- u8 u8aSendBuffer[500];
- char szErrbuf[PCAP_ERRBUF_SIZE];
- int nCaptureHeaderLength = 0, n80211HeaderLength = 0, nLinkEncap = 0;
- int nOrdinal = 0, r, nDelay = 100000;
- int nRateIndex = 0, retval, bytes;
- pcap_t *ppcap = NULL;
- struct bpf_program bpfprogram;
- char * szProgram = "", fBrokenSocket = 0;
- u16 u16HeaderLen;
- char szHostname[PATH_MAX];
-
- if (gethostname(szHostname, sizeof (szHostname) - 1)) {
- perror("unable to get hostname");
- }
- szHostname[sizeof (szHostname) - 1] = '\0';
-
-
- printf("Packetspammer (c)2007 Andy Green <andy@warmcat.com> GPL2\n");
-
- while (1) {
- int nOptionIndex;
- static const struct option optiona[] = {
- { "delay", required_argument, NULL, 'd' },
- { "fcs", no_argument, &flagMarkWithFCS, 1 },
- { "help", no_argument, &flagHelp, 1 },
- { "verbose", no_argument, &flagVerbose, 1},
- { 0, 0, 0, 0 }
- };
- int c = getopt_long(argc, argv, "d:hf",
- optiona, &nOptionIndex);
-
- if (c == -1)
- break;
- switch (c) {
- case 0: // long option
- break;
-
- case 'h': // help
- usage();
-
- case 'd': // delay
- nDelay = atoi(optarg);
- break;
-
- case 'f': // mark as FCS attached
- flagMarkWithFCS = 1;
- break;
-
- case 'v': //Verbose / readable output to cout
- flagVerbose = 1;
- break;
-
- default:
- printf("unknown switch %c\n", c);
- usage();
- break;
- }
- }
-
- if (optind >= argc)
- usage();
-
-
- // open the interface in pcap
-
- szErrbuf[0] = '\0';
- ppcap = pcap_open_live(argv[optind], 800, 1, 20, szErrbuf);
- if (ppcap == NULL) {
- printf("Unable to open interface %s in pcap: %s\n",
- argv[optind], szErrbuf);
- return (1);
- }
-
- //get mac from interface
-
- /*int sock, j, k;
- char mac[32];
-
- sock=socket(PF_INET, SOCK_STREAM, 0);
- if (-1==sock) {
- perror("can not open socket\n");
- return 1;
- }
-
- if (-1==ioctl(sock, SIOCGIFHWADDR, &ifr)) {
- perror("ioctl(SIOCGIFHWADDR) ");
- return 1;
- }
- for (j=0, k=0; j<6; j++) {
- k+=snprintf(mac+k, sizeof(mac)-k-1, j ? ":%02X" : "%02X",
- (int)(unsigned int)(unsigned char)ifr.ifr_hwaddr.sa_data[j]);
- }
- mac[sizeof(mac)-1]='\0';
- */
-
- //get header type
- nLinkEncap = pcap_datalink(ppcap);
- nCaptureHeaderLength = 0;
-
- switch (nLinkEncap) {
-
- case DLT_PRISM_HEADER:
- printf("DLT_PRISM_HEADER Encap\n");
- nCaptureHeaderLength = 0x40;
- n80211HeaderLength = 0x20; // ieee80211 comes after this
- szProgram = "radio[0x4a:4]==0x13223344";
- break;
-
- case DLT_IEEE802_11_RADIO:
- printf("DLT_IEEE802_11_RADIO Encap\n");
- nCaptureHeaderLength = 0x40;
- n80211HeaderLength = 0x18; // ieee80211 comes after this
- szProgram = "ether[0x0a:4]==0x13223344";
