1 【No.】0.000000000【Time】 HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (TA)【Source】 10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) (RA)【Destination】802.11【Protocal】20【Length】Request-to-send, Flags=.........【Info】

RTS幀 (Request-to-send) 固定20字節 【2 Frame Control】 【2 Duration】【6 RA】【6 TA】【4 FCS】

b4 00 【2 Frame Control】

de 01 【2 Duration】

10 0e 0e 20 6a f4【6 RA】

18 4f 32 0f a4 ed【6 TA】

00 00 00 00【4 FCS】

Frame 1: 20 bytes on wire (160 bits), 20 bytes captured (160 bits)

802.11 radio information

PHY type: 802.11n (7)

Bandwidth: 20 MHz (0)

Data rate: 1.0 Mb/s

Channel: 1

Frequency: 2412 MHz

Signal strength (percentage): 39%

Signal strength (dBm): -77 dBm

Noise level (percentage): 18%

Noise level (dBm): -87 dBm

IEEE 802.11 Request-to-send, Flags: .........

Type/Subtype: Request-to-send (0x001b)

Frame Control Field: 0xb400

.... ..00 = Version: 0

.... 01.. = Type: Control frame (1)

1011 .... = Subtype: 11

Flags: 0x00

.... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00)

.... .0.. = More Fragments: This is the last fragment

.... 0... = Retry: Frame is not being retransmitted

...0 .... = PWR MGT: STA will stay up

..0. .... = More Data: No data buffered

.0.. .... = Protected flag: Data is not protected

0... .... = Order flag: Not strictly ordered

.000 0001 1101 1110 = Duration: 478 microseconds

Receiver address: 10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) //RA地址 在該網絡(STA外發)下相當于AP的地址

Transmitter address: HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) //TA地址 相當于STA的地址

Frame check sequence: 0x00000000 [incorrect, should be 0xbd0ede44] // FCS 4字節 用于檢查數據的完整性

[Good: False]

[Bad: True]

2【No.】0.000309000【Time】XX【Source】HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (RA)【Description】802.11【Protocal】14【Length】Clear-to-send, Flags=.........【Info】

CTS幀 (Clear-to-send) 固定14字節【2 Frame Control】 【2 Duration】【6 RA】【4 FCS】

802.11MAC幀

【1.MAC Header (1.1Frame Control幀控制位#2字節# ?1.2Duration/ID時長#2字節# ? 1.3 Address1地址#6字節# ?1.4 Address2地址#6字節#

1.5 Address3地址#6字節# ?1.6 SequenceControl#2字節# ? 1.7 Address4地址#6字節# ) ?】30字節

【2.Frame Body(具體由MAC Header決定內容)】 0--2312 可變字節

【3.FCS ?Frame Check Sequeue ?幀校驗序列】用于保障幀數據的完整性 ?4字節

【c4 ? ? 00 】 1.1 ?Frame Control域

1100 0100 ? ?0000 0000

1100 0100 ? ?0000 0000

b7 ?b6 ?b5 ?b4 ?b3 ?b2 ?b1 ?b0 ?|| ?b15 ?b14 ?b13 ?b12 ?b11 ?b10 ?b9 ?b8

b0 b1 = 0 0 ?; Protocol Version ? ?b0 b1代表802.11MAC幀版本號 目前值是 0

b2 b3 = 1 0 ?; Type 該幀的類型描述 ? b2b3 =00 管理Manage幀 ? b2b3 = 01 數據Data幀 ? ? ?b2b3 =10 控制Control幀 ? b2b3 = 11 保留

b4 b5 b6 b7 = 0 0 1 1; SubType ,用于與 Type 一起 決定 該幀 具體屬于什么幀 ? ?這里的type=10 控制Control幀 subtype = 0 0 1 1 決定了該幀是CTS幀

b8 = 0 ; To DS 該位只用于數據類型為Data幀 ? ?如果為數據幀 ?b8b9 = 00 同一個IBSS中 ?一個STA 到另一個 STA

b9 = 0 ; From DS ?該位只用于數據類型為Data幀 ? b8b9 = 01 ?代表來自AP的數據幀 ? ? b8b9 = 10 發往AP的MAC幀 ? b8b9 = 11 僅Mesh BSS支持 不討論

b10 = 0; More Fragments ?表示數據是否分片 ? ?該位只用于數據類型為Data幀 或者 Manage幀 ? b10 = 0不分片 ? b10 = 1分片

