From owner-freebsd-wireless@FreeBSD.ORG  Mon Oct  3 12:22:21 2011
Return-Path: <owner-freebsd-wireless@FreeBSD.ORG>
Delivered-To: freebsd-wireless@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EA070106564A
	for <freebsd-wireless@freebsd.org>;
	Mon,  3 Oct 2011 12:22:20 +0000 (UTC)
	(envelope-from bschmidt@techwires.net)
Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com
	[209.85.215.182])
	by mx1.freebsd.org (Postfix) with ESMTP id 5E19E8FC0A
	for <freebsd-wireless@freebsd.org>;
	Mon,  3 Oct 2011 12:22:19 +0000 (UTC)
Received: by eyg7 with SMTP id 7so3695875eyg.13
	for <multiple recipients>; Mon, 03 Oct 2011 05:22:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.43.211 with SMTP id x19mr14480070fae.142.1317644379663;
	Mon, 03 Oct 2011 05:19:39 -0700 (PDT)
Sender: bschmidt@techwires.net
Received: by 10.152.12.228 with HTTP; Mon, 3 Oct 2011 05:19:39 -0700 (PDT)
X-Originating-IP: [88.65.221.136]
In-Reply-To: <CAPYw7P7zT=1aEuMGOzhbcVesZARJUeyavANBso9BCDycj0JJRA@mail.gmail.com>
References: <23921b5c.3a8c1058.4e8582fc.7004e@mailplus.pl>
	<CAHi1JsfdWCzy-qxq7wsJWv5UXM-bcS61WvDR3yqWqMfHwL6kfw@mail.gmail.com>
	<262ab544.73de2a95.4e881fa7.83e38@mailplus.pl>
	<CAJ-Vmom8Z7gkeTXivh8KcEHM2t6dp_V-_t+fCqpkdnCSb4SV5g@mail.gmail.com>
	<71267f1b.41991640.4e88510a.b8fc3@mailplus.pl>
	<CAPYw7P7zT=1aEuMGOzhbcVesZARJUeyavANBso9BCDycj0JJRA@mail.gmail.com>
Date: Mon, 3 Oct 2011 14:19:39 +0200
X-Google-Sender-Auth: 8EILj19l601cgnTeS5cKhaRb7CQ
Message-ID: <CAAgh0_bX476tiVw+v8sj2sZjvzHnUfLX6G5Uhh37AnT02yQU9g@mail.gmail.com>
From: Bernhard Schmidt <bschmidt@freebsd.org>
To: "Paul B. Mahol" <onemda@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: Lyubomir@freebsd.org, freebsd-wireless@freebsd.org
Subject: Re: Panic in AHDEMO mode (was: net-mgmt/aircrack-ng on FreeBSD
 7+/call for testing)
X-BeenThere: freebsd-wireless@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussions of 802.11 stack,
	tools device driver development." <freebsd-wireless.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-wireless>, 
	<mailto:freebsd-wireless-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-wireless>
List-Post: <mailto:freebsd-wireless@freebsd.org>
List-Help: <mailto:freebsd-wireless-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-wireless>, 
	<mailto:freebsd-wireless-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2011 12:22:21 -0000

On Mon, Oct 3, 2011 at 01:31, Paul B. Mahol <onemda@gmail.com> wrote:
> On 10/2/11, Jakub Lach <jakub_lach@mailplus.pl> wrote:
>> Dnia 2 pazdziernika 2011 12:17 Adrian Chadd <adrian@freebsd.org> napisal/(a):
>>
>>> Well, "whether we care" still is drawing a line between users and
>>> developers here, right? :)
>>>
>>> It's not that I don't care, it's just that I don't have the time. If
>>> y'all want to sort it out, then that means "you care", and suddenly
>>> someone cares. :)
>>>
>>> So there's three of you there at least who are interested and one of
>>> you has given a patch. Let me know how it goes. :)
>>>
>>>
>>>
>>> Adrian
>>
>> I understand that you don't have time (I'm not either
>> idle) and in no way was that pointed to you, by
>> "not care" I was meaning that compared to number of
>> people complaining that aircrack-ng does not work, a
>> minuscule (one on ports list) tried aircrack-ng after
>> patching. (results similar to Lyubomir Grigorov).
>>
>> For now, it looks that if_ath is problematic either way,
>> and we are waiting for someone with (possibly) if_bwn
>> to ensure patching was beneficial at all/step in right
>> direction.
>>
>> I personally want to take ahdemo support of if_ath out
>> of equation presently, unless somebody feels capable
>> of investigating it on their own.
>>
>> (I'm using if_ath too, and airodump both in monitor/ahdemo
>> works, but with aircrack situation is same as before).
>
> I tested bwn injection in ahdemo long ago (and bwn have not changed at
> all from that time on CURRENT).
>
> There is one caveat with bwn driver:
>
> The interface (wlan0 from bwn0) must be set to UP with ifconfig.
> Setting it with aireplay/airodump may result in kernel panic but
> usually you will just get blank output from aireplay/airodump.

Correct. I'd even go further, the interface has not only to be "up" it
must also not be scanning. As in, if you do

ifconfig wlan0 create .. wlanmode ahdemo
ifconfig wlan0 up

It will start a scan immediately and because of the missing
configuration never ever stop scanning as long as there is no open
network available. This is because it fails to create a BSS without a
SSID being configured and tries to find one to connect to. To
workaround this, provide enough information for the interface to go
into RUN state

ifconfig wlan0 create.. wlanmode ahdemo
ifconfig wlan0 ssid foobar channel 1 up

and wait for it to go in RUN state before using any other utility.
This at least works for the wlaninject utility, the aircrack case is
something else, it needs more work, either not playing with the
interface flags at all, or waiting until the interface is in
appropriate state.

Honestly, I get the intention behind not allowing to inject frames in
monitor mode, but why ahdemo is used is beyond me. At least the
current ahdemo functionality is not that useful for any kind of
injection.

-- 
Bernhard