aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--epan/dissectors/packet-ieee80211-prism.c277
1 files changed, 174 insertions, 103 deletions
diff --git a/epan/dissectors/packet-ieee80211-prism.c b/epan/dissectors/packet-ieee80211-prism.c
index 1d847e3fe9..73fd4ce7e7 100644
--- a/epan/dissectors/packet-ieee80211-prism.c
+++ b/epan/dissectors/packet-ieee80211-prism.c
@@ -115,39 +115,87 @@ static gint ett_prism_did = -1;
*
* XXX - what about other drivers that supply Prism headers, such as
* old versions of the MadWifi driver?
+ *
+ * I'm not sure where these DID values come from, but they work with
+ * at least one capture file. However, in
+ *
+ * http://ask.wireshark.org/questions/14963/how-to-get-the-field-did-unknown-4041-into-the-column
+ *
+ * somebody reports a capture where *different* DID values, corresponding
+ * to
+ *
+ * http://home.martin.cc/linux/prism
+ *
+ * are used (and that's not a byte-order issue, as those values are *not*
+ * just byte-swapped versions of the other values).
*/
#define PRISM_HEADER_LENGTH 144 /* Default Prism Header Length */
-#define PRISM_DID_HOSTTIME 0x00010044 /* Host time element */
-#define PRISM_DID_MACTIME 0x00020044 /* Mac time element */
-#define PRISM_DID_CHANNEL 0x00030044 /* Channel element */
-#define PRISM_DID_RSSI 0x00040044 /* RSSI element */
-#define PRISM_DID_SQ 0x00050044 /* SQ element */
-#define PRISM_DID_SIGNAL 0x00060044 /* Signal element */
-#define PRISM_DID_NOISE 0x00070044 /* Noise element */
-#define PRISM_DID_RATE 0x00080044 /* Rate element */
-#define PRISM_DID_ISTX 0x00090044 /* Is Tx frame */
-#define PRISM_DID_FRMLEN 0x000A0044 /* Frame length */
+
+/*
+ * From the page cited above. What's this?
+ */
+#define PRISM_MSGCODE 0x00000041 /* Monitor Frame */
+
+/*
+ * DID codes - PRISM_DID1_xxx are the non-home.martin.cc values, and
+ * PRISM_DID2_xxx are the home.martin.cc values.
+ */
+#define PRISM_DID1_HOSTTIME 0x00010044 /* Host time element */
+#define PRISM_DID2_HOSTTIME 0x00001041
+#define PRISM_DID1_MACTIME 0x00020044 /* Mac time element */
+#define PRISM_DID2_MACTIME 0x00002041
+#define PRISM_DID1_CHANNEL 0x00030044 /* Channel element */
+#define PRISM_DID2_CHANNEL 0x00003041
+#define PRISM_DID1_RSSI 0x00040044 /* RSSI element */
+#define PRISM_DID2_RSSI 0x00004041
+#define PRISM_DID1_SQ 0x00050044 /* SQ element */
+#define PRISM_DID2_SQ 0x00005041
+#define PRISM_DID1_SIGNAL 0x00060044 /* Signal element */
+#define PRISM_DID2_SIGNAL 0x00006041
+#define PRISM_DID1_NOISE 0x00070044 /* Noise element */
+#define PRISM_DID2_NOISE 0x00007041
+#define PRISM_DID1_RATE 0x00080044 /* Rate element */
+#define PRISM_DID2_RATE 0x00008041
+#define PRISM_DID1_ISTX 0x00090044 /* Is Tx frame */
+#define PRISM_DID2_ISTX 0x00009041
+#define PRISM_DID1_FRMLEN 0x000A0044 /* Frame length */
+#define PRISM_DID2_FRMLEN 0x0000A041
static const value_string prism_did_vals[] =
{
- { PRISM_DID_HOSTTIME, "Host Time" },
- { PRISM_DID_MACTIME, "Mac Time" },
- { PRISM_DID_CHANNEL, "Channel" },
- { PRISM_DID_RSSI, "RSSI" },
- { PRISM_DID_SQ, "SQ" },
- { PRISM_DID_SIGNAL, "Signal" },
- { PRISM_DID_NOISE, "Noise" },
- { PRISM_DID_RATE, "Rate" },
- { PRISM_DID_ISTX, "Is Tx" },
- { PRISM_DID_FRMLEN, "Frame Length" },
+ { PRISM_DID1_HOSTTIME, "Host Time" },
+ { PRISM_DID2_HOSTTIME, "Host Time" },
+ { PRISM_DID1_MACTIME, "Mac Time" },
+ { PRISM_DID2_MACTIME, "Mac Time" },
+ { PRISM_DID1_CHANNEL, "Channel" },
+ { PRISM_DID2_CHANNEL, "Channel" },
+ { PRISM_DID1_RSSI, "RSSI" },
+ { PRISM_DID2_RSSI, "RSSI" },
+ { PRISM_DID1_SQ, "SQ" },
+ { PRISM_DID2_SQ, "SQ" },
+ { PRISM_DID1_SIGNAL, "Signal" },
+ { PRISM_DID2_SIGNAL, "Signal" },
+ { PRISM_DID1_NOISE, "Noise" },
+ { PRISM_DID2_NOISE, "Noise" },
+ { PRISM_DID1_RATE, "Rate" },
+ { PRISM_DID2_RATE, "Rate" },
+ { PRISM_DID1_ISTX, "Is Tx" },
+ { PRISM_DID2_ISTX, "Is Tx" },
