Kismet Wireless

Kismet Forums


Posted by:bulgin
Subject:tracker,dump,netclient,export filters difficutly
Date:15:30:54 06/12/2009

I only want the traffic for BSSID(00:0D:87:D9:A0:BA) to be recorded in the pcap file.

Using the four different filters listed:
filter_tracker, filter_dump,filter_export, or filter_netclient in the kismet.conf file where, for example, filter_tracker=BSSID(00:0D:87:D9:A0:BA), records not just the traffic for example, BSSID(00:0D:87:D9:A0:BA), but a lot of other BSSID's.

To verify that this was the case, I opened up the kismet pcap-generated file in Wireshark. I was expecting to see only the traffic for BSSID(00:0D:87:D9:A0:BA), but in fact verified that there is a lot of traffic other than BSSID(00:0D:87:D9:A0:BA) being recorded in the that pcap file.


> > all at different times and in each case looking at the pcap file in wireshark, many more BSSID's are included in the pcap file other than the BSSID I have above. (I also have the encryption key added in the kismet.conf file for that BSSID)
> >
> > If, however, I put my card in wireless monitor mode, add the same wep encryption key to the configuration for that card, and watch it live in wireshark, I'm only seeing the BSSID above.
> >
> > So how exactly does one get the filters to work, if at all.
> > thanks.
> filter_dump shouldn't be mentioned in the config file as it doesn't exist. Fixed in svn.
> What do you mean by "watched live in wireshark"? Kismet filters won't have anything to do with wireshark.
> I'm unclear what you're trying to do and what you're trying to test.
> -m

Reply to this message