Missing packet fields in big endian with ath9k

[Luis Correia <lfpcorreia () gmail com>]

Hi all!
I'm doing a project of mine. It's about guiding a robot in my living room using wifi.
At first I tried to use two raspberry pi with a wifi dongle (ath9k-htc) and libpcap to capture wifi packets and read 
the rssi from my robot mac address.
It works fine. But then I thought in using OpenWRT. Since I was able to get my hands on two cheap TP-LINK MR-3220 
(ath9k) I recompiled the code to run on mips.


The thing is all the info I gather from the packets are "like misaligned". For example, if I print the mac address's 
for each packet I get :

11:96:77:3c:38:e7, d8:d8:b2:94:58:98, 35:8e:ad:e4:a0:4a

where the mac from the robot is 38:e7:d8:d8:b2:94!

And the rest of the bits in the collected packets are also off..
So, the code prints everything fine in the Raspberry Pi (RSSI, type and subtype of frames, etc), why not in openwrt?!


My headers go like this:

#define EXTRACT_LE_16BITS(p) ((u_int16_t)((u_int16_t) * ((const u_int8_t *)(p) + 1) << 8 | (u_int16_t)*((const u_int8_t 
*)(p) + 0)))


struct sniff_80211 {
 u_int16_t control[2];//32bit
 u_int16_t duration;
 u_char add1[6];
 u_char add2[6];
 u_char add3[6];
 u_int16_t seq;
};

typedef struct _mac_header {
   unsigned char fc[2];
   unsigned char id[2];
   unsigned char add1[6];
   unsigned char add2[6];
   unsigned char add3[6];
   unsigned char sc[2];
}mac_header;


struct frame_control {
   unsigned protocol :2;
   unsigned type :2;
   unsigned subtype :4;
   unsigned to_ds :1;
   unsigned from_ds :1;
   unsigned more_frag :1;
   unsigned retry :1;
   unsigned pwr_mgt :1;
   unsigned more_data :1;
   unsigned wep :1;
   unsigned order :1;
};



My "logic" is this:

pcap_open_live(device->name, 1024, 1, 500, errbuf)

For each captured packet with libpcap:
pcap_next_ex(adhandle, &header, &data)
Do:

        struct ath_rx_radiotap_header *first = (struct ath_rx_radiotap_header*) (data);

        int radio_len3 = get_unaligned_le16(&first->wr_ihdr.it_len);
                
        cout <<  radio_len3 << endl;
        mac_header *p = (mac_header*) (data + radio_len);
                
        struct frame_control *c = (struct frame_control*) p->fc;

        cout << ether_ntoa((struct ether_addr *) p->add1) << " " << ether_ntoa((struct ether_addr *) p->add2) << " " << 
ether_ntoa((struct ether_addr *) p->add3) << " " << first->wr_antenna << " " << c->type << " " <<  c->subtype  << endl;



This prints (with, for example a filter of type data, subtype qos-data):


13 <- radiotap header length
38:e7:d8:d8:b2:94 f8:d1:11:96:77:3c 58:98:35:8e:ad:e4 ? 0 8 <- (this is addr1, addr2, addr3, rssi, type, subtype of 
captured packet)

Notice strange char for rssi value and type 0 subtype 8 where it should be type 2 (data) subtype 8 

13 
38:e7:d8:d8:b2:94 f8:d1:11:96:77:3c 58:98:35:8e:ad:e4 ? 0 8
34 
f8:d1:11:96:77:3c 38:e7:d8:d8:b2:94 58:98:35:8e:ad:e4 ? 0 8
34 
f8:d1:11:96:77:3c 38:e7:d8:d8:b2:94 58:98:35:8e:ad:e4 ? 0 8
13 
38:e7:d8:d8:b2:94 f8:d1:11:96:77:3c 58:98:35:8e:ad:e4 ? 0 8
13 
38:e7:d8:d8:b2:94 f8:d1:11:96:77:3c 58:98:35:8e:ad:e4 ? 0 8
34 
f8:d1:11:96:77:3c 38:e7:d8:d8:b2:94 58:98:35:8e:ad:e4 ? 0 8



What could be wrong in openwrt that isn't on the raspberry pi?!  Is it the little endian of raspberry vs the big endian 
of the uplink ? If so how can I get the info I want? (rssi, type and subtype of packet)?

Thanks for any help! I've been scratching my head for days now..



PS: maybe this question doesn't belong here, but I can't get help anywhere else..

Again, thanks in advance.
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers