From owner-freebsd-bugs@FreeBSD.ORG  Wed Mar 19 20:40:03 2008
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A79251065671
	for <freebsd-bugs@hub.freebsd.org>;
	Wed, 19 Mar 2008 20:40:03 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 7FB8B8FC16
	for <freebsd-bugs@hub.freebsd.org>;
	Wed, 19 Mar 2008 20:40:03 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JKe3xl039561
	for <freebsd-bugs@freefall.freebsd.org>; Wed, 19 Mar 2008 20:40:03 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JKe34W039560;
	Wed, 19 Mar 2008 20:40:03 GMT (envelope-from gnats)
Resent-Date: Wed, 19 Mar 2008 20:40:03 GMT
Resent-Message-Id: <200803192040.m2JKe34W039560@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, bob frazier <bobf@mrp3.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F17FF106564A
	for <freebsd-gnats-submit@FreeBSD.org>;
	Wed, 19 Mar 2008 20:37:28 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id DBD938FC1D
	for <freebsd-gnats-submit@FreeBSD.org>;
	Wed, 19 Mar 2008 20:37:28 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JKbPAN098497
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 19 Mar 2008 20:37:25 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m2JKbPZP098496;
	Wed, 19 Mar 2008 20:37:25 GMT (envelope-from nobody)
Message-Id: <200803192037.m2JKbPZP098496@www.freebsd.org>
Date: Wed, 19 Mar 2008 20:37:25 GMT
From: bob frazier <bobf@mrp3.com>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Cc: 
Subject: kern/121880: ath driver in 7.0 no longer honors 'monitor' mode
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Mar 2008 20:40:03 -0000


>Number:         121880
>Category:       kern
>Synopsis:       ath driver in 7.0 no longer honors 'monitor' mode
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 19 20:40:03 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     bob frazier
>Release:        7.0-STABLE (as of 3/2/2008)
>Organization:
>Environment:
FreeBSD BSDLaptop 7.0-STABLE FreeBSD 7.0-STABLE #0: Sun Mar  2 15:33:08 PST 2008

>Description:
In 6.x the ath driver properly honored 'monitor' mode, shutting down transmit so that you could safely use tools like 'wireshark' without attempting to roam, associate with an access point, or transmit probe requests.

Using wireshark I verified that 'monitor mode' no longer works with the 'ath' driver.  This basically makes passive scans IMPOSSIBLE, including scanning for access points in the area without actually attempting to associate.

Again, the 'monitor' functionality worked properly in the previous release.  It no longer works in 7.0


>How-To-Repeat:
a) issue the following command for hardware supported by the 'ath' driver
   ifconfig ath0 up ssid - monitor channel 1
   (alternately choose another channel on which an access point is known to be)

b) with an access point known to be on the monitored channel, run wireshark and capture radiotap headers in addition to normal traffic with 'promiscuous mode' chosen.

c) observe beacons AND response packets going to/from the atheros adaptor that is supposed to be in 'monitor' mode.

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted: