Wireshark mailing list archives
Re: What filter value in -e will tell me the Channel an SSID is working on?
From: Anthony Murabito <anthony.murabito () gmail com>
Date: Mon, 9 Jan 2012 14:56:42 -0800
This should work as long as the capture you working with has radiotap headers, but not all do. You might also look into using wlan_mgt.ds.current_channel which is likely always present, from the DS Parameter Set element in Beacons. /A On Mon, Jan 9, 2012 at 1:44 AM, j.snelders <j.snelders () telfort nl> wrote:
What about: tshark -r 0601.pcap -T fields -e frame.number -e wlan_mgt.ssid -e radiotap.channel.freq -E header=y -E separator=, > 0601.csv Useful links: http://www.wireshark.org/docs/dfref/ http://www.wireshark.org/docs/dfref/r/radiotap.html http://www.wireshark.org/docs/dfref/w/wlan.html Or use TShark with the option -G: $ tshark -G | grep radiotap.channel F Channel radiotap.channel FT_UINT32 radiotap 802.11 channel number that this frame was sent/received on F Channel frequency radiotap.channel.freq FT_UINT32 radiotap Channel frequency in megahertz that this frame was sent/received on etc. http://www.wireshark.org/docs/man-pages/tshark.html Hope this helps Joke On Mon, 9 Jan 2012 07:38:47 +0000 Another Sillyname wrote:On 9 January 2012 04:47, Martin Visser <martinvisser99 () gmail com> wrote:In order to find appropriate values to monitor, it is generally mucheasierto initially view the captured data in Wireshark. Then find the decoded parameter of interest and select it. The appropriate name should shouldupin the Status Bar. Unfortunately I can't do Wireless monitoring on my hardware, butGooglingand? http://wiki.wireshark.org/Wi-Fi? seems to tell me that"wlan_mgt.ssid"might be what you are looking for. Regards, Martin MartinVisser99 () gmail com On 9 January 2012 12:34, Another Sillyname <anothersname () googlemail comwrote:There are so many different values in tshark and I can't find the one that actually definitively tells me which channel the networks I'm watching are locked to. The only thing I can find is Tag Interpretation: Current Channel However I can't find a -e filter that matches that value. Any help appreciated.Thanks for the suggestion but I'm looking for the channel info not thessid.Anyone?___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- What filter value in -e will tell me the Channel an SSID is working on? Another Sillyname (Jan 08)
- Re: What filter value in -e will tell me the Channel an SSID is working on? Martin Visser (Jan 08)
- Re: What filter value in -e will tell me the Channel an SSID is working on? Another Sillyname (Jan 08)
- Re: What filter value in -e will tell me the Channel an SSID is working on? j.snelders (Jan 09)
- Re: What filter value in -e will tell me the Channel an SSID is working on? Anthony Murabito (Jan 09)
- Re: What filter value in -e will tell me the Channel an SSID is working on? Another Sillyname (Jan 08)
- Re: What filter value in -e will tell me the Channel an SSID is working on? Martin Visser (Jan 08)