Here are some details on my ping problem: I seem to be associated
successfully to an Cisco 1231 AP, but no pings are going through
if I use nl80211.
----------------------------------- test.conf
ctrl_interface=/var/run/wpa_supplicant
network={
ssid="TEST"
key_mgmt=NONE
wep_key0="99999"
}
------------------------------------- test.sh
#!/bin/sh
ifconfig eth1 10.2.1.2 netmask 255.255.255.0 up
./wpa_supplicant \
-D nl80211 \
-i eth1 \
-c test.conf \
-P /var/run/wpa_supplicant.eth1.pid \
-C /var/run/wpa_supplicant
---------------------------------------------
# ./TEST.sh
CTRL-EVENT-SCAN-RESULTS
Trying to authenticate with 00:13:19:80:da:30 (SSID='TEST' freq=2412 MHz)
Trying to associate with 00:13:19:80:da:30 (SSID='TEST' freq=2412 MHz)
Associated with 00:13:19:80:da:30
CTRL-EVENT-CONNECTED - Connection to 00:1b:53:11:dc:40 completed (auth) [id=0 id_str=]
$ ping -c 5 10.2.1.1
PING 10.2.1.1 (10.2.1.1) 56(84) bytes of data.
>From 10.2.1.2 icmp_seq=1 Destination Host Unreachable
>From 10.2.1.2 icmp_seq=2 Destination Host Unreachable
>From 10.2.1.2 icmp_seq=3 Destination Host Unreachable
>From 10.2.1.2 icmp_seq=4 Destination Host Unreachable
>From 10.2.1.2 icmp_seq=5 Destination Host Unreachable
--- 10.2.1.1 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4023ms, pipe 3
While this was happening, I used another wireless card monitor
the channel. I then saw ARP packets, but AFAIK they haven't been
encrypted:
Frame 319 (85 bytes on wire, 85 bytes captured)
Arrival Time: Sep 8, 2009 09:07:34.529847000
[Time delta from previous packet: 0.012281000 seconds]
[Time since reference or first frame: 5.988251000 seconds]
Frame Number: 319
Packet Length: 85 bytes
Capture Length: 85 bytes
[Frame is marked: False]
[Protocols in frame: radiotap:wlan:llc:arp]
Radiotap Header v0, Length 25
Header revision: 0
Header pad: 0
Header length: 25
Present flags: 0x0000086f
.... .... .... .... .... .... .... ...1 = TSFT: True
.... .... .... .... .... .... .... ..1. = Flags: True
.... .... .... .... .... .... .... .1.. = Rate: True
.... .... .... .... .... .... .... 1... = Channel: True
.... .... .... .... .... .... ...0 .... = FHSS: False
.... .... .... .... .... .... ..1. .... = DBM Antenna Signal: True
.... .... .... .... .... .... .1.. .... = DBM Antenna Noise: True
.... .... .... .... .... .... 0... .... = Lock Quality: False
.... .... .... .... .... ...0 .... .... = TX Attenuation: False
.... .... .... .... .... ..0. .... .... = DB TX Attenuation: False
.... .... .... .... .... .0.. .... .... = DBM TX Attenuation: False
.... .... .... .... .... 1... .... .... = Antenna: True
.... .... .... .... ...0 .... .... .... = DB Antenna Signal: False
.... .... .... .... ..0. .... .... .... = DB Antenna Noise: False
.... .... .... .... .0.. .... .... .... = FCS in header: False
0... .... .... .... .... .... .... .... = Ext: False
MAC timestamp: 0
Flags: 0x00
.... ...0 = CFP: False
.... ..0. = Preamble: Long
.... .0.. = WEP: False
.... 0... = Fragmentation: False
...0 .... = FCS at end: False
..0. .... = Data Pad: False
Data Rate: 11.0 Mb/s
Channel: 2412 (chan 1)
Channel type: 802.11b (0x00a0)
SSI Signal: -17 dBm
SSI Noise: 0 dBm
Antenna: 2
IEEE 802.11
Type/Subtype: Data (32)
