Commit 03eafd5e authored by Mohammad Imran Syed's avatar Mohammad Imran Syed
Browse files

Update README.md

parent 6f9e72f2
......@@ -3,19 +3,19 @@
PyPal is the Python version of the tool Wipal [1] which is used for time synchronization of traces captured by sniffers. It provides the functionality of merging or concatenating traces after synchronization. Additionally, the tool creates "per MAC address" traces.
The tool takes two traces (in csv or txt format) as input and then performs the option you select. You would need to have the following fields in the traces:
- frame.number: Frame_number
- frame.time_epoch: Frame_time_epoch
- wlan.fixed.timestamp: Fixed_timestamp
- wlan_radio.signal_dbm: RSSI_dBm
- wlan_radio.channel: Channel
- wlan.fc.type: Frame_type
- wlan.fc.type_subtype: Frame_subtype
- wlan.fc.retry: Retransmission
- wlan.fcs: Checksum
- wlan.sa: Source_MAC_address
- wlan.seq: Sequence_number
- wlan.frag: Fragment_number
frame.number: Frame_number
frame.time_epoch: Frame_time_epoch
wlan.fixed.timestamp: Fixed_timestamp
wlan_radio.signal_dbm: RSSI_dBm
wlan_radio.channel: Channel
wlan.fc.type: Frame_type
wlan.fc.type_subtype: Frame_subtype
wlan.fc.retry: Retransmission
wlan.fcs: Checksum
wlan.sa: Source_MAC_address
wlan.seq: Sequence_number
wlan.frag: Fragment_number
You can use the following tshark command to extract the above mentioned fields from a pcap file.
tshark -r pcap_input_file -Y '!_ws.malformed and wlan_radio.channel==1' -T fields -E header=y -E separator=/t -e frame.number -e frame.time_epoch -e wlan.fixed.timestamp -e wlan_radio.signal_dbm -e wlan_radio.channel -e wlan.fc.type -e wlan.fc.type_subtype -e wlan.fc.retry -e wlan.fcs -e wlan.sa -e wlan.seq -e wlan.frag > csv_or_txt_output_file
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment