Age | Commit message (Collapse) | Author | Files | Lines |
|
In commit d312a25879d5 ("netsniff-ng nlmsg: Print netlink protocol
name"), the struct protocol member of struct pkt_buff was renamed to
handler to account for the newly added proto field. However, the
corresponding function pkt_set_proto wasn't renamed which is a bit
counter-intuitive. Fix this by renaming the member again, this time to
dissector (as I don't consider handler a particulary meaningful name)
and adjust the set function's name accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
As Probe Response frame is very similar to Beacon
(except some IEs which are identified dynamically)
so lets just use the same func to dissect it.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Print 'IE:' prefix before each mgmt IE parameter which
should be more readable and it allows easy identify next element
while the listing the big one:
Also removed 1 TAB in "HT Capabilities" fields.
P mon0 288 1430230360s.696547150ns
[ Radiotap Version (0), Length (26), Flags (0x0000482f) ]
[ 802.11 Frame Control (0x0080)]
[ Proto Version (0), Type (0, Management), Duration (0),
Destination (ff:ff:ff:ff:ff:ff)
Source (00:00:00:00:01:13) => (XEROX CORPORATION:00:01:13)
BSSID (00:00:00:00:01:13) => (XEROX CORPORATION:00:01:13)
Fragmentnr. (0), Seqnr. (2844). Subtype (8, Beacon) ]
[ Subtype Beacon: Timestamp 0x0000000021ac5c5c, Beacon Interval (0.102400s)
ment;)
IE: SSID (0, Len (6)): 000114
IE: Supp. Rates (1, Len (8)): 1(B) 2(B) 5.5(B) 11(B) 18 24(B) 4 22
IE: DSSS Param Set (3, Len(1)): Current Channel: 1
IE: TIM (5, Len(4)): DTIM Count: 0, DTIM Period: 1
IE: ERP (42, Len(1)): Non ERP Present (0), Use Protection (0)
IE: Reserved (47, Len (1)): Data 0x00
IE:Failed to dissect Subtype ]
Yeah ... 'IE:' is also printed before 'Failed to dissect Subtype',
which just indicates that rest IE params were not identified.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
As probe request frame consist only with IE params so just
do a similar print of these params as it was done for beacon.
Also using mgmt_{func}_dissect naming for mgmt frame dissectors.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Now it looks like:
[ Subtype Beacon: Timestamp 0x0000000074c5c180, Beacon Interval (0.102400s), Capabilities (0x431 <-> ESS; Privacy; Short Preamble; Short Slot Time;)
Parameters:
SSID (0, Len (6)): D07F82
Supp. Rates (1, Len (8)): 1(B) 2(B) 5.5(B) 11(B) 6(B) 9 12(B) 18
DSSS Param Set (3, Len(1)): Current Channel: 1
TIM (5, Len(4)): DTIM Count: 0, DTIM Period: 3, Bitmap Control: 0, Partial Virtual Bitmap: 0x00
Country (7, Len(6)): Country String: US First Ch Nr: 1, Nr of Ch: 11, Max Transmit Pwr Lvl: 30
ERP (42, Len(1)): Non ERP Present (0), Use Protection (0), Barker Preamble Mode (0), Reserved (0x00000)
Ext Support Rates (50, Len(4)): 24 36 48 54
HT Capabilities (45, Len(26)):
Info:
LDCP Cod Cap (1)
Supp Ch Width Set (1)
SM Pwr Save(3)
HT-Greenfield (0)
Short GI for 20/40 MHz (1/1)
Tx/Rx STBC (0/0)
HT-Delayed Block Ack (0)
Max A-MSDU Len (0)
DSSS/CCK Mode in 40 MHz (1)
Res (0x0)
Forty MHz Intol (0)
L-SIG TXOP Protection Supp (0)
[...]
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Prevent a NULL pointer dereference if (for whatever reason) pkt_pull
returns NULL.
This issue was discovered using the Coverity scanner.
Fixes: 9278bb65 ("netsniff-ng: Dump basic radiotap header info")
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Print the basic radiotap header information in the 80211_mac_hdr
dissector.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tklauser: removed printing of binary representation of flags]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
netsniff-ng does not check if monitor device includes radiotap
header which leads to the wrong 802.11 frame parsing.
Tested if the .pcap file is understandable by wireshark and if
dump info is basically correct, but did not test the case when xmit
packets from .pcap file to the output device and from the input device
to the output device.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[tklauser: whitespace changes]
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Commit 151fd88f7429 ("dissectors: 80211_mac_hdr: Remove usage of binary
constants") removed binary constants in a particular case that was
reported to cause a compile error. However, this module uses binary
constants in some other places. Replace them by hexadecimal constants,
which makes it easier to read and is C99 compatible.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
clang gives the following warning about function meas_type():
proto_80211_mac_hdr.c:1704:1: warning: control may reach end of non-void function [-Wreturn-type]
}
^
Even though this is a false positive (since we check the entire range of
an u8 in the switch/case), fix it by turning the case 13 ... 255 into
default.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Binary constants are not C99, but a GCC extension. Moreover, Mohan
reports compilation errors resulting from these constructs when using a
PowerPC cross-compiler. Thus, replace them by the corresponding
hexadecimal constants.
Reported-by: Mohan Kannekanti <mohan.kannekanti@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Any types that are fixed width should use the standard format specifier
macros (PRI... for printf-type functions, SCN... for scanf-type
functions) to ensure proper data access.
Prior to this ifpps was crashing in 32-bit environments due to the
following call
mvwprintw(screen, (*voff)++, 2,
"%s,%s %s (%s%s), t=%lums, cpus=%u%s/%u"
" ", uts.release, machine,
ifname, drvinf.driver, buff, ms_interval, top_cpus,
top_cpus > 0 && top_cpus < cpus ? "+1" : "", cpus);
since ms_interval is a uint64_t but %lu expects an unsigned long, which
is only 32 bits.
Signed-off-by: James McCoy <vega.james@gmail.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This header is actually only needed in dissector_eth and
dissector_80211, so remove the other users accordingly.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
Fix two signed/unsigned comparison warnings by changing variable types.
Fix warnings about unused parameters by removing all of the
unimplemented functions and replacing them with one *_unimplemented()
function.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|
|
This patch fixes the followingf sparse warning:
proto_80211_mac_hdr.c:3389:24: warning: Using plain integer as NULL pointer
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
Fix for spelling mistakes detected by Lintian.
Signed-off-by: Kartik Mistry <kartik@debian.org>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
|
|
We decided to get rid of the old Git history and start a new one for
several reasons:
*) Allow / enforce only high-quality commits (which was not the case
for many commits in the history), have a policy that is more close
to the one from the Linux kernel. With high quality commits, we
mean code that is logically split into commits and commit messages
that are signed-off and have a proper subject and message body.
We do not allow automatic Github merges anymore, since they are
total bullshit. However, we will either cherry-pick your patches
or pull them manually.
*) The old archive was about ~27MB for no particular good reason.
This basically derived from the bad decision that also some PDF
files where stored there. From this moment onwards, no binary
objects are allowed to be stored in this repository anymore.
The old archive is not wiped away from the Internet. You will still
be able to find it, e.g. on git.cryptoism.org etc.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
|