Date: Mon, 23 Sep 2013 14:14:05 +0200 From: Mark Moes <mark_moes@hotmail.com> To: hiren panchasara <hiren.panchasara@gmail.com> Cc: "freebsd-wireless@freebsd.org" <freebsd-wireless@freebsd.org> Subject: RE: ath0 "monitor mode" mystery Message-ID: <DUB119-W30E1C34EF8426D374112D9912D0@phx.gbl> In-Reply-To: <CALCpEUEti7WhS8rcvorrRUirEmDHEWL8fva6C=7_=zHXM_Vk2w@mail.gmail.com> References: <CALCpEUEti7WhS8rcvorrRUirEmDHEWL8fva6C=7_=zHXM_Vk2w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> 18:56:23.803065 9838362989us tsft 1.0 Mb/s 60dBm tx power antenna 0 2427 > MHz 11g Probe Request () [1.0* 2.0* 5.5* 11.0* 6.0 9.0 12.0 18.0 Mbit] That's what you're gonna see if it captures 802.11 frames; you already had it working :) And a Probe Request is not a Beacon frame, it is sent by a device (laptop/smartphone) when it actively scans for APs. See http://www.wi-fiplanet.com/tutorials/print.php/1447501 Cheers, Mark > Date: Fri, 20 Sep 2013 15:29:34 -0700 > Subject: ath0 "monitor mode" mystery > From: hiren.panchasara@gmail.com > To: freebsd-wireless@freebsd.org > > I am trying to enable (what I think is) monitor mode on PicoStation M2HP. > > I am confused though. "man ifconfig" is also showing 2 different "monitor" > things. I tried both below: > > # ifconfig wlan0 create wlandev ath0 > wlan0: Ethernet address: dc:9f:db:6a:3e:9e > # ifconfig wlan0 down > # ifconfig wlan0 monitor > # ifconfig wlan0 channel 4 > # ifconfig wlan0 up > # > # ifconfig wlan0 > wlan0: flags=48843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,MONITOR> metric 0 > mtu 1500 > ether dc:9f:db:6a:3e:9e > media: IEEE 802.11 Wireless Ethernet autoselect (autoselect) > status: no carrier > ssid "" channel 4 (2427 MHz 11g) > regdomain FCC3 country US indoor ecm authmode OPEN privacy OFF > txpower 30 bmiss 7 scanvalid 60 protmode CTS wme burst bintval 0 > # > > And now I get things via: > # tcpdump -ni wlan0 -y IEEE802_11_RADIO > wlan0: promiscuous mode enabled > wlan0: promiscuous mode disabled > wlan0: promiscuous mode enabled > tcpdump: data link type IEEE802_11_RADIO > tcpdump: WARNING: wlan0: no IPv4 address assigned > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on wlan0, link-type IEEE802_11_RADIO (802.11 plus radiotap > header), capture size 65535 bytes > 18:56:23.803065 9838362989us tsft 1.0 Mb/s 60dBm tx power antenna 0 2427 > MHz 11g Probe Request () [1.0* 2.0* 5.5* 11.0* 6.0 9.0 12.0 18.0 Mbit] > 18:56:23.994159 9838553735us tsft 1.0 Mb/s -75dB signal -96dB noise antenna > 1 2427 MHz 11g Probe Request () [1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 Mbit] > 18:56:23.995089 9838554678us tsft 1.0 Mb/s -75dB signal -96dB noise antenna > 1 2427 MHz 11g Probe Request (Y!Office) [1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 > Mbit] > 18:56:23.995979 9838555575us tsft 1.0 Mb/s -75dB signal -96dB noise antenna > 1 2427 MHz 11g Probe Request () [1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 Mbit] > 18:56:24.002484 9838562077us tsft 1.0 Mb/s -76dB signal -96dB noise antenna > 1 2427 MHz 11g Probe Request () [1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 Mbit] > 18:56:24.016082 9838576006us tsft 1.0 Mb/s 60dBm tx power antenna 0 2427 > MHz 11g ht/40+ Probe Request () [1.0* 2.0* 5.5* 11.0* 6.0 9.0 12.0 18.0 > Mbit] > > But is this really a monitor mode? Not according to tcpdump. > > What we are seeing above are beacons sent out by APs? How do we get probe > requests sent to APs by devices? > > man tcpdump says: > > -I Put the interface in "monitor mode"; this is supported only on > IEEE 802.11 Wi-Fi interfaces, and supported only on some > operat- > ing systems. > > Note that in