Kismet Wireless

Kismet Forums

 

Posted by:millerlai
Subject:capture source type 'madwifi_a' was not build ?
Date:12:36:09 20/01/2009

Thanks for your help.

It could work now, but I found that it could not get the signal information.
The signal value always is 0. I have read QA in README file, I am not sure that if madwifi-0.9.3.3 does not support to provide signal inforamtion???

I have set madwifi as :
/sbin/insmod /usr/lib/modules/ath_pci.ko autocreate=none

then I executing commands as following sequence:
(1) ifconfig
(2) iwconfig
(3) wlanconfig ath01 create wlandev wifi0 wlanmode monitor
(4) ifconfig ath01 down
(5) ifconfig ath01 up
(6) kismet_server -l dump -t /var/pcap -c madwifi_b,wifi0,ath01

Finally command (6), I found that the warring message as following:
"WARNING: Kismet found a non-monitor VAP ath01 on wifi0. If your drivers stop reporting packets after a short while, try reloading madwifi with the module parameter 'autocreate=none' as this often resolves this problem."

Does it mean that ath01 is not monitor mode ?? How do I to configure it as monitor mode and madwifi will not autocrate it??

Thank your help very much. ^_^
===================ifconfig output===============================
~ # ifconfig
ath01 Link encap:Ethernet HWaddr 00:90:E8:17:1A:57
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:137 errors:0 dropped:0 overruns:0 frame:0
TX packets:15910 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8602 (8.4 KiB) TX bytes:1015806 (991.9 KiB)

br0 Link encap:Ethernet HWaddr 00:90:E8:17:1A:57
inet addr:192.168.40.172 Bcast:192.168.43.255 Mask:255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14638 errors:0 dropped:0 overruns:0 frame:0
TX packets:1792 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:715178 (698.4 KiB) TX bytes:75392 (73.6 KiB)

ixp1 Link encap:Ethernet HWaddr 00:90:E8:17:1A:57
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:15946 errors:0 dropped:0 overruns:0 frame:0
TX packets:1927 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:256
RX bytes:1018408 (994.5 KiB) TX bytes:83846 (81.8 KiB)

wifi0 Link encap:Ethernet HWaddr 00:90:E8:17:1A:57
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5465 errors:0 dropped:0 overruns:0 frame:1
TX packets:15911 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:199
RX bytes:465558 (454.6 KiB) TX bytes:1396590 (1.3 MiB)
Interrupt:19
===================iwconfig output===============================
~ # iwconfig
lo no wireless extensions.

dummy0 no wireless extensions.

teql0 no wireless extensions.

gre0 no wireless extensions.

ixp1 no wireless extensions.

wifi0 no wireless extensions.

br0 no wireless extensions.

ath01 IEEE 802.11b ESSID:"morris_test"
Mode:Managed Frequency:2.437 GHz Access Point: 00:90:E8:00:46:04
Bit Rate:11 Mb/s Tx-Power=17 dBm Sensitivity=1/1
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=41/70 Signal level=-54 dBm Noise level=-95 dBm
Rx invalid nwid:230 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

===============wlanconfig and ifconfig up/down output=====================
~ # wlanconfig ath01 create wlandev wifi0 wlanmode monitor
ifconfig ath01 up
ath01
~ # ifconfig ath01 down
~ # ifconfig ath01 up

