From owner-freebsd-wireless@FreeBSD.ORG Sun Aug 10 08:28:23 2014 Return-Path: Delivered-To: freebsd-wireless@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F02F6A39; Sun, 10 Aug 2014 08:28:23 +0000 (UTC) Received: from mail-qg0-x235.google.com (mail-qg0-x235.google.com [IPv6:2607:f8b0:400d:c04::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8EEA02728; Sun, 10 Aug 2014 08:28:23 +0000 (UTC) Received: by mail-qg0-f53.google.com with SMTP id q107so7484988qgd.40 for ; Sun, 10 Aug 2014 01:28:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=iOLHBPLcTXTPcreGRJDx1CRtqevSFZPek5luWTmk+JU=; b=NzGZHdHmL7ruoxgqdEjZvwV+iFMz6nhxw6/LWGikGpCoGAOLWaVXFL4k/fb43luMVI 3cKSSWk9w9qoU7c0tO+E2sG7gYfvAvNOBPOuwKk4dGpqB7m1Zn3Cvb8i4BUTsiPrSWsU F9IxvzFZ+pOTLOtm9nHHIawAcfAyWhiMlbSq5+doZQSGml+ze29DBUfgTDLFC0eHCIe3 u/wVw6++XhPvjGfpVygH4riOBz08DawXvlltotR6sQ9Q9//bV32N/bIkrd/sXisL0XmZ PCcbMmfqFhJ065wx/kcjwDYokmrTTY90T62pEyF59bBe1CqCddM9PMhmUGeiYcOK4j/q Fkyw== MIME-Version: 1.0 X-Received: by 10.229.38.3 with SMTP id z3mr52303939qcd.17.1407659302757; Sun, 10 Aug 2014 01:28:22 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.41.6 with HTTP; Sun, 10 Aug 2014 01:28:22 -0700 (PDT) In-Reply-To: References: <80DB3DCF-496E-4596-B9F3-4D86AC82DEC5@FreeBSD.org> Date: Sun, 10 Aug 2014 01:28:22 -0700 X-Google-Sender-Auth: O2Eex4biiv7KYNlpYvWhjPpDxXE Message-ID: Subject: Re: [rfc] INJECT mode for net80211 From: Adrian Chadd To: Rui Paulo Content-Type: text/plain; charset=UTF-8 Cc: "freebsd-wireless@freebsd.org" , "freebsd-arch@freebsd.org" X-BeenThere: freebsd-wireless@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Discussions of 802.11 stack, tools device driver development." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Aug 2014 08:28:24 -0000 ... interesting. Ok, so: * if I just "remove" sam's patch there, monitor mode works to inject; * I've patched kismet so it reads the radiotap data using the example parser and added XCHANNEL support - so now it actually works nicely; * aircrack-ng from ports doensn't send - it's triggering on this in net80211: wh = mtod(m, struct ieee80211_frame *); if ((wh->i_fc[0] & IEEE80211_FC0_VERSION_MASK) != IEEE80211_FC0_VERSION_0) senderr(EIO); /* XXX */ .. I haven't looked into why yet. * but, aircrack-ng built from source works, save for when it tries to transmit too quickly after changing channels. Ok, so I'm going to just revert that change for now and see about figuring out some other way to enforce regulatory concerns on monitor mode transmit. (Likely by allowing receive, but failing transmit on non-regulatory channels.) I'll speak to the Kismet author here tomorrow and see about getting this replacement radiotap parser in so it works correctly again in FreeBSD. And as for aircrack-ng - guess I'll poke the port maintainer. -a