Wireshark-commits: [Wireshark-commits] master-2.4 1bbf3b2: Fix dissection of 802.11+radiotap frames
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1bbf3b23e11199562d11e69a49423880adf76643
Submitter: "Guy Harris <guy@xxxxxxxxxxxx>"
Changed: branch: master-2.4
Repository: wireshark
Commits:
1bbf3b2 by Guy Harris (guy@xxxxxxxxxxxx):
Fix dissection of 802.11+radiotap frames in Linux "cooked" captures.
Those frames *don't* have their link-layer headers stripped, even on
PF_PACKET/SOCK_DGRAM captures (hopefully, nobody will consider that a
bug and "fix" it).
The "hatype" field is the ARPHRD_ value for the adapter, as returned by
SIOCGIFHWADDR; in monitor mode, those frames will have an hatype of
ARPHRD_IEEE80211_RADIOTAP. Add an "sll.hatype" dissector table, which
we check before checking the "sll.ltype" dissector table, and have the
radiotap dissector register in that table.
We still use the special hack for an hatype of ARPHRD_NETLINK, because,
for *those* frames, the "protocol" field of the nominal SLL header is
the netlink family, not an Ethertype or anything else that the SLL
dissector would handle.
Change-Id: If503a7daa9133adf1b8c330ec28c4c824d4f551d
Reviewed-on: https://code.wireshark.org/review/30592
Reviewed-by: Guy Harris <guy@xxxxxxxxxxxx>
(cherry picked from commit c348dd4b106621f85079ebaf8202229c689ea93b)
Reviewed-on: https://code.wireshark.org/review/30594
Actions performed:
from da15e75 [Automatic update for 2018-11-11]
add 1bbf3b2 Fix dissection of 802.11+radiotap frames in Linux "cooked" captures.
Summary of changes:
epan/dissectors/packet-ieee80211-radiotap.c | 9 +++++
epan/dissectors/packet-sll.c | 61 ++++++++++++++++++++++-------
epan/dissectors/packet-sll.h | 13 +++++-
3 files changed, 67 insertions(+), 16 deletions(-)
