Hi, All:
I configured the Wifi Monitor mode with Intel 7260 card under
Ubuntu14.04 and then used Wireshark to capture packets from air. But I
could only get management/control packets but no data packets. I tried
different channels and also with HT20 or HT40+/-.
The commands I used were:
iw dev wlan0 interface add mon0 type monitor
iw dev wlan0 del //I googled and was told I needed to delete the
wlan0 first. Or else I got device busy (-16) error
ifconfig mon0 up
iw dev mon0 set channel 1
I also tried to use other ways like "airmon-ng start wlan0". All the
observations were same, no data packets. It's weird! Anyone has a
clue?
Thanks!
dlw
On Mon, May 18, 2015 at 3:26 PM, Emmanuel Grumbach <[email protected]> wrote:
> On Mon, May 18, 2015 at 10:01 AM, darklight wu <[email protected]> wrote:
>> Hi, All:
>>
>> I configured the Wifi Monitor mode with Intel 7260 card under
>> Ubuntu14.04 and then used Wireshark to capture packets from air. But I
>> could only get management/control packets but no data packets. I tried
>> different channels and also with HT20 or HT40+/-.
>>
>> The commands I used were:
>>
>> iw dev wlan0 interface add mon0 type monitor
>> iw dev wlan0 del //I googled and was told I needed to delete the
>> wlan0 first. Or else I got device busy (-16) error
>> ifconfig mon0 up
>> iw dev mon0 set channel 1
>>
>> I also tried to use other ways like "airmon-ng start wlan0". All the
>> observations were same, no data packets. It's weird! Anyone has a
>> clue?
>>
>
> This is weird. But I recommend to add power_scheme=1 as a module
> parameter to iwlmvm. Since iwlmvm is loaded automatically, you'll need
> to add that to /etc/modprobe.d/iwlwifi.conf.
> 14.04 ships 3.13 and I remember we had issues with monitor mode at
> that time. You may want to try a newer kernel.
I tried again today with "power_scheme=1" and also booted with Ubuntu
15.04. Both still failed to work in monitor mode. And with Ubuntu
15.04, I event could not configure the nic to work on monitor mode.
The same commands at least can set the monitor mode under 14.04.
Meanwhile, I just want to clarify, the nic could capture data packets
to/from itself but could not capture others that were not belongs to
it. My co-worker tried on another machine with Ubuntu 14.04, he was
also failed.
Any tricks here?
Yes, it works now! What I did was to disable network by unchecking
"Enable Networking" in the network notification area in Ubuntu. It's
easier than to kill processes manually. Thank you all for the help! -
dlw
On Wed, May 20, 2015 at 11:43 AM, Matt Chen <[email protected]> wrote:
> probably you need to disable your NetworkManager and wpa_supplicant.
> Then switch/change your mode to monitor. Make sure the command "iw
> [interface_name] info" shows you the type is monitor.
>
> 2015-05-20 1:41 GMT+08:00 Emmanuel Grumbach <[email protected]>:
>> On Tue, May 19, 2015 at 7:44 PM, darklight wu <[email protected]> wrote:
>>> On Mon, May 18, 2015 at 3:26 PM, Emmanuel Grumbach <[email protected]> wrote:
>>>> On Mon, May 18, 2015 at 10:01 AM, darklight wu <[email protected]> wrote:
>>>>> Hi, All:
>>>>>
>>>>> I configured the Wifi Monitor mode with Intel 7260 card under
>>>>> Ubuntu14.04 and then used Wireshark to capture packets from air. But I
>>>>> could only get management/control packets but no data packets. I tried
>>>>> different channels and also with HT20 or HT40+/-.
>>>>>
>>>>> The commands I used were:
>>>>>
>>>>> iw dev wlan0 interface add mon0 type monitor
>>>>> iw dev wlan0 del //I googled and was told I needed to delete the
>>>>> wlan0 first. Or else I got device busy (-16) error
>>>>> ifconfig mon0 up
>>>>> iw dev mon0 set channel 1
>>>>>
>>>>> I also tried to use other ways like "airmon-ng start wlan0". All the
>>>>> observations were same, no data packets. It's weird! Anyone has a
>>>>> clue?
>>>>>
>>>>
>>>> This is weird. But I recommend to add power_scheme=1 as a module
>>>> parameter to iwlmvm. Since iwlmvm is loaded automatically, you'll need
>>>> to add that to /etc/modprobe.d/iwlwifi.conf.
>>>> 14.04 ships 3.13 and I remember we had issues with monitor mode at
>>>> that time. You may want to try a newer kernel.
>>>
>>> I tried again today with "power_scheme=1" and also booted with Ubuntu
>>> 15.04. Both still failed to work in monitor mode. And with Ubuntu
>>> 15.04, I event could not configure the nic to work on monitor mode.
>>> The same commands at least can set the monitor mode under 14.04.
>>> Meanwhile, I just want to clarify, the nic could capture data packets
>>> to/from itself but could not capture others that were not belongs to
>>> it. My co-worker tried on another machine with Ubuntu 14.04, he was
>>> also failed.
>>>
>>> Any tricks here?
>>
>> You must not have any interface besides the monitor interface. I bet
>> you still have the wpa_supplicant running and this is why you only
>> have a virtual monitor interface that catches the packet from your
>> managed interface only.
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
>> the body of a message to [email protected]
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
On Mon, May 18, 2015 at 10:01 AM, darklight wu <[email protected]> wrote:
> Hi, All:
>
> I configured the Wifi Monitor mode with Intel 7260 card under
> Ubuntu14.04 and then used Wireshark to capture packets from air. But I
> could only get management/control packets but no data packets. I tried
> different channels and also with HT20 or HT40+/-.
