Hello,
I trying to capture 802.11 data packets but I have some problems. I use
two PCs with Redhat 8.0 kernel updated to 2.4.18-24.8.0 and card
services package pcmcia-cs-3.2.3. Also, I have installed ethereal-0.9.9
and libpcap-0.7.1 patched with libpcap-0.7.1-prism.diff from
http://www.shaftnet.org/%7Epizza/software/. I use PCMCIA cards linksys
WPC11 v2.5 with linux-wlan-ng-0.1.16-pre9 driver.
In "802.11 Wireless Network" book by Matthew S.Gast, it is said that
ethereal is able to capture 802.11 data packets using pseudo-interface
called "prism" directly from the hardware. This book uses older versions
of libpcap(0.6.2) and linux-wlan-ng (0.8.17) both applied with Tim
Newsham's monitoring patches. I have saw that the code of these patches
already are includes in the lastest versions of libpcap and
linux-wlan-ng. But, when I try to use this pseudo-interface I get the
error messages "The capture session could not be initiated (bind: No
such device)". When I choose wlan0 interface the data frames
lose the 802.11 headers by the time they get to ethereal's capture
engine.
How can I capture data frames without lose the 802.11 headers using
ethereal? Have I forgot any patch to ethereal or libpcap? Any idea,
please?
Best Regards
Johnny