b11 = 0;Retry ? ? ?b11 = 0表示該幀不是重傳幀 ? ? ? b11 = 1表示該幀是重傳幀

b12 = 0;Power Managerment ? ? ?b12 = 0;表示發送該幀的STA處于活躍狀態 ? ? ?b12 = 1;表示發送該幀的STA處于省電狀態

b13 = 0;More Data ?和b12指定的省電模式有關 ?b13 = 0表示 STA已經接受完數據 ? ? b13 = 1 表示 AP還緩存著還未發送給STA的數據

b14 = 0; Protected Frame 表示數據是否加密 ? ?b14 = 0不加密 ? ? b14 = 1加密

b15 = 0; Order 指明接收端必須按順序處理該幀 ? ?b15 = 0 不需要按順序接受該幀 ? ? ? ?b15 = 1 需要按順序接受該幀

【a4 ? ? ? ? ? ?00 ?Duration】 1.2 ?Duration/ID時長#2字節#

1010 0100 ? ? 0000 0000

對于在 Frame Control中 type 和 subtype 決定的 PS-POLL幀 ?b2 b3 b4 b5 b6 b7 = 1 0 0 1 0 1 ?該字段 表示AID值 最后2位必須為1,前14位取值 1-2007

對于其他幀 ?該字段 表示 離下一幀 還剩多時間 ? 單位是 ?微秒

0000 0000 1010 0100 ?對應是 ? 164 微秒 ?一百萬分之一秒

a15 ... ?a1

【18 ?4f ?32 ?0f ?a4 ?ed ? Address】 1.3 ?Address地址#6字節#

MAC Address 6個字節 48位組成 由兩部分組成 0--23位 是廠商代碼 OUI組織唯一標志 ?后24位 是廠商制造的網卡的統一編號

第48位(U|M位)比較關鍵 ? ?如果b47 =0 表示的是【單播】地址 ? ?b47 =1 表示的是【組播】的地址 ? 如果地址全為1 FF-FF-FF-FF-FF-FF【廣播】地址

第47位(G|L位)用來表示MAC地址是全球唯一還是 ?本地唯一的 ?b46 =0代表全球唯一 ? b46 =1 本地唯一

MAC 頭部分共含有四個Address 五種地址定義

BSSID: AP的MAC地址 ? b46=1 代表全球唯一 ? ?b47 = 0 代表單播

DA: Destination Address DA 目的地址 ? 用來描述最終MAC數據包的接受者 ? 可以是單播也可以是組播 b47=0 b47=1 都可以

SA: Source Adddress SA ?源地址 ?用來描述最初發出Mac數據包的STA的地址 ? 一般只有單播 b47 =0

TA: Transmitter Address 發送STA地址的AP的地址 一般描述 將MAC數據包發送到 另一個AP覆蓋內的 中的STA地址

RA: Receiver Address 接收STA地址的AP的地址 ?描述接收MAC幀的

網絡類型 ? ?Address1(接收端) ? ? ?Address2(發送端) ? ? Address3(輔助) ? ? ?Address4

IBSS ? ? ? ? ?DA ? ? ? ? ? ? ? ? ? ? SA ? ? ? ? ? ? ? ? ?BSSID ? ? ? ? ? ? 未使用

To AP ? ? ? ? BSSID ? ? ? ? ? ? ? ? ?SA ? ? ? ? ? ? ? ? ? DA ? ? ? ? ? ? ? 未使用

From AP ? ? ? DA ? ? ? ? ? ? ? ? ? ? BSSID ? ? ? ? ? ? ? ?SA ? ? ? ? ? ? ? 未使用

18 ?4f ?32 ?0f ?a4 ?ed

18 = 0001 1000 ?4f = 0100 1111 ? 32 = 0011 0010 ? 0f = 0000 1111 ? ?a4 = 1011 0100 ? ? ed = 1110 1101

a0=0 ? ? ? ? ? ?a08=1 ? ? ? ? ? ?a16=0 ? ? ? ? ? ?a24=0 ? ? ? ? ? ? a32=0 ? ? ? ? ? ? ?a40=1

a1=0 ? ? ? ? ? ?a09=1 ? ? ? ? ? ?a17=1 ? ? ? ? ? ?a25=0 ? ? ? ? ? ? a33=0 ? ? ? ? ? ? ?a41=0

