Ask Your Question
0

dumpcap -k is not accepting channel type values on macOS

asked 2020-04-01 17:21:47 +0000

cwren_wifi gravatar image

updated 2020-04-01 19:24:39 +0000

Guy Harris gravatar image

I'm trying to perform a manual 802.11ac packet capture on a VHT80 channel.

When invoke the -k option, i'm getting not valid channel type errors:

HQSML-16882:~ Eng_Eval$ dumpcap -i en0 -k 5220,80Mhz,5220

dumpcap: "80Mhz" is not a valid 802.11 channel type

HQSML-16882:~ Eng_Eval$ dumpcap -i en0 -k 5220,VHT80,5220

dumpcap: "VHT80" is not a valid 802.11 channel type

HQSML-1688263:~ Eng_Eval$ dumpcap -i en0 -k 5220,VHT40,5220

dumpcap: "VHT40" is not a valid 802.11 channel type

HQSML-16882:~ Eng_Eval$ dumpcap -i en0 -k 5220,40MHz,5220

dumpcap: "40MHz" is not a valid 802.11 channel type

HQSML-16882:~ Eng_Eval$ dumpcap -i en0 -k 5220,40Mhz,5220

dumpcap: "40Mhz" is not a valid 802.11 channel type

HQSML-16882:~ Eng_Eval$ dumpcap -i en0 -k 5220,80MHz,5220

dumpcap: "80MHz" is not a valid 802.11 channel type

When i checked the source code, I see the function call and enumerated list for the "-k" option, but it appears the string definitions for the channel type are commented out.

https://github.com/wireshark/wireshar...

https://github.com/boundary/wireshark...

I'm running WireShark 3.2.2 on MacOS 10.14.6

Can someone provide the proper syntax for setting 5GHz channel 44 (5220 MHz) @ 80 MHz bandwidth?

edit retag flag offensive close merge delete

Comments

Is the dumpcap executable from Wireshark or Boundary? dumpcap -v
Wireshark current definitions here

dumpcap -i wlan0 -k 5220,VHT80,5220

is accepted as good syntax with dumpcap 3.0.5

Chuckc gravatar imageChuckc ( 2020-04-01 18:40:25 +0000 )edit
add a comment

2 Answers

Sort by ยป oldest newest most voted
0

answered 2020-04-02 21:57:49 +0000

cwren_wifi gravatar image

dumpcap man page with the -k options

https://www.wireshark.org/docs/wsug_h...

edit flag offensive delete link more
add a comment
0

answered 2020-04-01 18:58:10 +0000

Guy Harris gravatar image

When i checked the source code, I see the function call and enumerated list for the "-k" option, but it appears the string definitions for the channel type are commented out.

Not if you look at the master branch's version of caputils/ws80211_utils.c (look at the ws80211_str_to_chan_type() function) and caputils/ws80211_utils.h (where the values that function uses are defined). That's the function set_80211_channel() in dumpcap uses.

If, however, you do look there, you see that the strings for channel type are:

  • "NOHT";
  • "HT20";
  • "HT40-;
  • "HT40+";
  • "VHT80";
  • "VHT80+80";
  • "VHT160";

"80Mhz" and "40MHz" are not, and have never been, valid values. "VHT80" is, and has been, valid since Wireshark 2.6.

However:

I'm running WireShark 3.2.2 on MacOS 10.14.6

we don't support setting the channel on macOS; it's currently Linux-only. I'll look at fixing the error message.

edit flag offensive delete link more

Comments

https://www.wireshark.org/docs/man-pa...
Man page doesn't mention -k - usage or platforms supported.

Chuckc gravatar imageChuckc ( 2020-04-01 19:01:49 +0000 )edit

Man page doesn't mention -k - usage or platforms supported.

Apparently the person who contributed the code didn't contribute a documentation update.

Guy Harris gravatar imageGuy Harris ( 2020-04-01 19:26:02 +0000 )edit

I've changed dumpcap so that it reports

dumpcap: Setting 802.11 channels is not supported on this platform

and updated the man page to mention -k and to note that it's not supported on all platforms (it doesn't mention specific platforms).

Guy Harris gravatar imageGuy Harris ( 2020-04-01 22:29:39 +0000 )edit

Thank you!

Chuckc gravatar imageChuckc ( 2020-04-01 23:26:10 +0000 )edit

Thanks for the quick response.

cwren_wifi gravatar imagecwren_wifi ( 2020-04-02 16:28:47 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2020-04-01 17:21:47 +0000

Seen: 280 times

Last updated: Apr 02 '20

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2