Is 802.11ad supported in Wireshark? If not, when this feature will be available? Thank you. asked 27 Jan '14, 05:01  alexf |
3 Answers:
Wireshark does not access the hardware directly, it's the capturing library it is using (libpcap or WinPcap), together with certain OS kernel APIs. So, it's not a question when Wireshark supports 802.11ad. The question is, when your OS supports such a device and if the capturing library on that OS works with that device/driver. As soon as those conditions are fulfilled, you will be able to capture 802.11ad traffic with Wireshark or similar tools (like: tcpdump). Regards answered 27 Jan '14, 06:00  Kurt Knochner ♦ edited 27 Jan '14, 08:25 |
"Supported" in what sense? If you mean "does Wireshark support capturing with hardware that supports 802.11ad", the answer to that question is, as Kurt Knochner noted, "Wireshark supports what the hardware, OS, and drivers supports". If you mean "does Wireshark support radio metadata information for new 802.11ad features", I'm not sure any of the radio metadata formats Wireshark supports when capturing (radiotap and PPI) currently have any such information. If you mean "does Wireshark support the changes to packet formats made in 802.11ad", the answer is, from a quick look at the code, "not currently", and the answer to "when this feature will be available?" is "when somebody writes code to support those changes and contributes it to Wireshark" - we have no roadmap for adding particular protocol features, it's up to individual developers to add them. answered 27 Jan '14, 14:46  Guy Harris ♦♦ |
Patch for 11ad support is in process of merging, see https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8594 With this patch, one can decode 802.11ad MAC headers. If you are interesting in 802.11ad sniffer, you can help merging this patch. answered 26 May '14, 07:57  Vladimir Kon... |
Thank you Kurt and Guy for your prompt answers.
Maybe I should have asked: How can I sniff today on 60Ghz? I apologize if my question sounded aggressive or imprecise/ inappropriate to you. I just wanted to keep it simple/short (but unfortunately I was wrong). When mentioning "feature" I was thinking about the AirPcap device that might support it in the future. Thank you for your time spent developing Wireshark and helping others on this forum.
Regarding contribution to Wireshark through writing code, I stumbled upon this project description Sniffer for 802.11ad (60g) WiFi protocol http://lccn.cs.technion.ac.il/Past_Projects/Winter2013_Current_Index.shtml
Yes, imprecise. Precise questions are easier to answer correctly.
If you aren't concerned about radio metadata or correct dissection of new packet types, a quick google for
801.11ad linuxfound a page about the Wilocity wil6210 card that seems to indicate that Linux supports it and that it can be put into monitor mode, but "Due to hardware/firmware deficiency, sniffer can capture either only control PHY (CP) or only data PHY (DP).", so you might be able to sniff with Linux on a machine with a wil6210 card.There is currently no AirPcap adapter with 11ad support, so there's currently no support for capturing 802.11ad traffic with Wireshark on Windows.