Ethereal-users: [Ethereal-users] Capture Header Decoding for Netxray (NetAsyst)

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Ken Mann" <KMann@xxxxxxxxxxxxxxx>
Date: Mon, 24 Jan 2005 10:39:25 -0700
I am attempting to decode the capture header for wireless sniffs output by NetAsyst 1.0.003.
Specifically, I am trying to discern the information found in guint8 xxx[28] in the packet header structure.
I have been able to discern the Channel, Speed, % signal strength, and the source MAC. There is a two byte field that seems to be non-zero whenever an error is present (CRC and/or WEP ICV), but is not clear what the different values mean (various combinations of either 1 or 5 in the two bytes).
 
/* NetXRay format version 2.x data record format - followed by frame data. */
struct netxrayrec_2_x_hdr {
 guint32 timelo;  /* lower 32 bits of time stamp */
 guint32 timehi;  /* upper 32 bits of time stamp */
 guint16 orig_len; /* packet length */
 guint16 incl_len; /* capture length */
 guint8 xxx[28]; /* various data */
};

 

Ken Mann
Software Engineer
(303) 583-5364 (work)
(303) 916-2872 (cell)

SpectraLink Corporation
5755 Central Avenue
Boulder, CO 80301
kmann@xxxxxxxxxxxxxxx