Kismet Wireless

Kismet Forums

 

Posted by:dragorn
Subject:Receiving 802.11N packets on Fedora 11
Date:13:46:47 07/10/2009

> I have a lenovo ThinkPad T61p laptop with an IWP4965N chipset that runs under Fedora 11 and that I want to use as a monitoring device. I would like to monitor 802.11N client to access point communication. If I start kismet and lock the 802.11N access point to the appropriate channel, I should start to see the packet count incrementing at the rate the client is sending traffic, but this is not what I am seeing. I don't think this is an issue with kismet, because tcpdump is reporting packets at same rate as kismet. However, I am trying to understand what is going on, whether this is a driver/kernel problem or not. I know that with a Fedora 11 client, I can connect to an 802.11N access point, so this is a bit puzzling. When I try to listen to traffic, I am not seeing all the packets. The only packets I am seeing that are exchanged between the client and the AP are all broadcast packets on port 137 and sometimes an ARP broadcast. Even though I am streaming some traffic on the client, I can't see that traffic for some reason. If I connect my client to another access point on a G-channel instead of an N-channel, I can see all its traffic with kismet and tcpdump. I am wondering why I can't see N-channel end-user traffic using tcpdump or kismet on my Fedora system. Maybe someone from this forum can explain.

Capturing 11n in linux is problematic (i've never seen it work, currently).

It will probably require +40/-40 channel support, which will lead to 3x the hopping length per scan, etc.

At the moment I don't know if it works in any drivers. 11n has never been usable with any device in Linux for me.

If you want to try some tests, set kismet to not hop channels, start it up, then set your channel manually with 'iw', and use the 40+ or 40- applicable to your setup (something like 'iw dev wlan0mon set channel 48 HT40+') and let me know what happens.

-m


Reply to this message