tcpdump mailing list archives

Re: RadioTap Parsing as seperate library

From: Ravi chandra <particlereddy () gmail com>
Date: Fri, 19 Apr 2024 22:28:30 -0500

Hi Guy,

[1] Thanks for the quick response. I went through the examples of
t-shark and some codebase. Looks like it does help in my case.
[2] regarding others, RadioTap library is updated in wireshark and
have more additions in terms of header parsing compared to RadioTap
library standalone
[3] "Note that tcpdump has its own code to parse radiotap headers, and
that code doesn't use the Radiotap library.". Thanks for confirmation.

Thanks

On Mon, Apr 15, 2024 at 7:23 PM Guy Harris <gharris () sonic net> wrote:


On Apr 15, 2024, at 3:47 PM, Ravi chandra <particlereddy () gmail com> wrote:

I am planning to create an ieee 802.11 packet RadioTap parsing
code/library [offlines processing of pcap-ng files. Decoding each and
every field and write it to a .csv file].


If that's all you're doing, is there some reason why you don't just use TShark and do

        tshark -T fields -E separator=, -E quote=d -e {radiotap field} -e {another radiotap field} ...

Meanwhile, before asking [did my homework] of going through source
code and found the following.

[1] Compared to the Wireshark library, RadioTap library files


By "Radiotap library files" do you mean this library:

        https://github.com/radiotap/radiotap-library

are NOT updated in the radiotap-library.


What do you mean by "NOT updated"?  Do you mean that the recent commits haven't significantly changed the library?  
If so, maybe there's not much that needs changing.

[2] I see RadioTap headers/files/parsing functions have additional
arguments [which are specific to wireshark]. In other words, there is
NO direct way to call RadioTap headers easily to integrate with
libpcap_open_offline and pcap_next.


Note that tcpdump has its own code to parse radiotap headers, and that code doesn't use the Radiotap library.




-- 
god is always great and his miracles are enormous
_______________________________________________
tcpdump-workers mailing list -- tcpdump-workers () lists tcpdump org
To unsubscribe send an email to tcpdump-workers-leave () lists tcpdump org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s

Current thread:

RadioTap Parsing as seperate library Ravi chandra (Apr 15)
- Re: RadioTap Parsing as seperate library Guy Harris (Apr 15)
  - Re: RadioTap Parsing as seperate library Ravi chandra (Apr 19)