802.11 bugs

[aturner]

Elie wrote:
Aaron,

I spent time today implementing a 802.11 frame decoder. Hence I 
took a look on how you did for tcpreplay.  It seems that I spot a 
couple of bug in the code. I haven't done a patch (sorry) but I 
have wrote a list while coding my implementation. I have tested my
 implementation against a couple of trace and it seems to work. I 
have also compare my output to wireshark and it seems consistent.


So I think that:

1)/src/tcpedit/plugins/dlt_ieee80211/ieee80211.h: The struct 
ieee80211_hdr_s (line 53) ieee80211_addr4_hdr_s (line 75) have an 
erroneous extra member: seqid.

Sequence ID are on the same u_int_16 than the frag number. 
For example addr3 structure size has to be 24 not 26.

2) a couple of define are wrong 
- l58 ieee80211_FC_TO_DS_MASK  should be 0x0001
- l59 ieee80211_FC_FROM_DS_MASK  should be 0x0002 
- l64 ieee80211_FC_WEP_MASK should be 0x0040

src/tcpedit/plugins/dlt_ieee80211/ieee80211_hdr.c

3) Accordingly l118 is if((fc & 0x0040) == 0x0040) { 
or might even use the define ieee80211_FC_WEP_MASK

4) according to my test when using the 802.11 addr3 header it used 
the ether addr for the "FC_FROM_DS" is the addr 1 hence the line 
180 should be return addr3 > addr1;

Also to answer the comment on line 86, you have indeed to add +2 to 
the decoded len because it is a padding 0x0000. My current 
implementation test if the first byte is 0x88 and if so add +2. It 
seems to work great.

I hope this help. If you need a pcap sample. I have a nice trace 
(short) from the toronto airport :)

Regards,
Elie

• header doesn't have dedicated seqid field (same as frag_id)
• Many FC MASK / values are wrong in the header file
• Returning incorrect MAC value for packets from DS
• Converting from 802.11 to EN10MB is broken because L2 headers aren't properly substituted.

[aturner]

sample 802.11 pcap

[aturner]

(In [2079]) work on 802.11 code. refs #325