tcpdump mailing list archives
Re: USB support in libpcap
From: "Gianluca Varenni" <gianluca.varenni () cacetech com>
Date: Mon, 26 Mar 2007 13:28:15 -0700
----- Original Message ----- From: "Michael Richardson" <mcr () sandelman ottawa on ca>
To: <tcpdump-workers () lists tcpdump org> Sent: Monday, March 26, 2007 12:50 PM Subject: Re: [tcpdump-workers] USB support in libpcap
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1"Jon" == Jon Smirl <jonsmirl () gmail com> writes:Jon> For example wifi adapters are all built using proprietary USBJon> messages, to decode these messages you need to know the USB device ID Jon> of the adapter. This device id is not normally in the capture stream Jon> of the adapter. The attached code will force this data into the stream Jon> when capture is first started so that an app like Wireshark has theJon> needed data to full decode the stream. Okay, so if the point is to do a network capture from a USB attached wifi, why not just capture the 802.11 frames themselves into the already standardized frame formats we have?
I think the point here is that every USB device (being it a network card, a pen drive or a webcam) uses its own format for the "packets" that are transferred to/from the device. The only way to interpret those data is knowing the specific device generating the data. So at least USB vendor ID and USB device ID. Sometimes this is not enough, as some USB devices use different data formats among different sub-versions and rev's (and this is again part of the ID of a USB device).
Have a nice day GV
- -- ] Bear: "Me, I'm just the shape of a bear." | firewalls [ ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[ ] mcr () xelerance com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Finger me for keys iQEVAwUBRggkH4CLcPvd0N1lAQI3nggAwY9HAY3Dr5wHC7SXaArnQi+rHL453k07 3Zk2drhcLahUyVYBlC9+lw+FEAiFMHjBMl2M9cL6uANweBHONyg7Sly3XiXjLWFu ZQNyo8gnfqO3kkHm0qQ0bHVdYp309kOyV4M/mhsfHHr+mbpEoNjeObT1pqyCK4Ur sCJ9tzaQGgYhStaKJ460lXrcGs8by/A9JKHi5mpQqaHr7gfnvqhx6tjoZaGzWLL0 9hagKiaTYN+l6ass0DXf+BFuhvsv3so/pinwO89J9dt2S+8p+ma3BGxbnnD+EQMI hlfZCYWELLHcEw8jTLF0EHkhwt4RG+LIRS26tMnpBdU7rs+QS63vIA== =Jnj+ -----END PGP SIGNATURE----- - This is the tcpdump-workers list.Visit https://cod.sandelman.ca/ to unsubscribe.
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- USB support in libpcap Jon Smirl (Mar 25)
- Re: USB support in libpcap Michael Richardson (Mar 26)
- Re: USB support in libpcap Bruce M Simpson (Mar 26)
- Re: USB support in libpcap Gianluca Varenni (Mar 26)
- Re: USB support in libpcap Jon Smirl (Mar 26)
- Re: USB support in libpcap Jon Smirl (Mar 26)
- Re: USB support in libpcap Michael Richardson (Mar 26)