freedom packets and sniffer mode

[stefano_p]

Hi I was trying to send packet from one esp8266 to another esp8266 without paring or or AP connection.

To do this I am using freedom packets to send data and promiscuous mode to receive data, i'am using 36 byte because the limitations of sniffer_buf structure. I'am using only first 4 bytes of 802.11 header the other bytes are used as payload.

I'am transmitting this test packet the first 4 bytes are the 802.11 data packet header)

Code: Select all

Hex: 08 00 00 00 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 6F 20 31 32 33 34 35 36 37 38 39 30 41 42


but I'm receiving this packets (see the end of this post) on the other module, first 20 byte are as excepted next there are two bytes that seem to be some sort of counter increasing on step of 16, next follow another 4 bytes of the original message and the last 8 byte contains other data that is not present in the original message.
It seem to me that this data is changed in the receiver module but I don't know why and what this data mean. it's possible to explain the meaning those bytes which are changed?

There is a method to send some more bytes without paring nodes or connect to an access point? Because in this way I can transmit only 16 bytes.

Code: Select all

len=60 pkts:1 seq:798408 08 3A 01 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 30 1F 31 32 33 34 82 84 8B 96 0C 12 18 24
len=60 pkts:1 seq:800008 00 3C 00 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 40 1F 31 32 33 34 82 84 8B 96 0C 12 18 24
len=60 pkts:1 seq:800008 08 3C 00 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 40 1F 31 32 33 34 82 84 8B 96 0C 12 18 24
len=60 pkts:1 seq:800008 08 A2 00 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 40 1F 31 32 33 34 82 84 8B 96 0C 12 18 24
len=60 pkts:1 seq:800008 08 A2 00 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 40 1F 31 32 33 34 82 84 8B 96 0C 12 18 24
len=60 pkts:1 seq:800008 08 3A 01 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 40 1F 31 32 33 34 82 84 8B 96 0C 12 18 24
len=60 pkts:1 seq:800008 08 3A 01 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 40 1F 31 32 33 34 00 20 00 00 0C 12 18 24
len=60 pkts:1 seq:800008 08 3A 01 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 40 1F 31 32 33 34 82 84 8B 96 0C 12 18 24
len=60 pkts:1 seq:801608 00 3C 00 48 65 6C 6C 6F 20 57 6F 72 6C 64 20 53 74 65 66 61 6E 50 1F 31 32 33 34 00 20 00 00 0C 12 18 24


Thanks in advance
Stefano

[ESP_Faye]

Hi,

In sniffer mode, data frame can only be the ieee80211 header, the length of the ieee80211 header depends on type and ds etc. In your case, the data frame is only 24 bytes, so the data after 24 bytes is random value.

And your seq area will increase, you need to set sys_seq to be false when calling int wifi_send_pkt_freedom(uint8 *buf, int len,bool sys_seq).

This is the limitation of our sniffer, sorry for the inconvenience.