- break;
-
- default:
- printf("!!! unknown encapsulation on %s !\n", argv[1]);
- return (1);
-
- }
-
- if (pcap_compile(ppcap, &bpfprogram, szProgram, 1, 0) == -1) {
- puts(szProgram);
- puts(pcap_geterr(ppcap));
- return (1);
- } else {
- if (pcap_setfilter(ppcap, &bpfprogram) == -1) {
- puts(szProgram);
- puts(pcap_geterr(ppcap));
- } else {
- printf("RX Filter applied\n");
- }
- pcap_freecode(&bpfprogram);
- }
-
- pcap_setnonblock(ppcap, 1, szErrbuf);
-
- printf(" (delay between packets %dus)\n", nDelay);
-
- memset(u8aSendBuffer, 0, sizeof (u8aSendBuffer));
-
- while (!fBrokenSocket) {
- u8 * pu8 = u8aSendBuffer;
- struct pcap_pkthdr * ppcapPacketHeader = NULL;
- struct ieee80211_radiotap_iterator rti;
- PENUMBRA_RADIOTAP_DATA prd;
- u8 * pu8Payload = u8aSendBuffer;
- int n, nRate;
-
- // receive
-
- retval = pcap_next_ex(ppcap, &ppcapPacketHeader,
- (const u_char**)&pu8Payload);
-
- if (retval < 0) {
- fBrokenSocket = 1;
- continue;
- }
-
- if (retval != 1)
- goto do_tx;
-
- u16HeaderLen = (pu8Payload[2] + (pu8Payload[3] << 8));
-
- printf("rtap: ");
- Dump(pu8Payload, u16HeaderLen);
-
- if (ppcapPacketHeader->len <
- (u16HeaderLen + n80211HeaderLength))
- continue;
-
- bytes = ppcapPacketHeader->len -
- (u16HeaderLen + n80211HeaderLength);
- if (bytes < 0)
- continue;
-
- if (ieee80211_radiotap_iterator_init(&rti,
- (struct ieee80211_radiotap_header *)pu8Payload,
- bytes) < 0)
- continue;
-
- while ((n = ieee80211_radiotap_iterator_next(&rti)) == 0) {
-
- switch (rti.this_arg_index) {
- case IEEE80211_RADIOTAP_RATE:
- prd.m_nRate = (*rti.this_arg);
- break;
-
- case IEEE80211_RADIOTAP_CHANNEL:
- prd.m_nChannel =
- le16_to_cpu(*((u16 *)rti.this_arg));
- prd.m_nChannelFlags =
- le16_to_cpu(*((u16 *)(rti.this_arg + 2)));
- break;
-
- case IEEE80211_RADIOTAP_ANTENNA:
- prd.m_nAntenna = (*rti.this_arg) + 1;
- break;
-
- case IEEE80211_RADIOTAP_FLAGS:
- prd.m_nRadiotapFlags = *rti.this_arg;
- break;
-
- }
- }
-
- pu8Payload += u16HeaderLen + n80211HeaderLength;
-
- if (prd.m_nRadiotapFlags & IEEE80211_RADIOTAP_F_FCS)
- bytes -= 4;
-
- printf("RX: Rate: %2d.%dMbps, Freq: %d.%dGHz, "
- "Ant: %d, Flags: 0x%X\n",
- prd.m_nRate / 2, 5 * (prd.m_nRate & 1),
- prd.m_nChannel / 1000,
- prd.m_nChannel - ((prd.m_nChannel / 1000) * 1000),
- prd.m_nAntenna,
- prd.m_nRadiotapFlags);
-
- Dump(pu8Payload, bytes);
-
- do_tx:
-
- // transmit
-
- memcpy(u8aSendBuffer, u8aRadiotapHeader,
- sizeof (u8aRadiotapHeader));
- if (flagMarkWithFCS)
- pu8[OFFSET_FLAGS] |= IEEE80211_RADIOTAP_F_FCS;
- nRate = pu8[OFFSET_RATE] = u8aRatesToUse[nRateIndex++];
