diff --git a/test_monitor_tshark.sh b/test_monitor_tshark.sh index 6409c22..b7bb389 100755 --- a/test_monitor_tshark.sh +++ b/test_monitor_tshark.sh @@ -84,7 +84,13 @@ echo "(This may take up to 2 seconds if no packets are present)" # Use timeout with -c to limit packets and avoid hanging # Capture both stdout and stderr -TEST_OUTPUT=$(timeout 2 tshark -i "$INTERFACE" -c 100 -T fields -e frame.number -e radiotap.present 2>&1 || true) +# Fields: frame.number, wlan.addr1 (RA/Receiver Address), wlan.addr2 (TA/Transmitter Address), radiotap.present +TEST_OUTPUT=$(timeout 2 tshark -i "$INTERFACE" -c 100 -T fields \ + -e frame.number \ + -e wlan.addr1 \ + -e wlan.addr2 \ + -e radiotap.present \ + 2>&1 || true) TEST_EXIT_CODE=${PIPESTATUS[0]} # Show any warnings/errors from tshark (but not packet data) @@ -94,15 +100,17 @@ echo "$TEST_OUTPUT" | grep -E "(Running as|tshark:|Warning|Error|Capturing)" || PACKET_LINES=$(echo "$TEST_OUTPUT" | grep -E '^[0-9]+' || true) PACKET_COUNT=$(echo "$PACKET_LINES" | wc -l || echo "0") -# Count lines with both frame.number and radiotap.present (non-empty second field) -PLCP_COUNT=$(echo "$PACKET_LINES" | awk -F'\t' 'NF >= 2 && $1 != "" && $2 != "" && $2 != "0" && $2 != "-" {count++} END {print count+0}' || echo "0") +# Count lines with radiotap.present (4th field) set to 1 +PLCP_COUNT=$(echo "$PACKET_LINES" | awk -F'\t' 'NF >= 4 && $1 != "" && $4 != "" && $4 != "0" && $4 != "-" {count++} END {print count+0}' || echo "0") # Show sample output with better formatting if [ "$PACKET_COUNT" -gt 0 ]; then echo "Sample packets:" echo "$PACKET_LINES" | head -5 | awk -F'\t' '{ - radiotap = ($2 == "1" || $2 == "1.0") ? "yes" : "no" - printf " Frame %s: PLCP header (radiotap) = %s\n", $1, radiotap + ra = ($2 != "" && $2 != "-") ? $2 : "N/A" + ta = ($3 != "" && $3 != "-") ? $3 : "N/A" + radiotap = ($4 == "1" || $4 == "1.0") ? "yes" : "no" + printf " Frame %s: RA=%s, TA=%s, PLCP=%s\n", $1, ra, ta, radiotap }' fi @@ -123,17 +131,26 @@ echo "" echo "Capturing packets for $DURATION seconds..." # Run capture with timeout +# Note: timeout returns 124 when it times out (expected), so we need to handle that +set +e # Temporarily disable exit on error CAPTURE_OUTPUT=$(timeout "$DURATION" tshark -i "$INTERFACE" -n -T fields \ -e frame.number \ -e frame.time \ - -e wlan.sa \ - -e wlan.da \ + -e wlan.addr1 \ + -e wlan.addr2 \ -e wlan.fc.type \ -e wlan.fc.subtype \ -e wlan.fc.type_subtype \ -e radiotap.present \ 2>&1) CAPTURE_EXIT_CODE=$? +set -e # Re-enable exit on error + +# Exit code 124 means timeout occurred (expected), 0 means command completed normally +# Other exit codes indicate actual errors +if [ "$CAPTURE_EXIT_CODE" -ne 0 ] && [ "$CAPTURE_EXIT_CODE" -ne 124 ]; then + echo "Warning: tshark exited with code $CAPTURE_EXIT_CODE" +fi # Force output flush sync @@ -155,7 +172,7 @@ PACKET_LINES=$(echo "$CAPTURE_OUTPUT" | grep -E '^[0-9]+\t' || true) FINAL_COUNT=$(echo "$PACKET_LINES" | wc -l || echo "0") # Count packets with PLCP headers (radiotap present) -# radiotap.present field is the 8th field (after frame.number, frame.time, wlan.sa, wlan.da, wlan.fc.type, wlan.fc.subtype, wlan.fc.type_subtype) +# radiotap.present field is the 8th field (after frame.number, frame.time, wlan.ra, wlan.ta, wlan.fc.type, wlan.fc.subtype, wlan.fc.type_subtype) PLCP_COUNT=$(echo "$PACKET_LINES" | awk -F'\t' 'NF >= 8 && $1 != "" && $8 != "" && $8 != "0" && $8 != "-" {count++} END {print count+0}' || echo "0") # Display stats immediately - always show these @@ -172,13 +189,13 @@ echo "" if [ -n "$PACKET_LINES" ] && [ "$FINAL_COUNT" -gt 0 ]; then echo "Sample packets (first 10):" echo "$PACKET_LINES" | head -10 | awk -F'\t' '{ - sa = ($3 != "" && $3 != "-") ? $3 : "N/A" - da = ($4 != "" && $4 != "-") ? $4 : "N/A" + ra = ($3 != "" && $3 != "-") ? $3 : "N/A" + ta = ($4 != "" && $4 != "-") ? $4 : "N/A" type = ($5 != "" && $5 != "-") ? $5 : "N/A" subtype = ($6 != "" && $6 != "-") ? $6 : "N/A" radiotap = ($8 == "1" || $8 == "1.0") ? "yes" : (($8 != "" && $8 != "-") ? "no" : "N/A") - printf " Frame %s: SA=%s, DA=%s, type=%s/%s, PLCP=%s\n", - $1, sa, da, type, subtype, radiotap + printf " Frame %s: RA=%s, TA=%s, type=%s/%s, PLCP=%s\n", + $1, ra, ta, type, subtype, radiotap }' echo "" else