From 5c87c2dc433ff71482325bccbd5b3a7faaddcef2 Mon Sep 17 00:00:00 2001
From: Yaro Kasear <git@kasear.net>
Date: Tue, 15 Apr 2025 09:51:47 -0500
Subject: [PATCH 1/3] Remove debug print statement for type/subtype value in
 get_aps_on_channel

---
 enrich.py | 51 ++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 48 insertions(+), 3 deletions(-)

diff --git a/enrich.py b/enrich.py
index 12d13fc..4d64161 100755
--- a/enrich.py
+++ b/enrich.py
@@ -183,9 +183,6 @@ def get_aps_on_channel(capture, ap_channel):
             if ts_hex is None:
                 continue
 
-            # For debugging purposes, display the type_subtype value with some sarcasm
-            print(f"Type/Subtype Hex: {ts_hex}")
-
             ts = int(ts_hex, 16)
             if ts not in (5, 8):  # Probe Response or Beacon
                 continue
@@ -201,6 +198,49 @@ def get_aps_on_channel(capture, ap_channel):
 
     return len(aps)
 
+def calculate_avg_ap_signal_strength(capture, ap_channel):
+    try:
+        ap_channel = int(ap_channel)
+    except ValueError:
+        print(f"[!] Could not parse channel number: {ap_channel}")
+        return 0
+
+    ap_signals = []
+    for packet in capture:
+        try:
+            if 'radiotap' not in packet or 'wlan' not in packet:
+                continue
+
+            radio = packet.radiotap
+            wlan = packet.wlan
+
+            if not hasattr(radio, 'channel') or not hasattr(radio.channel, 'freq'):
+                continue
+
+            packet_freq = int(radio.channel.freq)
+            packet_channel = get_channel_from_freq(packet_freq)
+
+            if packet_channel != ap_channel:
+                continue
+
+            # Check for beacon or probe response
+            ts_hex = getattr(wlan, 'type_subtype', None)
+            if ts_hex is None:
+                continue
+
+            ts = int(ts_hex, 16)
+            if ts not in (5, 8):  # Probe Response or Beacon
+                continue
+
+            # Get signal strength
+            signal_strength = getattr(radio, 'dbm_antsignal', None)
+            if signal_strength is not None:
+                ap_signals.append(int(signal_strength))
+
+        except Exception as e:
+            print(f"[DEBUG] Signal strength parse error: {e}")
+            continue
+
 def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
     cap = pyshark.FileCapture(
         pcapng_path,
@@ -212,6 +252,8 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
 
     clients_on_ap = 0
     clients_on_channel = 0
+    aps_on_channel = 0
+    avg_ap_signal = 0
 
     try:
         # Filter packets manually by timestamp
@@ -231,6 +273,9 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
         # Placeholder: Logic will be added for:
         # - CongestionScore
         # - AvgAPSignal
+
+        avg_ap_signal = calculate_avg_ap_signal_strength(filtered_packets, ap_channel)
+
         # - StrongestAPSignal
         # - UnlinkedDevices
 

From 45bba2e98887c0dfdd6e648a7b9aba595ee29d95 Mon Sep 17 00:00:00 2001
From: Yaro Kasear <git@kasear.net>
Date: Tue, 15 Apr 2025 10:00:54 -0500
Subject: [PATCH 2/3] Rename calculate_avg_ap_signal_strength to
 calculate_signal_strength_stats and update return values to include max
 signal strength

---
 enrich.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/enrich.py b/enrich.py
index 4d64161..47ec9eb 100755
--- a/enrich.py
+++ b/enrich.py
@@ -198,7 +198,7 @@ def get_aps_on_channel(capture, ap_channel):
 
     return len(aps)
 
-def calculate_avg_ap_signal_strength(capture, ap_channel):
+def calculate_signal_strength_stats(capture, ap_channel):
     try:
         ap_channel = int(ap_channel)
     except ValueError:
@@ -241,6 +241,11 @@ def calculate_avg_ap_signal_strength(capture, ap_channel):
             print(f"[DEBUG] Signal strength parse error: {e}")
             continue
 
+    if ap_signals:
+        return mean(ap_signals), max(ap_signals)
+    else:
+        return 0, 0
+
 def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
     cap = pyshark.FileCapture(
         pcapng_path,
@@ -254,6 +259,7 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
     clients_on_channel = 0
     aps_on_channel = 0
     avg_ap_signal = 0
+    max_ap_signal = 0
 
     try:
         # Filter packets manually by timestamp
@@ -274,7 +280,7 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
         # - CongestionScore
         # - AvgAPSignal
 
-        avg_ap_signal = calculate_avg_ap_signal_strength(filtered_packets, ap_channel)
+        avg_ap_signal, max_ap_signal = calculate_signal_strength_stats(filtered_packets, ap_channel)
 
         # - StrongestAPSignal
         # - UnlinkedDevices
@@ -282,7 +288,7 @@ def analyze_pcap(pcapng_path, start_ts, end_ts, ap_bssid, ap_channel):
     finally:
         cap.close()
 
-    return clients_on_ap, clients_on_channel, aps_on_channel, None, None, None, 0
+    return clients_on_ap, clients_on_channel, aps_on_channel, avg_ap_signal, max_ap_signal, None, 0
 
 
 def main():

From 345d709c98be942a63e9375dfad1bb5b7c076376 Mon Sep 17 00:00:00 2001
From: Yaro Kasear <git@kasear.net>
Date: Tue, 15 Apr 2025 10:01:26 -0500
Subject: [PATCH 3/3] Add import for mean from statistics module

---
 enrich.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/enrich.py b/enrich.py
index 47ec9eb..31da009 100755
--- a/enrich.py
+++ b/enrich.py
@@ -3,6 +3,7 @@ import argparse
 import csv
 from datetime import datetime
 import pyshark
+from statistics import mean
 
 # United States regulatory domain channel lookup table