1 changed files with 7 additions and 108 deletions
--- a/test_monitor_tshark.sh
+++ b/test_monitor_tshark.sh
@ -194,7 +194,8 @@ else
 fi

 # Now parse the pcap file to extract fields
-# Only extract 802.11 header fields - data payloads are encrypted
+# Don't use display filter - extract all frames and handle missing fields gracefully
+# Use -E header=y to include field names, then parse
 CAPTURE_OUTPUT=$(tshark -q -r "$TEMP_PCAP" -n -T fields \
    -e frame.number \
    -e frame.time \
@ -203,9 +204,6 @@ CAPTURE_OUTPUT=$(tshark -q -r "$TEMP_PCAP" -n -T fields \
    -e wlan.fc.type \
    -e wlan.fc.subtype \
    -e wlan.fc.type_subtype \
-    -e wlan.fc.protected \
-    -e wlan.fc.retry \
-    -e wlan.duration \
    -e radiotap.present \
    2>&1 | grep -v "^tshark:" | grep -v "^Running as" | grep -v "^Capturing" || true)

@ -246,8 +244,8 @@ if [ "$FINAL_COUNT" -lt "$RAW_PACKET_COUNT" ] && [ "$RAW_PACKET_COUNT" -gt 10 ];
 fi

 # Count packets with PLCP headers (radiotap present)
-# radiotap.present is field 11 (after frame.number, frame.time, wlan.ra, wlan.ta, wlan.fc.type, wlan.fc.subtype, wlan.fc.type_subtype, wlan.fc.protected, wlan.fc.retry, wlan.duration)
-PLCP_COUNT=$(echo "$PACKET_LINES" | awk -F'\t' 'NF >= 11 && $1 != "" && $11 != "" && $11 != "0" && $11 != "-" {count++} END {print count+0}' || echo "0")
+# radiotap.present field is the 8th field (after frame.number, frame.time, wlan.ra, wlan.ta, wlan.fc.type, wlan.fc.subtype, wlan.fc.type_subtype)
+PLCP_COUNT=$(echo "$PACKET_LINES" | awk -F'\t' 'NF >= 8 && $1 != "" && $8 != "" && $8 != "0" && $8 != "-" {count++} END {print count+0}' || echo "0")

 # Display stats immediately - always show these
 echo "Total packets captured: $FINAL_COUNT"
@ -267,13 +265,9 @@ if [ -n "$PACKET_LINES" ] && [ "$FINAL_COUNT" -gt 0 ]; then
        ta = ($4 != "" && $4 != "-") ? $4 : "N/A"
        type = ($5 != "" && $5 != "-") ? $5 : "N/A"
        subtype = ($6 != "" && $6 != "-") ? $6 : "N/A"
-        protected = ($8 == "1" || $8 == "1.0") ? "encrypted" : "unencrypted"
-        retry = ($9 == "1" || $9 == "1.0") ? "retry" : ""
-        duration = ($10 != "" && $10 != "-") ? $10 : "N/A"
-        radiotap = ($11 == "1" || $11 == "1.0") ? "yes" : (($11 != "" && $11 != "-") ? "no" : "N/A")
-        retry_str = (retry != "") ? sprintf(" [%s]", retry) : ""
-        printf "  Frame %s: RA=%s, TA=%s, type=%s/%s, %s, dur=%s, PLCP=%s%s\n",
-            $1, ra, ta, type, subtype, protected, duration, radiotap, retry_str
+        radiotap = ($8 == "1" || $8 == "1.0") ? "yes" : (($8 != "" && $8 != "-") ? "no" : "N/A")
+        printf "  Frame %s: RA=%s, TA=%s, type=%s/%s, PLCP=%s\n",
+            $1, ra, ta, type, subtype, radiotap
    }'
    echo ""
    
