The first two bytes of the MAC header is called as Frame Control Field, which includes Protocol Version, Type, SubType, To DS, From DS, More Fragments, Retry, Power Management, More Data, Protected Frame, and Order. As you could see from the following picture.
Above the picture from CWAP
Protocol is a 2 bit field at the beginning of MAC heard. After protocol version, the Type field and Subtype file are used to identify the function of the frame.
The following wireless packet capture shows the these three fields
All 802.11 frames aways set Protocol Version as 0. All other values are reserved.
There are 4 types fames, as the following
Above the picture from CWAP
The subtype field are 4 bits and the combinations are shown as the following,
Above pictures from CWAP
At last, I list Filters of wireshark for these three fields
wlan.fc.version ----> Proctocol version
wlan.fc.type ----> Type
wlan.fc.subtype ----> Subtype
wlan.fc.version ----> Proctocol version
wlan.fc.type ----> Type
wlan.fc.subtype ----> Subtype
No comments:
Post a Comment