On Jul 29, 2010, at 1:18 PM, Jon Smirl wrote:
> The hardware that is leaving the FCS on encapsulates them as Ethernet
> frames with an Ethertype of 0x809a.
OK, so these *aren't* native 802.15.4 captures, in the sense that the link-layer header at the beginning of the raw frame data isn't an 802.15.4 header, it's an Ethernet header.
In that case, the WTAP_ENCAP_ values are completely irrelevant; the WTAP_ENCAP_ value for the packets in question is, and should be, WTAP_ENCAP_ETHERNET. Don't even bother defining WTAP_ENCAP_IEEE802_15_4_NOFCS.
So what does the hardware that *doesn't* include the FCS use? Is it encapsulating them inside Ethernet frames? If so, what Ethernet type does it use? Does it also use 0x809a? If so, could it choose a different Ethertype, so that programs that see those frames can automatically determine whether there's an FCS or not?