===============kismet output=====================
~ # kismet_server -l dump -t /var/pcap -c madwifi_b,wifi0,ath01
Using logname: /var/pcap
Suid priv-dropping disabled. This may not be secure.
No specific sources given to be enabled, all will be enabled.
Non-RFMon VAPs will be destroyed on multi-vap interfaces (ie, madwifi-ng)
Enabling channel hopping.
Enabling channel splitting.
NOTICE: Disabling channel hopping, no enabled sources are able to change channel.
Source 0 (ath01): Enabling monitor mode for madwifi_b source interface wifi0 channel 6...
WARNING: Kismet found a non-monitor VAP ath01 on wifi0. If your drivers stop reporting packets after a short while, try reloading madwifi with the module parameter 'autocreate=none' as this often resolves this problem.
NOTICE: Found a non-monitor VAP wifi0::ath01. Because Kismet was configured to remove non-rfmon vaps automatically, it will be destroyed. Once Kismet has exited, you must manually restore the VAP and associated network state. If you wish to NOT remove VAPs automatically, set vapdestroy=false in kismet.conf.
NOTICE: Created Madwifi-NG RFMON VAP kis0
WARNING: wifi0 appears to be using Madwifi-NG. Some versions of the Madwifi-NG drivers have problems in monitor mode, especially if non-monitor VAPs are active. If you experience problems, be sure to try the latest versions of Madwifi-NG and remove other VAPs
Source 0 (ath01): Opening madwifi_b source interface kis0...
Will attempt to put networkmanager to sleep...
Allowing clients to fetch WEP keys.
SSID cloak file did not exist, it will be created.
IP track file did not exist, it will be created.
Logging data to /var/pcap-Jan-20-2009-1.dump
Writing data files to disk every 300 seconds.
Mangling encrypted and fuzzy data packets.
Tracking probe responses and associating probe networks.
Reading AP manufacturer data and defaults from //etc/ap_manuf
Reading client manufacturer data and defaults from //etc/client_manuf
Using network-classifier based data encryption detection
Not tracking duplicate IVs
Putting networkmanager to sleep...
Dump file format: wiretap (local code) dump
Kismet 2008.05.R1 (Kismet)
Logging data
GPSD unknown host 'localhost'
Listening on port 2501.
Allowing connections from 127.0.0.1/255.255.255.255
Registering builtin client/server protocols...
Registering requested alerts...
Registering builtin timer events...
Gathering packets...
Tue Jan 20 12:27:02 2009 Found new network "<no ssid>" bssid 00:0D:0B:6C:BE:A3 Crypt Y Ch 0 @ 0.00 mbit
Tue Jan 20 12:27:02 2009 Found new network "<no ssid>" bssid 00:90:E8:00:46:04 Crypt N Ch 0 @ 0.00 mbit
Tue Jan 20 12:27:02 2009 Found IP 192.168.40.172 for <no ssid>::00:90:E8:17:1A:57 via ARP
Tue Jan 20 12:27:02 2009 Found SSID "MIS-WAP-1" for network BSSID 00:0D:0B:6C:BE:A3
Tue Jan 20 12:27:03 2009 Found new probed network "MIS-WAP-1" bssid 00:22:68:BB:14:5D
Tue Jan 20 12:27:03 2009 Found SSID "morris_test" for network BSSID 00:90:E8:00:46:04
> > Dear all,
> >
> > (1)
> > I compile kismet with cross-compiler for ARM, but I run the kismet_server will get following error message:
> >
> > FATAL: Support for capture source type 'madwifi_a' was not build. Check the output from 'configure' for more information about why it might not have been compiled in.
> >
>
> Check the output and see what's been disabled.
>
> > How can I get it to work ?
> >
> > (2)
> > And another issue is that , if I do not '--disable-pcap' it always display error message "pcapsource.cc:836: error: use of enum `ieee80211_radiotap_type' without previous declaration" when I make it.
>
> Disabling pcap removes support for all pcap based sources, such as madwifi.
>
> >
> > Does anyone could give me some idea?
> >
> > I edit capture source in kismet.config as following:
> > #===============================
> > source=madwifi_a,ath00,ath00
> > source=madwifi_a,ath01,ath01
> > source=madwifi_b,ath00,ath00
> > source=madwifi_b,ath01,ath01
> > source=madwifi_g,ath00,ath00
> > source=madwifi_g,ath01,ath01
> > source=madwifi_bg,ath00,ath00
> > source=madwifi_bg,ath01,ath01
> > source=madwifi_a,wifi0,wifi0
> > source=madwifi_b,wifi0,wifi0
> > source=madwifi_g,wifi0,wifi0
> > source=madwifi_bg,wifi0,wifi0
> >
>
> This will make things unhappy too, if you hadn't removed pcap support then they would have all stomped on eachother.
>
> -m


Reply to this message