a2=0 ? ? ? ? ? ?a10=1 ? ? ? ? ? ?a18=0 ? ? ? ? ? ?a26=0 ? ? ? ? ? ? a34=1 ? ? ? ? ? ? ?a42=1

a3=1 ? ? ? ? ? ?a11=1 ? ? ? ? ? ?a19=0 ? ? ? ? ? ?a27=0 ? ? ? ? ? ? a35=0 ? ? ? ? ? ? ?a43=1

a4=1 ? ? ? ? ? ?a12=0 ? ? ? ? ? ?a20=1 ? ? ? ? ? ?a28=1 ? ? ? ? ? ? a36=1 ? ? ? ? ? ? ?a44=0

a5=0 ? ? ? ? ? ?a13=0 ? ? ? ? ? ?a21=1 ? ? ? ? ? ?a29=1 ? ? ? ? ? ? a37=1 ? ? ? ? ? ? ?a45=1

a6=0 ? ? ? ? ? ?a14=1 ? ? ? ? ? ?a22=0 ? ? ? ? ? ?a30=1 ? ? ? ? ? ? a38=0 ? ? ? ? ? ? ?a46=1

a7=0 ? ? ? ? ? ?a15=0 ? ? ? ? ? ?a23=0 ? ? ? ? ? ?a31=1 ? ? ? ? ? ? a39=1 ? ? ? ? ? ? ?a47=1

1.6 SequenceControl#2字節# 16位

b0 b1 b2 b3: 代表片段編號 Fragment Number 用于控制分片幀 ?如果MAC幀數量太大 MAC層會分片發送

b4.b5..b15: 代表 幀順序編號Sequence Number STA每次發送數據幀都會設置一個幀順序編號控制幀沒有編號(太短) 重傳幀不使用新的編號

【No.】0.000309000【Time】XX【Source】HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (RA)【Description】802.11【Protocal】14【Length】Clear-to-send, Flags=.........【Info】

十六進制 : c4 ?00 a4 00 18 4f 32 0f ? ?a4 ed 00 00 00 00

二進制: ?【c4 ? ? ? ? ? ? ? ?00 Frame Control】 ? ? ? ? ? ?【a4 ? ? ? ? ? ?00 ?Duration】

1100 0100 ? ? ?0000 0000 ? ? ? ? ? ? ? ? ? ? 1010 0100 ? ? 0000 0000

【18 ? ? ? ? ? 4f ? ? ? ? ? ?32 ? ? ? ? ? ? 0f ? ? ? ? ? a4 ? ? ? ? ed ? ?RA】

0001 1000 ? ?0100 1111 ? ? 0011 0010 ? ? 0000 1111 ? ? 1010 0100 ? 11101101

【00 ? ? ? ? ? ? 00 ? ? ? ? ? 00 ? ? ? ? ? ?00 ? FCS】

0000 0000 ? ?0000 0000 ? ? 0000 0000 ? ? 0000 0000

Frame 2: 14 bytes on wire (112 bits), 14 bytes captured (112 bits)

Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22)

Arrival Time: Sep 22, 2016 15:01:56.375736900 ?й??????? ?// 到達時間

[Time shift for this packet: 0.000000000 seconds]

Epoch Time: 1474527716.375736900 seconds ? ?// Epoch 新紀元時間 1970年1月1日00:00:00 UTC 開始所經過的秒數

[Time delta from previous captured frame: 0.000309000 seconds] //與上一幀捕獲時間間隔

[Time delta from previous displayed frame: 0.000309000 seconds]//與上一幀展示時間間隔

[Time since reference or first frame: 0.000309000 seconds] ?// 與第一幀時間間隔

Frame Number: 2 ?// 捕獲的第幾幀

Frame Length: 14 bytes (112 bits) // 幀長度

Capture Length: 14 bytes (112 bits) // 捕獲的幀長度

[Frame is marked: False] ? // 幀是否

[Frame is ignored: False] ? ?// 幀是否忽略

[Protocols in frame: wlan_radio:wlan] ?//幀使用的協議

[Coloring Rule Name: Checksum Errors] //著色規則

[Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch]