+ { PRISM_DID1_FRMLEN, "Frame Length" },
+ { PRISM_DID2_FRMLEN, "Frame Length" },
{ 0, NULL}
};
+/*
+ * The header file mentioned above says 0 means "supplied" and 1 means
+ * "not supplied". I haven't seen a capture file with anything other
+ * than 0 there.
+ */
static const value_string prism_status_vals[] =
{
- { 0, "Not Supplied" },
- { 1, "Supplied" },
+ { 0, "Supplied" },
+ { 1, "Not Supplied" },
{ 0, NULL}
};
@@ -213,6 +261,7 @@ dissect_prism(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
tvbuff_t *next_tvb;
int offset;
guint32 msgcode, msglen, did;
+ guint16 status;
guint8 *devname;
offset = 0;
@@ -273,6 +322,7 @@ dissect_prism(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
/* Status */
+ status = tvb_get_letohs(tvb, offset);
if(tree) {
proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_status, tvb, offset, 2, ENC_LITTLE_ENDIAN);
}
@@ -284,77 +334,98 @@ dissect_prism(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
}
offset += 2;
- /* Data... */
- switch(did){
- case PRISM_DID_HOSTTIME:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_hosttime, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
- }
- break;
- case PRISM_DID_MACTIME:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_mactime, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
- }
- break;
- case PRISM_DID_CHANNEL:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_channel, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
- }
- col_add_fstr(pinfo->cinfo, COL_FREQ_CHAN, "%u", tvb_get_letohl(tvb, offset));
- break;
- case PRISM_DID_RSSI:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_rssi, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
- }
- col_add_fstr(pinfo->cinfo, COL_RSSI, "%d", tvb_get_letohl(tvb, offset));
- break;
- case PRISM_DID_SQ:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_sq, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
- }
- break;
- case PRISM_DID_SIGNAL:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_signal, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
- }
- break;
- case PRISM_DID_NOISE:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_noise, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
- }
- break;
- case PRISM_DID_RATE:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_rate, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " %s Mb/s", prism_rate_return(tvb_get_letohl(tvb, offset)) );
- }
- col_add_fstr(pinfo->cinfo, COL_TX_RATE, "%s", prism_rate_return(tvb_get_letohl(tvb, offset)) );
-
- break;
- case PRISM_DID_ISTX:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_istx, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
- }
- break;
- case PRISM_DID_FRMLEN:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_frmlen, tvb, offset, 4, ENC_LITTLE_ENDIAN);
- proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
- }
- break;
- default:
- if(tree){
- proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_unknown, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ /* Data, if present... */
+ if (status == 0) {
+ switch(did){
+ case PRISM_DID1_HOSTTIME:
+ case PRISM_DID2_HOSTTIME:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_hosttime, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
+ }
+ break;
+
+ case PRISM_DID1_MACTIME:
+ case PRISM_DID2_MACTIME:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_mactime, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
+ }
+ break;
+
+ case PRISM_DID1_CHANNEL:
+ case PRISM_DID2_CHANNEL:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_channel, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
+ }
+ col_add_fstr(pinfo->cinfo, COL_FREQ_CHAN, "%u", tvb_get_letohl(tvb, offset));
+ break;
+
+ case PRISM_DID1_RSSI:
+ case PRISM_DID2_RSSI:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_rssi, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
