protection (0) IE: Reserved (47, Len (1)): Data 0x00 IE:Failed to dissect Subtype ] Yeah ... 'IE:' is also printed before 'Failed to dissect Subtype', which just indicates that rest IE params were not identified. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2015-05-02netsniff-ng mac80211: Print probe request IEs infoVadim Kochan1-3/+13
As probe request frame consist only with IE params so just do a similar print of these params as it was done for beacon. Also using mgmt_{func}_dissect naming for mgmt frame dissectors. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2015-04-27-ng mac80211: Print "HT Capabilities" more structurdVadim Kochan1-68/+107
Now it looks like: [ Subtype Beacon: Timestamp 0x0000000074c5c180, Beacon Interval (0.102400s), Capabilities (0x431 <-> ESS; Privacy; Short Preamble; Short Slot Time;) Parameters: SSID (0, Len (6)): D07F82 Supp. Rates (1, Len (8)): 1(B) 2(B) 5.5(B) 11(B) 6(B) 9 12(B) 18 DSSS Param Set (3, Len(1)): Current Channel: 1 TIM (5, Len(4)): DTIM Count: 0, DTIM Period: 3, Bitmap Control: 0, Partial Virtual Bitmap: 0x00 Country (7, Len(6)): Country String: US First Ch Nr: 1, Nr of Ch: 11, Max Transmit Pwr Lvl: 30 ERP (42, Len(1)): Non ERP Present (0), Use Protection (0), Barker Preamble Mode (0), Reserved (0x00000) Ext Support Rates (50, Len(4)): 24 36 48 54 HT Capabilities (45, Len(26)): Info: LDCP Cod Cap (1) Supp Ch Width Set (1) SM Pwr Save(3) HT-Greenfield (0) Short GI for 20/40 MHz (1/1) Tx/Rx STBC (0/0) HT-Delayed Block Ack (0) Max A-MSDU Len (0) DSSS/CCK Mode in 40 MHz (1) Res (0x0) Forty MHz Intol (0) L-SIG TXOP Protection Supp (0) [...] Signed-off-by: Vadim Kochan <vadim4j@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2015-04-21dissectors: 80211_mac_hdr: Check return value of pkt_pullTobias Klauser1-0/+2
Prevent a NULL pointer dereference if (for whatever reason) pkt_pull returns NULL. This issue was discovered using the Coverity scanner. Fixes: 9278bb65 ("netsniff-ng: Dump basic radiotap header info") Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2015-04-21netsniff-ng: Dump basic radiotap header infoVadim Kochan1-0/+5
Print the basic radiotap header information in the 80211_mac_hdr dissector. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> [tklauser: removed printing of binary representation of flags] Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2015-04-13netsniff-ng: Consider radiotap header of monitor devVadim Kochan1-2/+18
netsniff-ng does not check if monitor device includes radiotap header which leads to the wrong 802.11 frame parsing. Tested if the .pcap file is understandable by wireshark and if dump info is basically correct, but did not test the case when xmit packets from .pcap file to the output device and from the input device to the output device. Signed-off-by: Vadim Kochan <vadim4j@gmail.com> [tklauser: whitespace changes] Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-09-09dissectors: 80211_mac_hdr: Remove remaining binary constantsTobias Klauser1-41/+32
Commit 151fd88f7429 ("dissectors: 80211_mac_hdr: Remove usage of binary constants") removed binary constants in a particular case that was reported to cause a compile error. However, this module uses binary constants in some other places. Replace them by hexadecimal constants, which makes it easier to read and is C99 compatible. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-09-09dissectors: 80211_mac_hdr: Fix clang warningTobias Klauser1-14/+14
clang gives the following warning about function meas_type(): proto_80211_mac_hdr.c:1704:1: warning: control may reach end of non-void function [-Wreturn-type] } ^ Even though this is a false positive (since we check the entire range of an u8 in the switch/case), fix it by turning the case 13 ... 255 into default. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-09-01dissectors: 80211_mac_hdr: Remove usage of binary constantsTobias Klauser1-16/+16
Binary constants are not C99, but a GCC extension. Moreover, Mohan reports compilation errors resulting from these constructs when using a PowerPC cross-compiler. Thus, replace them by the corresponding hexadecimal constants. Reported-by: Mohan Kannekanti <mohan.kannekanti@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-05-03all: Use macros for printf/scanf format specifiersJames McCoy1-7/+8
Any types that are fixed width should use the standard format specifier macros (PRI... for printf-type functions, SCN... for scanf-type functions) to ensure proper data access. Prior to this ifpps was crashing in 32-bit environments due to the following call mvwprintw(screen, (*voff)++, 2, "%s,%s %s (%s%s), t=%lums, cpus=%u%s/%u" " ", uts.release, machine, ifname, drvinf.driver, buff, ms_interval, top_cpus, top_cpus > 0 && top_cpus < cpus ? "+1" : "", cpus); since ms_interval is a uint64_t but %lu expects an unsigned long, which is only 32 bits. Signed-off-by: James McCoy <vega.james@gmail.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2014-02-24dissectors: Get rid of unecessary includes of protos.hTobias Klauser1-1/+0
This header is actually only needed in dissector_eth and dissector_80211, so remove the other users accordingly. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-08-11dissector: proto_80211_mac_hdr: Fix compiler warningsTobias Klauser1-550/+130
Fix two signed/unsigned comparison warnings by changing variable types. Fix warnings about unused parameters by removing all of the unimplemented functions and replacing them with one *_unimplemented() function. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2013-07-13proto_80211_mac_hdr: fix sparse warningDaniel Borkmann1-2/+2
This patch fixes the followingf sparse warning: proto_80211_mac_hdr.c:3389:24: warning: Using plain integer as NULL pointer Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-05-30misc: Fixed spelling mistakesKartik Mistry1-3/+3
Fix for spelling mistakes detected by Lintian. Signed-off-by: Kartik Mistry <kartik@debian.org> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
2013-03-15all: import netsniff-ng 0.5.8-rc0 sourceDaniel Borkmann1-0/+3627
We decided to get rid of the old Git history and start a new one for several reasons: *) Allow / enforce only high-quality commits (which was not the case for many commits in the history), have a policy that is more close to the one from the Linux kernel. With high quality commits, we mean code that is logically split into commits and commit messages that are signed-off and have a proper subject and message body. We do not allow automatic Github merges anymore, since they are total bullshit. However, we will either cherry-pick your patches or pull them manually. *) The old archive was about ~27MB for no particular good reason. This basically derived from the bad decision that also some PDF files where stored there. From this moment onwards, no binary objects are allowed to be stored in this repository anymore. The old archive is not wiped away from the Internet. You will still be able to find it, e.g. on git.cryptoism.org etc. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>