802.11 radio information ? //WIFI信號相關信息

PHY type: 802.11n (7) ?// 使用802.11n WIFI協議

Bandwidth: 20 MHz (0) ?//帶寬

Data rate: 1.0 Mb/s ?//數據傳輸速率

Channel: 1 ? ? //信道號

Frequency: 2412 MHz ?//信道頻率

Signal strength (percentage): 34% ?// 信號強度 百分比

Signal strength (dBm): -76 dBm // 本機的信號強度dBm的(分貝毫瓦)一般用負數表示，正常范圍是從-110dBm的(差)到-50dBm的(好)信號的變化

Noise level (percentage): 13% // 信噪強度 百分比

Noise level (dBm): -86 dBm// 信噪強度 dBm 一般用負數表示

IEEE 802.11 Clear-to-send, Flags: ......... ?// CTS(14字節 Clear To Send)允許發送回應幀

Type/Subtype: Clear-to-send (0x001c)

Frame Control Field: 0xc400

.... ..00 = Version: 0

.... 01.. = Type: Control frame (1)

1100 .... = Subtype: 12

Flags: 0x00

.... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00)

.... .0.. = More Fragments: This is the last fragment

.... 0... = Retry: Frame is not being retransmitted

...0 .... = PWR MGT: STA will stay up

..0. .... = More Data: No data buffered

.0.. .... = Protected flag: Data is not protected

0... .... = Order flag: Not strictly ordered

.000 0000 1010 0100 = Duration: 164 microseconds // 一百萬分之一秒 164微秒

Receiver address: HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) //該MAC地址前24位的廠商是 HonHaiPr 鴻?？萍技瘓F

Frame check sequence: 0x00000000 [incorrect, should be 0x8af051cc]

[Good: False]

[Bad: True]

3【No.】0.000499000【Time】10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4) (TA)【Source】 HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed) (RA)【Destination】802.11【Protocal】34【Length】802.11 Block Ack, Flags=.........【Info】

Block ACK幀 (Request-to-send) 字節可變 【2 Frame Control】 【2 Duration】【6 RA】【6 TA】【4 FCS】

Block Ack通過將一幀一確認的普通傳輸方式修改為連續傳輸多個幀然后一次確認多個幀的方式，來提高MAC層的傳輸效率。

N個包的傳輸可節省N*DIFS的時間，在犧牲一定可靠性的基礎上達到了提高傳輸帶寬的能力

94 00 【2 Frame Control】

3e 00 【2 Duration】

18 4f 32 0f a4 ed 【6 RA】

10 0e 0e 20 6a f4 【6 TA】

05 00 【2 Block Ack Request Contro 一些屬性值】 wlan.ba.basic.tidinfo

90 96 【2 Starting Sequence Control (SSC) 】

ff ff ff ff ff ff ff ff 【8 wlan.ba.bitmap】

00 20 【2 XXX】

00 00 00 00 【4 FCS】

Frame 3: 34 bytes on wire (272 bits), 34 bytes captured (272 bits)

Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22)

Arrival Time: Sep 22, 2016 15:01:56.375926900 ?й???????

[Time shift for this packet: 0.000000000 seconds]

Epoch Time: 1474527716.375926900 seconds

[Time delta from previous captured frame: 0.000190000 seconds]

[Time delta from previous displayed frame: 0.000190000 seconds]

[Time since reference or first frame: 0.000499000 seconds]

Frame Number: 3

Frame Length: 34 bytes (272 bits)

Capture Length: 34 bytes (272 bits)

[Frame is marked: False]

[Frame is ignored: False]

[Protocols in frame: wlan_radio:wlan]

[Coloring Rule Name: Checksum Errors]

[Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch]

802.11 radio information

PHY type: 802.11n (7)

Bandwidth: 20 MHz (0)

Data rate: 24.0 Mb/s

Channel: 1

Frequency: 2412 MHz

Signal strength (percentage): 34%

Signal strength (dBm): -78 dBm

Noise level (percentage): 18%

Noise level (dBm): -85 dBm

IEEE 802.11 802.11 Block Ack, Flags: .........

Type/Subtype: 802.11 Block Ack (0x0019)

Frame Control Field: 0x9400

.... ..00 = Version: 0

.... 01.. = Type: Control frame (1)

1001 .... = Subtype: 9 // 對應該項在圖片中不存在，新加入?