Frame Control: 0x0108 (Normal)
Version: 0
Type: Data frame (2)
Subtype: 0
Flags: 0x1
DS status: Frame from STA to DS via an AP (To DS: 1 From DS: 0) (0x01)
.... .0.. = More Fragments: This is the last fragment
.... 0... = Retry: Frame is not being retransmitted
...0 .... = PWR MGT: STA will stay up
..0. .... = More Data: No data buffered
.0.. .... = Protected flag: Data is not protected
0... .... = Order flag: Not strictly ordered
Duration: 213
BSS Id: 00:1b:53:11:dc:40 (00:1b:53:11:dc:40)
Source address: Proxim_a0:6d:40 (00:20:a6:a0:6d:40)
Destination address: Broadcast (ff:ff:ff:ff:ff:ff)
Fragment number: 0
Sequence number: 120
Logical-Link Control
DSAP: SNAP (0xaa)
IG Bit: Individual
SSAP: SNAP (0xaa)
CR Bit: Command
Control field: U, func=UI (0x03)
000. 00.. = Command: Unnumbered Information (0x00)
.... ..11 = Frame type: Unnumbered frame (0x03)
Organization Code: Encapsulated Ethernet (0x000000)
Type: ARP (0x0806)
Address Resolution Protocol (request)
Hardware type: Ethernet (0x0001)
Protocol type: IP (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (0x0001)
Sender MAC address: Proxim_a0:6d:40 (00:20:a6:a0:6d:40)
Sender IP address: 10.2.1.2 (10.2.1.2)
Target MAC address: 00:00:00_00:00:00 (00:00:00:00:00:00)
Target IP address: 10.2.1.1 (10.2.1.1)
After removing all kernel modules and reloading them again (ath5k,
mac80211, ath, cfg80211) and replacing the "-D nl80211" with "-D wext",
the ping works.
# ./TEST.sh
ioctl[SIOCGIWSCAN]: Resource temporarily unavailable
ioctl[SIOCSIWSCAN]: Device or resource busy
Failed to initiate AP scan.
CTRL-EVENT-SCAN-RESULTS
Trying to associate with 00:1b:53:11:dc:40 (SSID='TEST' freq=2412 MHz)
CTRL-EVENT-SCAN-RESULTS
Trying to associate with 00:13:19:80:da:30 (SSID='TEST' freq=2412 MHz)
Associated with 00:13:19:80:da:30
CTRL-EVENT-CONNECTED - Connection to 00:13:19:80:da:30 completed (auth) [id=0 id_str=]
--
http://www.holgerschurig.de
> IEEE 802.11
> Type/Subtype: Data (32)
> Frame Control: 0x0108 (Normal)
> Version: 0
> Type: Data frame (2)
> Subtype: 0
> Flags: 0x1
> DS status: Frame from STA to DS via an AP (To DS: 1 From DS: 0) (0x01)
> .... .0.. = More Fragments: This is the last fragment
> .... 0... = Retry: Frame is not being retransmitted
> ...0 .... = PWR MGT: STA will stay up
> ..0. .... = More Data: No data buffered
> .0.. .... = Protected flag: Data is not protected
> 0... .... = Order flag: Not strictly ordered
> Duration: 213
> BSS Id: 00:1b:53:11:dc:40 (00:1b:53:11:dc:40)
> Source address: Proxim_a0:6d:40 (00:20:a6:a0:6d:40)
> Destination address: Broadcast (ff:ff:ff:ff:ff:ff)
> Fragment number: 0
> Sequence number: 120
When I run wpa_supplicant with -D wext, I see this additional
field while monitoring:
WEP parameters
Initialization Vector: 0x222e52
Key Index: 0
WEP ICV: 0x9dc1791b (not verified)
--
http://www.holgerschurig.de
On Tue, 2009-09-08 at 10:16 +0200, Holger Schurig wrote:
> Here are some details on my ping problem: I seem to be associated
> successfully to an Cisco 1231 AP, but no pings are going through
> if I use nl80211.
Yeah, WEP with nl80211 is known broken. I have a patch, but Jouni didn't
like it and I haven't gotten around to fixing it up.
johannes