- if (nRateIndex >= sizeof (u8aRatesToUse))
- nRateIndex = 0;
- pu8 += sizeof (u8aRadiotapHeader);
+ uint16_t *tmp16;
+ static uint16_t seqenz = 0;
+ static int first = 0;
+
+ const int rate = 11000000;
+ static const char txt[] =
+ "Hallo1Hallo2 Hallo3 Hallo4...998877665544332211Hallo1Hallo2 Hallo3 Hallo4...998877665544332211";
+
+ unsigned char u8aRadiotap[] = { 0x00, 0x00, // <-- radiotap version
+ 0x00, 0x00, // <- radiotap header length
+ 0x04, 0x80, 0x02, 0x00, // <-- bitmap
+ 0x00, // <-- rate
+ 0x00, // <-- padding for natural alignment
+ 0x10, 0x00, // <-- TX flags
+ 0x04 //retries
+ };
+
+ /*uint8_t u8aRadiotap[] =
+ * {
+ * 0x00, 0x00, // <-- radiotap version
+ * 0x19, 0x00, // <- radiotap header length
+ * 0x6f, 0x08, 0x00, 0x00, // <-- bitmap
+ * 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // <-- timestamp
+ * 0x00, // <-- flags (Offset +0x10)
+ * 0x6c, // <-- rate (0ffset +0x11)
+ * 0x71, 0x09, 0xc0, 0x00, // <-- channel
+ * 0xde, // <-- antsignal
+ * 0x00, // <-- antnoise
+ * 0x01, // <-- antenna
+ * }; */
+
+ u8aRadiotap[8] = (rate / 500000);
+ u8aRadiotap[2] = htole16 (sizeof (u8aRadiotap));
+
+ static struct ieee80211_frame u8aIeeeHeader;
+
+ uint8_t u8aIeeeHeader_def[] = { 0x08, 0x00, // Frame Control 0x08= 00001000 -> | b1,2 = 0 -> Version 0;
+ // b3,4 = 10 -> Data; b5-8 = 0 -> Normal Data
+ // 0x01 = 00000001 -> | b1 = 1 to DS; b2 = 0 not from DS;
+ 0x00, 0x00, // Duration/ID
+
+ //0x00, 0x1f, 0x3f, 0xd1, 0x8e, 0xe6, // mac1 - in this case receiver
+ 0x00, 0x1d, 0xe0, 0xb0, 0x17, 0xdf, // mac1 - in this case receiver
+ 0xC0, 0x3F, 0x0E, 0x44, 0x2D, 0x51, // mac2 - in this case sender
+ //0x02, 0x1d, 0xe0, 0x00, 0x01, 0xc4,
+ 0x13, 0x22, 0x33, 0x44, 0x55, 0x66, // mac3 - in this case bssid
+ 0x10, 0x86, //Sequence Control
+ };
+ if (0 == first)
+ {
+ memcpy (&u8aIeeeHeader, u8aIeeeHeader_def, sizeof (struct ieee80211_frame));
+ memcpy (u8aIeeeHeader.i_addr2, dev->pl_mac, MAC_ADDR_SIZE);
+ first = 1;
+ }
+
+ tmp16 = (uint16_t *) u8aIeeeHeader.i_dur;
+ *tmp16 =
+ (uint16_t)
+ htole16 ((sizeof (txt) +
+ sizeof (struct ieee80211_frame) * 1000000) / rate + 290);
+ tmp16 = (uint16_t *) u8aIeeeHeader.i_seq;
+ *tmp16 =
+ (*tmp16 & IEEE80211_SEQ_FRAG_MASK) | (htole16 (seqenz) <<
+ IEEE80211_SEQ_SEQ_SHIFT);
+ seqenz++;
+
+ memcpy (buf, u8aRadiotap, sizeof (u8aRadiotap));
+ memcpy (buf + sizeof (u8aRadiotap), &u8aIeeeHeader, sizeof (u8aIeeeHeader));
+ memcpy (buf + sizeof (u8aRadiotap) + sizeof (u8aIeeeHeader), txt,
+ sizeof (txt));
+ return sizeof (u8aRadiotap) + sizeof (u8aIeeeHeader) + sizeof (txt);
+
+}
+#endif
+