Flags: 0x00

.000 0000 0011 1110 = Duration: 62 microseconds

Receiver address: HonHaiPr_0f:a4:ed (18:4f:32:0f:a4:ed)

Transmitter address: 10:0e:0e:20:6a:f4 (10:0e:0e:20:6a:f4)

.... .10. = Block Ack Type: Compressed Block (0x02)

Block Ack Request Control: 0x0005

.... .... .... ...1 = BAR Ack Policy: Immediate Acknowledgement Required

.... .... .... ..0. = Multi-TID: False

.... .... .... .1.. = Compressed Bitmap: True

.... 0000 0000 0... = Reserved: 0x0000

0000 .... .... .... = TID for which a Basic BlockAck frame is requested: 0x0000

Block Ack Starting Sequence Control (SSC): 0x9690

.... .... .... 0000 = Fragment: 0

1001 0110 1001 .... = Starting Sequence Number: 2409

Block Ack Bitmap: ffffffffffffffff

Frame check sequence: 0x00000000 [incorrect, should be 0x80029083]

13【No.】0.025490000【Time】 【Source】 02:f8:1c:b0:fc:32 (02:f8:1c:b0:fc:32) (RA)【Destination】802.11【Protocal】20【Length】 Acknowledgement, Flags=........C【Info】

ACK幀 Acknowledgement 固定14字節 【2 Frame Control】 【2 Duration】【6 RA】【4 FCS】

0000 d4 00 00 00 02 f8 1c b0 fc 32 00 00 00 00

d4 00 【2 Frame Control 】

00 00 【2 Duration 】

02 f8 1c b0 fc 32【6 RA 】

00 00 00 00 【4 FCS】

Frame 13: 14 bytes on wire (112 bits), 14 bytes captured (112 bits)

Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22)

Arrival Time: Sep 22, 2016 15:01:56.400917900 ?й???????

[Time shift for this packet: 0.000000000 seconds]

Epoch Time: 1474527716.400917900 seconds

[Time delta from previous captured frame: 0.001313000 seconds]

[Time delta from previous displayed frame: 0.001313000 seconds]

[Time since reference or first frame: 0.025490000 seconds]

Frame Number: 13

Frame Length: 14 bytes (112 bits)

Capture Length: 14 bytes (112 bits)

[Frame is marked: False]

[Frame is ignored: False]

[Protocols in frame: wlan_radio:wlan]

[Coloring Rule Name: Checksum Errors]

[Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch]

802.11 radio information

PHY type: 802.11n (7)

Bandwidth: 20 MHz (0)

Data rate: 1.0 Mb/s

Channel: 1

Frequency: 2412 MHz

Signal strength (percentage): 76%

Signal strength (dBm): -64 dBm

Noise level (percentage): 68%

Noise level (dBm): -65 dBm

IEEE 802.11 Acknowledgement, Flags: .........

Type/Subtype: Acknowledgement (0x001d)

Frame Control Field: 0xd400

.... ..00 = Version: 0

.... 01.. = Type: Control frame (1)

1101 .... = Subtype: 13

Flags: 0x00

.... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00)

.... .0.. = More Fragments: This is the last fragment

.... 0... = Retry: Frame is not being retransmitted

...0 .... = PWR MGT: STA will stay up

..0. .... = More Data: No data buffered

.0.. .... = Protected flag: Data is not protected

0... .... = Order flag: Not strictly ordered

.000 0000 0000 0000 = Duration: 0 microseconds

Receiver address: 02:f8:1c:b0:fc:32 (02:f8:1c:b0:fc:32)

Frame check sequence: 0x00000000 [incorrect, should be 0xd414b32f]

[Good: False]

[Bad: True]

54.Beacon frame

54【No.】0.188058000【Time】 Tp-LinkT_d4:30:e2【Source】Broadcast【Description】802.11【Protocal】181【Length】Beacon frame, SN=3412, FN=0, Flags=........., BI=100, SSID=ceshi_BD1_cuihongwei【Info】

0000 80 00 00 00 ff ff ff ff ff ff d0 c7 c0 d4 30 e2 ..............0.

0010 d0 c7 c0 d4 30 e2 40 d5 80 e1 40 ac 00 00 00 00 ....0.@...@.....

0020 64 00 31 04 00 14 63 65 73 68 69 5f 42 44 31 5f d.1...ceshi_BD1_

0030 63 75 69 68 6f 6e 67 77 65 69 01 08 82 84 8b 96 cuihongwei......

0040 8c 12 98 24 03 01 01 05 04 00 01 00 00 07 06 43 ...$...........C

0050 4e 20 01 0d 20 2a 01 00 30 14 01 00 00 0f ac 04 N .. *..0.......

