Revision history [back]

Been playing for hours now so coming to the experts! I am pretty sure this is really a PCAP question but I can't figure out where to ask that either. Not so smart am i. At any rate been trying to set up a capture filter to gather everything to/from a particular OUI on wifi. The setup - mediatek wifi adapters on linux in monitor mode. Working great.

Using slicing I can do anything i want with wlan [0] == 0xnn and get the expected results. However, using any other byte, IE: wlan[1] == 0xnn for instance results in a null capture. Even though I am using nn that I know is byte two of the station. Of course, the more complicated forms don't work either such as wlan [0:2] ==0xnnnn and such.

Been playing for hours now so coming to the experts! I am pretty sure this is really a PCAP question but I can't figure out where to ask that either. Not so smart am i. At any rate been trying to set up a capture filter to gather everything to/from a particular OUI on wifi. The setup - mediatek wifi adapters on linux in monitor mode. Working great.

Using slicing I can do anything i want with wlan [0] == 0xnn and get the expected results. However, using any other byte, IE: wlan[1] == 0xnn for instance results in a null capture. Even though I am using nn that I know is byte two of the station. Of course, the more complicated forms don't work either such as wlan [0:2] ==0xnnnn and such.