tcpdump mailing list archives
Re: output query
From: Guy Harris <guy () alum mit edu>
Date: Sat, 6 Feb 2010 16:41:34 -0800
On Feb 5, 2010, at 6:41 PM, Liu Feng wrote:
when I use tcpdump to capture wifi signals, this is the result I get: 15:47:31.547609 285163963350us tsft 1.0 Mb/s 2437 MHz (0x00a0) -98dB signal -102dB noise antenna 1 [0x0000000e] BSSID:00:23:69:29:10:5b DA:ff:ff:ff:ff:ff:ff SA:00:23:69:29:10:5b Beacon (EKAHAU) ESS, PRIVACY can you tell me the meanings of the highlighted information?
Highlighted? Nothing highlighted above. :-) (Yeah, some of us send plain-text mail by default.) In any case: 285163963350us tsft: the Time Synchronization Function Timer value for the frame: http://www.radiotap.org/defined-fields/TSFT 1.0 Mb/s: the data rate at which the frame was received: http://www.radiotap.org/defined-fields/Rate (0x00a0): I'm not sure - I don't see anything in top-of-tree tcpdump that would print that in a radiotap header; what version of tcpdump are you using? (What does "tcpdump -h" print, and what version of what OS is this on? If it's a Linux distribution, give the name of the distribution, and the release of the distribution, rather than the version of the kernel.) [0x0000000e]: In theory, that would be an indication that there's a radiotap "presence bit" that tcpdump doesn't know about, except that 0x0000000e has 3 bits set. DA:ff:ff:ff:ff:ff:ff: that's the Destination Address of the frame; see IEEE 802.11-2007 - IEEE 802.11 has more MAC addresses than does, for example, Ethernet SA:00:23:69:29:10:5b that's the Source Address of the frame; see IEEE 802.11-2007- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- output query Liu Feng (Feb 06)
- Re: output query Guy Harris (Feb 06)
- Re: output query Guy Harris (Feb 06)
- Re: output query Guy Harris (Feb 06)