0060 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00 32 04 ..............2.

0070 b0 48 60 6c dd 16 00 50 f2 01 01 00 00 50 f2 04 .H`l...P.....P..

0080 01 00 00 50 f2 04 01 00 00 50 f2 02 dd 18 00 50 ...P.....P.....P

0090 f2 02 01 01 03 00 03 a4 00 00 27 a4 00 00 42 43 ..........'...BC

00a0 5e 00 62 32 2f 00 dd 09 00 03 7f 01 01 00 00 ff ^.b2/...........

00b0 7f 00 00 00 00 .....

Frame 54: 181 bytes on wire (1448 bits), 181 bytes captured (1448 bits)

Encapsulation type: IEEE 802.11 Wireless LAN with radio information (22)

Arrival Time: Sep 22, 2016 15:01:56.563485900 ?й???????

[Time shift for this packet: 0.000000000 seconds]

Epoch Time: 1474527716.563485900 seconds

[Time delta from previous captured frame: 0.001705000 seconds]

[Time delta from previous displayed frame: 0.001705000 seconds]

[Time since reference or first frame: 0.188058000 seconds]

Frame Number: 54

Frame Length: 181 bytes (1448 bits)

Capture Length: 181 bytes (1448 bits)

[Frame is marked: False]

[Frame is ignored: False]

[Protocols in frame: wlan_radio:wlan]

[Coloring Rule Name: Checksum Errors]

[Coloring Rule String [truncated]: eth.fcs_bad==1 || ip.checksum_bad==1 || tcp.checksum_bad==1 || udp.checksum_bad==1 || sctp.checksum_bad==1 || mstp.checksum_bad==1 || cdp.checksum_bad==1 || edp.checksum_bad==1 || wlan.fcs_bad==1 || stt.ch]

802.11 radio information

PHY type: 802.11n (7)

Bandwidth: 20 MHz (0)

Data rate: 1.0 Mb/s

Channel: 1

Frequency: 2412 MHz

Signal strength (percentage): 100%

Signal strength (dBm): -20 dBm

Noise level (percentage): 100%

Noise level (dBm): -20 dBm

IEEE 802.11 Beacon frame, Flags: .........

Type/Subtype: Beacon frame (0x0008)

Frame Control Field: 0x8000

.... ..00 = Version: 0

.... 00.. = Type: Management frame (0)

1000 .... = Subtype: 8

Flags: 0x00

.... ..00 = DS status: Not leaving DS or network is operating in AD-HOC mode (To DS: 0 From DS: 0) (0x00)

.... .0.. = More Fragments: This is the last fragment

.... 0... = Retry: Frame is not being retransmitted

...0 .... = PWR MGT: STA will stay up

..0. .... = More Data: No data buffered

.0.. .... = Protected flag: Data is not protected

0... .... = Order flag: Not strictly ordered

.000 0000 0000 0000 = Duration: 0 microseconds

Receiver address: Broadcast (ff:ff:ff:ff:ff:ff)

Destination address: Broadcast (ff:ff:ff:ff:ff:ff)

Transmitter address: Tp-LinkT_d4:30:e2 (d0:c7:c0:d4:30:e2)

Source address: Tp-LinkT_d4:30:e2 (d0:c7:c0:d4:30:e2)

BSS Id: Tp-LinkT_d4:30:e2 (d0:c7:c0:d4:30:e2)

.... .... .... 0000 = Fragment number: 0

1101 0101 0100 .... = Sequence number: 3412

Frame check sequence: 0x00000000 [incorrect, should be 0x54cabeba]

[Good: False]

[Bad: True]

IEEE 802.11 wireless LAN management frame

Fixed parameters (12 bytes)

Timestamp: 0x00000000ac40e180

Beacon Interval: 0.102400 [Seconds]

Capabilities Information: 0x0431

.... .... .... ...1 = ESS capabilities: Transmitter is an AP

.... .... .... ..0. = IBSS status: Transmitter belongs to a BSS

.... ..0. .... 00.. = CFP participation capabilities: No point coordinator at AP (0x0000)

