From owner-freebsd-mobile  Wed Apr  3 11:36:32 2002
Delivered-To: freebsd-mobile@freebsd.org
Received: from day.anthologeek.net (day.anthologeek.net [213.91.4.139])
	by hub.freebsd.org (Postfix) with ESMTP id 69CB037B405
	for <mobile@FreeBSD.ORG>; Wed,  3 Apr 2002 11:36:21 -0800 (PST)
Received: by day.anthologeek.net (Postfix, from userid 1000)
	id C77C517215; Wed,  3 Apr 2002 21:33:37 +0200 (CEST)
Date: Wed, 3 Apr 2002 21:33:37 +0200
From: Sameh Ghane <sw@anthologeek.net>
To: Doug Ambrisko <ambrisko@ambrisko.com>
Cc: Brooks Davis <brooks@one-eyed-alien.net>,
	"M. Warner Losh" <imp@village.org>, will@csociety.org,
	mobile@FreeBSD.ORG
Subject: Re: bsd airtools for current, kernel patches
Message-ID: <20020403213337.A60018@anthologeek.net>
References: <20020403084114.B6462@Odin.AC.HMC.Edu> <200204031707.g33H7sW53697@ambrisko.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200204031707.g33H7sW53697@ambrisko.com>; from ambrisko@ambrisko.com on Wed, Apr 03, 2002 at 09:07:53AM -0800
X-PGP-Keys: 0x1289F00D: <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1289F00D>
Sender: owner-freebsd-mobile@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-mobile.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-mobile>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-mobile>
X-Loop: FreeBSD.org

Le (On) Wed, Apr 03, 2002 at 09:07:53AM -0800, Doug Ambrisko ecrivit (wrote):
> | > 
> | > Why is there no generic API for accessing wireless cards ? Are they all that
> | > much different ?
> | 
> | You can snoop raw frames with the Aironet cards by setting the
> | appropriate monitor mode in ancontrol.  Most of these tools should be
> | fairly straight forward to modify to use libpcap to get frames.

I compiled libcap and tcpdump 7 to have 802.11b frames support, and never
managed to get useful output.

> The only caveat is that the Aironet card won't pass up WEP key information
> so you can't do wep crack or decrypt raw packets with the card doing the
> work.  Only the onboard hardware/firmware can do this.  This seems to be 
> confirmed by the Linux users.  I had to do a slight patch to Ethereal/
> tcpdump to ignore the WEP key part of the packet and then the disectors 
> could follow the data in the packet and follow various streams.  Hmm I 
> wonder if I should lie and fake up WEP part so it really looks more like 
> a real 802.11 frame?  This is useful for seeing what strange clients
> are doing.

May I try your patch ? It could help me get helpful output from tcpdump.

Cheers,

-- 
Sameh

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-mobile" in the body of the message