Sniffer Application Scenarios - Espressif ESP8266 Technical Reference

!
RSSI and FEC_CODING are used to guess if the packets are sent from same device.
•
Summary
We should not take too long to process the packets. Otherwise, other packets may be lost.
The diagram below shows the format of a IEEE80211 packet:
!
The first 24 Bytes of MAC Header of data packet are needed:
•
- Address 4 field depends on FromDS and ToDS which is in Frame Control;
- QoS Control field depends on Subtype which is in Frame Control;
- HT Control field depends on Order Field which is in Frame Control;
- More details are found in IEEE Std 80211-2012.
For WEP packets, MAC Header is followed by 4 Bytes IV and before FCS there are 4
•
bytes ICV.
For TKIP packet, MAC Header is followed by 4 Bytes IV and 4 bytes EIV, and before
•
FCS there are 8 bytes MIC and 4 bytes ICV.
For CCMP packet, MAC Header is followed by 8 Bytes CCMP header, and before
•
FCS there are 8 bytes MIC.
14.2. Sniffer Application Scenarios
Because some APs won't transmit UDP broadcast packets to WLAN, so only the UDP
packets from mobile phone can be listened. These UDP packets are from mobile phone to
AP, and are encrypted.
Scenario 1: IOT_device can get all packets from mobile phone
This scenario requires:
The connection between mobile phone and AP is working in 802.11b, or 802.11g,
•
or 802.11n HT20 mode.
The distance between mobile phone and AP is longer than the distance between
•
mobile phone and IOT_device.
IOT-device firmware can set filter of MAC address or MAC-header (include MAC-cryption-
header), it can also set a filter for retransmission.
Espressif 83 86 ! /!
14. Sniffer Introduction
2016.05