commit 52a3833b2aae38a96056ecf822cfd896490bd040
parent 28f1cc5a1fdb70622b803532a22bff73920c003a
Author: Jordan Ritter <jpr5@darkridge.com>
Date: Wed, 18 Oct 2006 03:53:46 +0000
added radiotap support. still not happy with it but it's as good as
it's gonna get. explored duplicating what libpcap does to support it
but it looks like the variable-length header garbage caused them a
fair bit of trouble too. oh well.
Diffstat:
1 file changed, 16 insertions(+), 0 deletions(-)
diff --git a/ngrep.c b/ngrep.c
@@ -153,6 +153,7 @@ void (*dump_func)(unsigned char *, uint32_t) = &dump_formatted;
char *filter = NULL, *filter_file = NULL;
char pc_err[PCAP_ERRBUF_SIZE];
uint8_t link_offset;
+uint8_t radiotap_present = 0;
pcap_t *pd = NULL;
pcap_dumper_t *pd_dump = NULL;
@@ -572,6 +573,13 @@ int main(int argc, char **argv) {
break;
#endif
+#if HAVE_DLT_IEEE802_11_RADIO
+ case DLT_IEEE802_11_RADIO:
+ link_offset = IEEE80211HDR_SIZE;
+ radiotap_present = 1;
+ break;
+#endif
+
default:
fprintf(stderr, "fatal: unsupported interface type %u\n", pcap_datalink(pd));
clean_exit(-1);
@@ -626,6 +634,14 @@ void process(u_char *d, struct pcap_pkthdr *h, u_char *p) {
unsigned char *data;
uint32_t len = h->caplen;
+#if HAVE_DLT_IEEE802_11_RADIO
+ if (radiotap_present) {
+ uint16_t radio_len = ((struct NGREP_rtaphdr_t *)(p))->it_len;
+ ip4_pkt = (struct ip *)(p + link_offset + radio_len);
+ len -= radio_len;
+ }
+#endif
+
ip_ver = ip4_pkt->ip_v;
switch (ip_ver) {