.... .... ...1 .... = Privacy: AP/STA can support WEP

.... .... ..1. .... = Short Preamble: Allowed

.... .... .0.. .... = PBCC: Not Allowed

.... .... 0... .... = Channel Agility: Not in use

.... ...0 .... .... = Spectrum Management: Not Implemented

.... .1.. .... .... = Short Slot Time: In use

.... 0... .... .... = Automatic Power Save Delivery: Not Implemented

...0 .... .... .... = Radio Measurement: Not Implemented

..0. .... .... .... = DSSS-OFDM: Not Allowed

.0.. .... .... .... = Delayed Block Ack: Not Implemented

0... .... .... .... = Immediate Block Ack: Not Implemented

Tagged parameters (141 bytes)

Tag: SSID parameter set: ceshi_BD1_cuihongwei

Tag Number: SSID parameter set (0)

Tag length: 20

SSID: ceshi_BD1_cuihongwei

Tag: Supported Rates 1(B), 2(B), 5.5(B), 11(B), 6(B), 9, 12(B), 18, [Mbit/sec]

Tag Number: Supported Rates (1)

Tag length: 8

Supported Rates: 1(B) (0x82)

Supported Rates: 2(B) (0x84)

Supported Rates: 5.5(B) (0x8b)

Supported Rates: 11(B) (0x96)

Supported Rates: 6(B) (0x8c)

Supported Rates: 9 (0x12)

Supported Rates: 12(B) (0x98)

Supported Rates: 18 (0x24)

Tag: DS Parameter set: Current Channel: 1

Tag Number: DS Parameter set (3)

Tag length: 1

Current Channel: 1

Tag: Traffic Indication Map (TIM): DTIM 0 of 0 bitmap

Tag Number: Traffic Indication Map (TIM) (5)

Tag length: 4

DTIM count: 0

DTIM period: 1

Bitmap control: 0x00

.... ...0 = Multicast: False

0000 000. = Bitmap Offset: 0x00

Partial Virtual Bitmap: 00

Tag: Country Information: Country Code CN, Environment Any

Tag Number: Country Information (7)

Tag length: 6

Code: CN

Environment: Any (0x20)

Country Info: First Channel Number: 1, Number of Channels: 13, Maximum Transmit Power Level: 32 dBm

First Channel Number: 1

Number of Channels: 13

Maximum Transmit Power Level (in dBm): 32

Tag: ERP Information

Tag Number: ERP Information (42)

Tag length: 1

ERP Information: 0x00

.... ...0 = Non ERP Present: Not set

.... ..0. = Use Protection: Not set

.... .0.. = Barker Preamble Mode: Not set

0000 0... = Reserved: 0x00

Tag: RSN Information

Tag Number: RSN Information (48)

Tag length: 20

RSN Version: 1

Group Cipher Suite: 00-0f-ac AES (CCM)

Group Cipher Suite OUI: 00-0f-ac

Group Cipher Suite type: AES (CCM) (4)

Pairwise Cipher Suite Count: 1

Pairwise Cipher Suite List 00-0f-ac AES (CCM)

Pairwise Cipher Suite: 00-0f-ac AES (CCM)

Pairwise Cipher Suite OUI: 00-0f-ac

Pairwise Cipher Suite type: AES (CCM) (4)

Auth Key Management (AKM) Suite Count: 1

Auth Key Management (AKM) List 00-0f-ac PSK

Auth Key Management (AKM) Suite: 00-0f-ac PSK

Auth Key Management (AKM) OUI: 00-0f-ac

Auth Key Management (AKM) type: PSK (2)

RSN Capabilities: 0x0000

.... .... .... ...0 = RSN Pre-Auth capabilities: Transmitter does not support pre-authentication

.... .... .... ..0. = RSN No Pairwise capabilities: Transmitter can support WEP default key 0 simultaneously with Pairwise key

.... .... .... 00.. = RSN PTKSA Replay Counter capabilities: 1 replay counter per PTKSA/GTKSA/STAKeySA (0x0000)

.... .... ..00 .... = RSN GTKSA Replay Counter capabilities: 1 replay counter per PTKSA/GTKSA/STAKeySA (0x0000)

.... .... .0.. .... = Management Frame Protection Required: False

.... .... 0... .... = Management Frame Protection Capable: False

.... ...0 .... .... = Joint Multi-band RSNA: False

.... ..0. .... .... = PeerKey Enabled: False

Tag: Extended Supported Rates 24(B), 36, 48, 54, [Mbit/sec]

Tag Number: Extended Supported Rates (50)

Tag length: 4

Extended Supported Rates: 24(B) (0xb0)