+ }
+ col_add_fstr(pinfo->cinfo, COL_RSSI, "%d", tvb_get_letohl(tvb, offset));
+ break;
+
+ case PRISM_DID1_SQ:
+ case PRISM_DID2_SQ:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_sq, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
+ }
+ break;
+
+ case PRISM_DID1_SIGNAL:
+ case PRISM_DID2_SIGNAL:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_signal, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
+ }
+ break;
+
+ case PRISM_DID1_NOISE:
+ case PRISM_DID2_NOISE:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_noise, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
+ }
+ break;
+
+ case PRISM_DID1_RATE:
+ case PRISM_DID2_RATE:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_rate, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " %s Mb/s", prism_rate_return(tvb_get_letohl(tvb, offset)) );
+ }
+ col_add_fstr(pinfo->cinfo, COL_TX_RATE, "%s", prism_rate_return(tvb_get_letohl(tvb, offset)) );
+ break;
+
+ case PRISM_DID1_ISTX:
+ case PRISM_DID2_ISTX:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_istx, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " 0x%x", tvb_get_letohl(tvb, offset) );
+ }
+ break;
+
+ case PRISM_DID1_FRMLEN:
+ case PRISM_DID2_FRMLEN:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_frmlen, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ proto_item_append_text(ti_did, " %d", tvb_get_letohl(tvb, offset) );
+ }
+ break;
+
+ default:
+ if(tree){
+ proto_tree_add_item(prism_did_tree, hf_ieee80211_prism_did_unknown, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+ }
+ break;
}
- break;
}
offset += 4;
}
@@ -400,39 +471,39 @@ static hf_register_info hf_prism[] = {
"In jiffies - for our system this is in 10ms units", HFILL }},
{ &hf_ieee80211_prism_did_mactime,
- {"Mac Time", "prism.did.hosttime", FT_UINT32, BASE_DEC, NULL, 0x0,
- "In micro-seconds", HFILL }},
+ {"MAC timestamp (lower 32 bits)", "prism.did.mactime", FT_UINT32, BASE_DEC, NULL, 0x0,
+ "Lower 32 bits of value in microseconds of the MAC's Time Synchronization Function timer when the first bit of the MPDU arrived at the MAC.", HFILL }},
{ &hf_ieee80211_prism_did_channel,
- {"Channel", "prism.did.hosttime", FT_UINT32, BASE_DEC, NULL, 0x0,
+ {"Channel", "prism.did.channel", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_ieee80211_prism_did_rssi,
- {"RSSI", "prism.did.rssi", FT_UINT32, BASE_HEX, NULL, 0x0,
+ {"RSSI", "prism.did.rssi", FT_INT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_ieee80211_prism_did_sq,
- {"SQ", "prism.did.sq", FT_UINT32, BASE_HEX, NULL, 0x0,
+ {"Signal Quality", "prism.did.sq", FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_ieee80211_prism_did_signal,
- {"Signal", "prism.did.signal", FT_UINT32, BASE_HEX, NULL, 0x0,
+ {"Signal", "prism.did.signal", FT_INT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_ieee80211_prism_did_noise,
- {"Noise", "prism.did.noise", FT_UINT32, BASE_HEX, NULL, 0x0,
+ {"Noise", "prism.did.noise", FT_INT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }},
{ &hf_ieee80211_prism_did_rate,
- {"Rate (In Mb/s)", "prism.did.rate", FT_UINT32, BASE_CUSTOM, prism_rate_base_custom, 0x0,
- "In Mb/s", HFILL }},
+ {"Data rate (Mb/s)", "prism.did.rate", FT_UINT32, BASE_CUSTOM, prism_rate_base_custom, 0x0,
+ "Speed this frame was sent/received at", HFILL }},
{ &hf_ieee80211_prism_did_istx,
{"IsTX", "prism.did.istx", FT_UINT32, BASE_HEX, VALS(prism_istx_vals), 0x0,
- "Type of packet (RX or TX ?)", HFILL }},
+ "Type of packet (RX or TX?)", HFILL }},
{ &hf_ieee80211_prism_did_frmlen,
- {"Frame Length", "prism.did.frmlen", FT_UINT32, BASE_HEX_DEC, NULL, 0x0,
+ {"Frame Length", "prism.did.frmlen", FT_UINT32, BASE_DEC, NULL, 0x0,
"Length of the following frame in bytes", HFILL }},
{ &hf_ieee80211_prism_did_unknown,
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-24 07:33:07 +0000