>
> The commands I used were:
>
> iw dev wlan0 interface add mon0 type monitor
> iw dev wlan0 del //I googled and was told I needed to delete the
> wlan0 first. Or else I got device busy (-16) error
> ifconfig mon0 up
> iw dev mon0 set channel 1
>
> I also tried to use other ways like "airmon-ng start wlan0". All the
> observations were same, no data packets. It's weird! Anyone has a
> clue?
>
This is weird. But I recommend to add power_scheme=1 as a module
parameter to iwlmvm. Since iwlmvm is loaded automatically, you'll need
to add that to /etc/modprobe.d/iwlwifi.conf.
14.04 ships 3.13 and I remember we had issues with monitor mode at
that time. You may want to try a newer kernel.
probably you need to disable your NetworkManager and wpa_supplicant.
Then switch/change your mode to monitor. Make sure the command "iw
[interface_name] info" shows you the type is monitor.
2015-05-20 1:41 GMT+08:00 Emmanuel Grumbach <[email protected]>:
> On Tue, May 19, 2015 at 7:44 PM, darklight wu <[email protected]> wrote:
>> On Mon, May 18, 2015 at 3:26 PM, Emmanuel Grumbach <[email protected]> wrote:
>>> On Mon, May 18, 2015 at 10:01 AM, darklight wu <[email protected]> wrote:
>>>> Hi, All:
>>>>
>>>> I configured the Wifi Monitor mode with Intel 7260 card under
>>>> Ubuntu14.04 and then used Wireshark to capture packets from air. But I
>>>> could only get management/control packets but no data packets. I tried
>>>> different channels and also with HT20 or HT40+/-.
>>>>
>>>> The commands I used were:
>>>>
>>>> iw dev wlan0 interface add mon0 type monitor
>>>> iw dev wlan0 del //I googled and was told I needed to delete the
>>>> wlan0 first. Or else I got device busy (-16) error
>>>> ifconfig mon0 up
>>>> iw dev mon0 set channel 1
>>>>
>>>> I also tried to use other ways like "airmon-ng start wlan0". All the
>>>> observations were same, no data packets. It's weird! Anyone has a
>>>> clue?
>>>>
>>>
>>> This is weird. But I recommend to add power_scheme=1 as a module
>>> parameter to iwlmvm. Since iwlmvm is loaded automatically, you'll need
>>> to add that to /etc/modprobe.d/iwlwifi.conf.
>>> 14.04 ships 3.13 and I remember we had issues with monitor mode at
>>> that time. You may want to try a newer kernel.
>>
>> I tried again today with "power_scheme=1" and also booted with Ubuntu
>> 15.04. Both still failed to work in monitor mode. And with Ubuntu
>> 15.04, I event could not configure the nic to work on monitor mode.
>> The same commands at least can set the monitor mode under 14.04.
>> Meanwhile, I just want to clarify, the nic could capture data packets
>> to/from itself but could not capture others that were not belongs to
>> it. My co-worker tried on another machine with Ubuntu 14.04, he was
>> also failed.
>>
>> Any tricks here?
>
> You must not have any interface besides the monitor interface. I bet
> you still have the wpa_supplicant running and this is why you only
> have a virtual monitor interface that catches the packet from your
> managed interface only.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, May 19, 2015 at 7:44 PM, darklight wu <[email protected]> wrote:
> On Mon, May 18, 2015 at 3:26 PM, Emmanuel Grumbach <[email protected]> wrote:
>> On Mon, May 18, 2015 at 10:01 AM, darklight wu <[email protected]> wrote:
>>> Hi, All:
>>>
>>> I configured the Wifi Monitor mode with Intel 7260 card under
>>> Ubuntu14.04 and then used Wireshark to capture packets from air. But I
>>> could only get management/control packets but no data packets. I tried
>>> different channels and also with HT20 or HT40+/-.
>>>
>>> The commands I used were:
>>>
>>> iw dev wlan0 interface add mon0 type monitor
>>> iw dev wlan0 del //I googled and was told I needed to delete the
>>> wlan0 first. Or else I got device busy (-16) error
>>> ifconfig mon0 up
>>> iw dev mon0 set channel 1
>>>
>>> I also tried to use other ways like "airmon-ng start wlan0". All the
>>> observations were same, no data packets. It's weird! Anyone has a
>>> clue?
>>>
>>
>> This is weird. But I recommend to add power_scheme=1 as a module
>> parameter to iwlmvm. Since iwlmvm is loaded automatically, you'll need
>> to add that to /etc/modprobe.d/iwlwifi.conf.
>> 14.04 ships 3.13 and I remember we had issues with monitor mode at
>> that time. You may want to try a newer kernel.
>
> I tried again today with "power_scheme=1" and also booted with Ubuntu
> 15.04. Both still failed to work in monitor mode. And with Ubuntu
> 15.04, I event could not configure the nic to work on monitor mode.
> The same commands at least can set the monitor mode under 14.04.
> Meanwhile, I just want to clarify, the nic could capture data packets
> to/from itself but could not capture others that were not belongs to
> it. My co-worker tried on another machine with Ubuntu 14.04, he was
> also failed.
>
> Any tricks here?
You must not have any interface besides the monitor interface. I bet
you still have the wpa_supplicant running and this is why you only
have a virtual monitor interface that catches the packet from your
managed interface only.