Hi all,
When developing mac80211 stuff, one sometimes need a WLAN packet
sniffer that have more details than a simple packet information (e.g.
info about packet rates, power lvl, etc..) which might need a
dedicated hw sniffer + software (idealy it should support at least 11g
and 11n, but if a hw supporting all four 11a,b,g,n exists in a
reasonable price then why not).
As far as I can see, most of these works only on windows (e.g. the one
that is published on the wireshark site:
http://www.cacetech.com/products/airpcap.html) they might be good, but
that's not my taste.
So - do you know any good solution that runs on linux ? preferably
with open source drivers..
Thanks!
Ohad.
2010/2/14 Jouni Malinen <[email protected]>:
> On Sun, Feb 14, 2010 at 07:46:04PM +0100, G?bor Stefanik wrote:
>> Monitoring in general works in almost all linux drivers (the Alfa
>> AWUS036H is perhaps the best for this purpose) - however, there is no
>> known way to monitor 802.11n packets on Linux (due to problems with
>> the mac80211 stack not passing 802.11n frames to monitor interfaces?).
>
> Known to whom? ;-) mac80211 passes 802.11n packet just fine to monitor
> interfaces and as an example, I'm using ath9k as a wireless sniffer for
> IEEE 802.11g/a/n. The radiotap headers may not show all parameters at
> this point, but there is ongoing work to extend that
>
>> Currently, the only way to sniff 802.11n packets is the AirPcap NX on
>> Windows.
>
> Yeah, right..
That was the last information I had - I didn't know someone has fixed
passing 802.11n frames to monitor interfaces.
BTW are A-MPDU frames also reported on monitor interfaces now?
>
> --
> Jouni Malinen ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?PGP id EFC895FA
>
--
Vista: [V]iruses, [I]ntruders, [S]pyware, [T]rojans and [A]dware. :-)
On Sun, Feb 14, 2010 at 07:46:04PM +0100, Gábor Stefanik wrote:
> Monitoring in general works in almost all linux drivers (the Alfa
> AWUS036H is perhaps the best for this purpose) - however, there is no
> known way to monitor 802.11n packets on Linux (due to problems with
> the mac80211 stack not passing 802.11n frames to monitor interfaces?).
Known to whom? ;-) mac80211 passes 802.11n packet just fine to monitor
interfaces and as an example, I'm using ath9k as a wireless sniffer for
IEEE 802.11g/a/n. The radiotap headers may not show all parameters at
this point, but there is ongoing work to extend that
> Currently, the only way to sniff 802.11n packets is the AirPcap NX on
> Windows.
Yeah, right..
--
Jouni Malinen PGP id EFC895FA
On Sun, 2010-02-14 at 19:46 +0100, Gábor Stefanik wrote:
> Johannes, Luis, etc: what is the exact reason for not having 802.11n
> monitoring support?
Mostly missing radiotap support, matteo was working on that.
johannes
>>> Monitoring in general works in almost all linux drivers
So I can just start monitoring with my thinkpad ?
And I will get to see stuff like transmission rate and power levels ?
What software do I use for that ? Wireshark ?
So really, no need to buy those (obnoxious) USB dongle or PCMCIA
cards that needs windows ? That's great news!!
Monitoring in general works in almost all linux drivers (the Alfa
AWUS036H is perhaps the best for this purpose) - however, there is no
known way to monitor 802.11n packets on Linux (due to problems with
the mac80211 stack not passing 802.11n frames to monitor interfaces?).
Currently, the only way to sniff 802.11n packets is the AirPcap NX on
Windows.
Johannes, Luis, etc: what is the exact reason for not having 802.11n
monitoring support?
On Sun, Feb 14, 2010 at 6:57 PM, Neshama Parhoti <[email protected]> wrote:
> Hi all,
>
> When developing mac80211 stuff, one sometimes need a WLAN packet
> sniffer that have more details than a simple packet information (e.g.
> info about packet rates, power lvl, etc..) which might need a
> dedicated hw sniffer + software (idealy it should support at least 11g
> and 11n, but if a hw supporting all four 11a,b,g,n exists in a
> reasonable price then why not).
>
> As far as I can see, most of these works only on windows (e.g. the one
> that is published on the wireshark site:
> http://www.cacetech.com/products/airpcap.html) they might be good, but
> that's not my taste.
>
> So - do you know any good solution that runs on linux ? preferably
> with open source drivers..
>
> Thanks!
> Ohad.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> the body of a message to [email protected]
> More majordomo info at ?http://vger.kernel.org/majordomo-info.html
>
--
Vista: [V]iruses, [I]ntruders, [S]pyware, [T]rojans and [A]dware. :-)
2010/2/15 Neshama Parhoti <[email protected]>:
>>>> Monitoring in general works in almost all linux drivers
>
> So I can just start monitoring with my thinkpad ?
>
> And I will get to see stuff like transmission rate and power levels ?
Basically yes, though some drivers, notably zd1211rw doesn't report
power levels. Also, HT packets don't yet show correct TX rates in the
radiotap header. (But apparently they are displayed now, only the MCS
index is missing!)
>
> What software do I use for that ? Wireshark ?
Yes - use a recent version to correctly decode the radiotap header.
>
> So really, no need to buy those (obnoxious) ?USB dongle or PCMCIA
> cards that needs windows ? ?That's great news!!
>
--
Vista: [V]iruses, [I]ntruders, [S]pyware, [T]rojans and [A]dware. :-)