@ -301,101 +295,6 @@ if [ -n "$PACKET_LINES" ] && [ "$FINAL_COUNT" -gt 0 ]; then
        echo "  (no valid RA/TA pairs found)"
    fi
    echo ""
-    
-    # Frame type breakdown
-    echo "Frame type breakdown:"
-    echo "$PACKET_LINES" | awk -F'\t' '{
-        type = ($5 != "" && $5 != "-") ? $5 : "unknown"
-        subtype = ($6 != "" && $6 != "-") ? $6 : "unknown"
-        type_name = "Unknown"
-        if (type == "0") type_name = "Management"
-        else if (type == "1") type_name = "Control"
-        else if (type == "2") type_name = "Data"
-        count[type_name]++
-    }
-    END {
-        for (t in count) {
-            printf "  %s: %d frame(s)\n", t, count[t]
-        }
-    }' | sort -rn
-    echo ""
-    
-    # Analyze data frames (iperf uses QoS Data frames, subtype 8)
-    echo "Data frame analysis (iperf typically uses QoS Data frames, subtype 8):"
-    DATA_FRAMES=$(echo "$PACKET_LINES" | awk -F'\t' '{
-        type = ($5 != "" && $5 != "-") ? $5 : ""
-        subtype = ($6 != "" && $6 != "-") ? $6 : ""
-        if (type == "2" && subtype == "8") {  # QoS Data frames
-            print $0
-        }
-    }')
-    DATA_COUNT=$(echo "$DATA_FRAMES" | wc -l || echo "0")
-    echo "  QoS Data frames (type 2, subtype 8): $DATA_COUNT"
-    
-    # Count encrypted vs unencrypted data frames
-    ENCRYPTED_DATA=$(echo "$DATA_FRAMES" | awk -F'\t' '$8 == "1" || $8 == "1.0" {count++} END {print count+0}')
-    UNENCRYPTED_DATA=$(echo "$DATA_FRAMES" | awk -F'\t' '$8 != "1" && $8 != "1.0" && $8 != "" && $8 != "-" {count++} END {print count+0}')
-    echo "    Encrypted: $ENCRYPTED_DATA"
-    echo "    Unencrypted: $UNENCRYPTED_DATA"
-    
-    if [ "$DATA_COUNT" -gt 0 ]; then
-        echo "  Sample QoS Data frames (likely iperf traffic):"
-        echo "$DATA_FRAMES" | head -5 | awk -F'\t' '{
-            ra = ($3 != "" && $3 != "-") ? $3 : "N/A"
-            ta = ($4 != "" && $4 != "-") ? $4 : "N/A"
-            protected = ($8 == "1" || $8 == "1.0") ? "encrypted" : "unencrypted"
-            retry = ($9 == "1" || $9 == "1.0") ? "retry" : ""
-            duration = ($10 != "" && $10 != "-") ? $10 : "N/A"
-            retry_str = (retry != "") ? sprintf(" [%s]", retry) : ""
-            printf "    Frame %s: RA=%s, TA=%s, %s, dur=%s%s\n",
-                $1, ra, ta, protected, duration, retry_str
-        }'
-    fi
-    echo ""
-    
-    # Frames involving server MAC (80:84:89:93:c4:b6)
-    echo "Frames involving server MAC (80:84:89:93:c4:b6):"
-    SERVER_MAC="80:84:89:93:c4:b6"
-    SERVER_FRAMES=$(echo "$PACKET_LINES" | awk -F'\t' -v mac="$SERVER_MAC" '{
-        ra = ($3 != "" && $3 != "-") ? $3 : ""
-        ta = ($4 != "" && $4 != "-") ? $4 : ""
-        if (ra == mac || ta == mac) {
-            print $0
-        }
-    }')
-    SERVER_COUNT=$(echo "$SERVER_FRAMES" | wc -l || echo "0")
-    echo "  Total frames with server MAC: $SERVER_COUNT"
-    if [ "$SERVER_COUNT" -gt 0 ]; then
-        echo "  Frame type breakdown:"
-        echo "$SERVER_FRAMES" | awk -F'\t' '{
-            type = ($5 != "" && $5 != "-") ? $5 : "unknown"
-            subtype = ($6 != "" && $6 != "-") ? $6 : "unknown"
-            type_name = "Unknown"
-            if (type == "0") type_name = "Management"
-            else if (type == "1") type_name = "Control"
-            else if (type == "2") type_name = "Data"
-            count[type_name]++
-        }
-        END {
-            for (t in count) {
-                printf "    %s: %d frame(s)\n", t, count[t]
-            }
-        }' | sort -rn
-        echo "  Sample frames:"
-        echo "$SERVER_FRAMES" | head -5 | awk -F'\t' '{
-            ra = ($3 != "" && $3 != "-") ? $3 : "N/A"
-            ta = ($4 != "" && $4 != "-") ? $4 : "N/A"
-            type = ($5 != "" && $5 != "-") ? $5 : "N/A"
-            subtype = ($6 != "" && $6 != "-") ? $6 : "N/A"
-            protected = ($8 == "1" || $8 == "1.0") ? "encrypted" : "unencrypted"
-            retry = ($9 == "1" || $9 == "1.0") ? "retry" : ""
-            duration = ($10 != "" && $10 != "-") ? $10 : "N/A"
-            retry_str = (retry != "") ? sprintf(" [%s]", retry) : ""
-            printf "    Frame %s: RA=%s, TA=%s, type=%s/%s, %s, dur=%s%s\n",
-                $1, ra, ta, type, subtype, protected, duration, retry_str
-        }'
-    fi
-    echo ""
 else
    echo "(No packets captured)"
    echo ""