monitor mode the adapter might disassociate > from > the network with which it's associated, so that you will not > be > able to use any wireless networks with that adapter. This > could > prevent accessing files on a network server, or resolving > host > names or network addresses, if you are capturing in monitor > mode > and are not connected to another network with another adapter. > > This flag will affect the output of the -L flag. If -I > isn't > specified, only those link-layer types available when not > in > monitor mode will be shown; if -I is specified, only those > link- > layer types available when in monitor mode will be shown. > > So I tried -I, > > # tcpdump -Ii wlan0 -y IEEE802_11_RADIO > tcpdump: wlan0 is not a monitor mode VAP > To create a new monitor mode VAP use: > ifconfig wlan1 create wlandev ath0 wlanmode monitor > and use wlan1 as the tcpdump interface > # > > Okay, lets create wlan1 as suggested: > > # ifconfig wlan1 create wlandev ath0 wlanmode monitor > wlan1: Ethernet address: dc:9f:db:6a:3e:9e > # ifconfig wlan1 > wlan1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 > ether dc:9f:db:6a:3e:9e > media: IEEE 802.11 Wireless Ethernet autoselect <monitor> > (autoselect <monitor>) > status: no carrier > ssid "" channel 4 (2427 MHz 11g) > regdomain FCC3 country US indoor ecm authmode OPEN privacy OFF > txpower 30 scanvalid 60 protmode CTS wme burst bintval 0 > # > > See subtle difference between wlan0 and wlan1. > > Still no success (but new error): > <code> > # tcpdump -Ii wlan1 -y IEEE802_11_RADIO > wlan1: promiscuous mode enabled > tcpdump: data link type IEEE802_11_RADIO > tcpdump: WARNING: wlan1: no IPv4 address assigned > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on wlan1, link-type IEEE802_11_RADIO (802.11 plus radiotap > header), capture size 65535 bytes > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > ^C > 0 packets captured > 0 packets received by filter > 0 packets dropped by kernel > ar5416StopDmaReceive: dma failed to stop in 10ms > AR_CR=0x00000024 > AR_DIAG_SW=0x42000020 > wlan1: promiscuous mode disabled > # > > I also tried to do mixed version of both wlan0 and wlan1: > > # ifconfig wlan0 destroy > # ifconfig wlan0 create wlandev ath0 wlanmode monitor > wlan0: Ethernet address: dc:9f:db:6a:3e:9e > # ifconfig wlan0 monitor > # ifconfig wlan0 channel 4 > # ifconfig wlan0 up > ar5416PerCalibrationN: NF calibration didn't finish; delaying CCA > # > # ifconfig wlan0 > wlan0: flags=48843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,MONITOR> metric 0 > mtu 1500 > ether dc:9f:db:6a:3e:9e > media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng <monitor> > status: running > ssid "" channel 4 (2427 MHz 11g ht/40+) bssid dc:9f:db:6a:3e:9e > regdomain FCC3 country US indoor ecm authmode OPEN privacy OFF > txpower 30 scanvalid 60 protmode CTS ampdulimit 8k ampdudensity 8 > shortgi wme burst > # > > But no success: > > # tcpdump -Ii wlan0 -y IEEE802_11_RADIO > wlan0: promiscuous mode enabled > tcpdump: data link type IEEE802_11_RADIO > tcpdump: WARNING: wlan0: no IPv4 address assigned > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on wlan0, link-type IEEE802_11_RADIO (802.11 plus radiotap > header), capture size 65535 bytes > ^C > 0 packets capturwlan0: promiscuous mode disabled > ed > 0 packets received by filter > 0 packets dropped by kernel > # > _______________________________________________ > freebsd-wireless@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-wireless > To unsubscribe, send any mail to "freebsd-wireless-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DUB119-W30E1C34EF8426D374112D9912D0>