Extended Supported Rates: 36 (0x48)

Extended Supported Rates: 48 (0x60)

Extended Supported Rates: 54 (0x6c)

Tag: Vendor Specific: Microsof: WPA Information Element

Tag Number: Vendor Specific (221)

Tag length: 22

OUI: 00-50-f2

Vendor Specific OUI Type: 1

Type: WPA Information Element (0x01)

WPA Version: 1

Multicast Cipher Suite: 00-50-f2 AES (CCM)

Multicast Cipher Suite OUI: 00-50-f2

Multicast Cipher Suite type: AES (CCM) (4)

Unicast Cipher Suite Count: 1

Unicast Cipher Suite List 00-50-f2 AES (CCM)

Unicast Cipher Suite: 00-50-f2 AES (CCM)

Unicast Cipher Suite OUI: 00-50-f2

Unicast Cipher Suite type: AES (CCM) (4)

Auth Key Management (AKM) Suite Count: 1

Auth Key Management (AKM) List 00-50-f2 PSK

Auth Key Management (AKM) Suite: 00-50-f2 PSK

Auth Key Management (AKM) OUI: 00-50-f2

Auth Key Management (AKM) type: PSK (2)

Tag: Vendor Specific: Microsof: WMM/WME: Parameter Element

Tag Number: Vendor Specific (221)

Tag length: 24

OUI: 00-50-f2

Vendor Specific OUI Type: 2

Type: WMM/WME (0x02)

WME Subtype: Parameter Element (1)

WME Version: 1

WME QoS Info: 0x03

0... .... = U-APSD: Disabled

.... 0011 = Parameter Set Count: 0x03

.000 .... = Reserved: 0x00

Reserved: 00

Ac Parameters ACI 0 (Best Effort), ACM no, AIFSN 3, ECWmin 4, ECWmax 10, TXOP 0

ACI / AIFSN Field: 0x03

.00. .... = ACI: Best Effort (0)

...0 .... = Admission Control Mandatory: No

.... 0011 = AIFSN: 3

0... .... = Reserved: 0

ECW: 0xa4

1010 .... = ECW Max: 10

.... 0100 = ECW Min: 4

TXOP Limit: 0

Ac Parameters ACI 1 (Background), ACM no, AIFSN 7, ECWmin 4, ECWmax 10, TXOP 0

ACI / AIFSN Field: 0x27

.01. .... = ACI: Background (1)

...0 .... = Admission Control Mandatory: No

.... 0111 = AIFSN: 7

0... .... = Reserved: 0

ECW: 0xa4

1010 .... = ECW Max: 10

.... 0100 = ECW Min: 4

TXOP Limit: 0

Ac Parameters ACI 2 (Video), ACM no, AIFSN 2, ECWmin 3, ECWmax 4, TXOP 94

ACI / AIFSN Field: 0x42

.10. .... = ACI: Video (2)

...0 .... = Admission Control Mandatory: No

.... 0010 = AIFSN: 2

0... .... = Reserved: 0

ECW: 0x43

0100 .... = ECW Max: 4

.... 0011 = ECW Min: 3

TXOP Limit: 94

Ac Parameters ACI 3 (Voice), ACM no, AIFSN 2, ECWmin 2, ECWmax 3, TXOP 47

ACI / AIFSN Field: 0x62

.11. .... = ACI: Voice (3)

...0 .... = Admission Control Mandatory: No

.... 0010 = AIFSN: 2

0... .... = Reserved: 0

ECW: 0x32

0011 .... = ECW Max: 3

.... 0010 = ECW Min: 2

TXOP Limit: 47

Tag: Vendor Specific: AtherosC: Advanced Capability

Tag Number: Vendor Specific (221)

Tag length: 9

OUI: 00-03-7f

Vendor Specific OUI Type: 1

Type: Advanced Capability (0x01)

Subtype: 0x01

Version: 0x00

Capabilities: 0x00

.... ...0 = Turbo Prime: False

.... ..0. = Compression: False

.... .0.. = Fast Frames: False

.... 0... = eXtended Range: False

...0 .... = Advanced Radar: False

..0. .... = Burst: False

.0.. .... = CWMin tuning: False

0... .... = Boost: False

Default key index: 0x7fff

總結

以上是生活随笔為你收集整理的becon帧 wifi_WireShark对于WIFI数据帧的分析的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。