Ethereal-users: Re: [Ethereal-users] Thank you for your attention and I just want to sniff the m
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Joerg Mayer <jmayer@xxxxxxxxx>
Date: Fri, 9 Jun 2006 13:56:06 +0200
On Fri, Jun 09, 2006 at 09:01:34AM +0800, ???? wrote:
> Dear Andreas Fink,Guy Harris and Joerg Mayer,
> Thank you for your attention and help.Please forgive me for my poor
> expression. Yes,I just want to sniff the management and control frames.
> I have activated interface and set it to monitor but still have not
> sniffed any management and control frames at all.(I used the command set it
> to monitor:"iwconfig eth1 mode monitor").Is there anything wrong?
OK, as I'm the one who wrote the section on how to capture with the
ipw2100/ipw2200 driver maybe I can help you a bit more. I do no longer
have a ipw2100 card but have a ipw2200 card instead and things should
still behave very similar as far as the drivers are concerned.
You will find a sample session below. You will need to replace the
ipw2200 by ipw2100, use the correct interface for capturing (eth1 in my
case) and use tethereal instead of tshark if you do not use current
builds. Still, everything should work. If not, please provide a trace
similar to the attached one.
Ciao
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
Script started on Fri Jun 9 13:01:17 2006
egg2:~ # uname -a
Linux egg2 2.6.16.18-3-default #1 Wed May 31 06:52:41 UTC 2006 i686 i686 i386 GNU/Linux
egg2:~ # lsb_release -a
LSB Version: core-2.0-noarch:core-3.1-noarch:core-2.0-ia32:core-3.1-ia32:*
Distributor ID: SUSE LINUX
Description: SUSE Linux 10.1.1 (i586) Pre-Alpha1
Release: 10.1.1
Codename: n/a
egg2:/home/jmayer/work/wireless/ipw # modinfo ipw2200
filename: /lib/modules/2.6.16.18-3-default/kernel/drivers/net/wireless/ipw2200.ko
description: Intel(R) PRO/Wireless 2200/2915 Network Driver
version: 1.1.1
author: Copyright(c) 2003-2006 Intel Corporation
license: GPL
vermagic: 2.6.16.18-3-default 586 REGPARM gcc-4.1
depends: ieee80211,firmware_class
alias: pci:v00008086d00001043sv00008086sd00002701bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002702bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002711bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002712bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002721bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002722bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002731bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002732bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002741bc*sc*i*
alias: pci:v00008086d00001043sv0000103Csd00002741bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002742bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002751bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002752bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002753bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002754bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002761bc*sc*i*
alias: pci:v00008086d00001043sv00008086sd00002762bc*sc*i*
alias: pci:v00008086d0000104Fsv*sd*bc*sc*i*
alias: pci:v00008086d00004220sv*sd*bc*sc*i*
alias: pci:v00008086d00004221sv*sd*bc*sc*i*
alias: pci:v00008086d00004223sv*sd*bc*sc*i*
alias: pci:v00008086d00004224sv*sd*bc*sc*i*
srcversion: C24D9705D39407D37E3F4C0
parm: roaming:enable roaming support (default on) (int)
parm: cmdlog:allocate a ring buffer for logging firmware commands (int)
parm: hwcrypto:enable hardware crypto (default off) (int)
parm: bt_coexist:enable bluetooth coexistence (default off) (int)
parm: mode:network mode (0=BSS,1=IBSS,2=Monitor) (int)
parm: burst_duration_OFDM:set OFDM burst value (int)
parm: burst_duration_CCK:set CCK burst value (int)
parm: qos_no_ack_mask:mask Tx_Queue to no ack (int)
parm: qos_burst_enable:enable QoS burst mode (int)
parm: qos_enable:enable all QoS functionalitis (int)
parm: channel:channel to limit associate to (default 0 [ANY]) (int)
parm: led:enable led control on some systems (default 0 off)
(int)
parm: auto_create:auto create adhoc network (default on) (int)
parm: associate:auto associate when scanning (default on) (int)
parm: disable:manually disable the radio (default 0 [radio on]) (int)
egg2:/home/jmayer/work/wireless/ipw # iwconfig
lo no wireless extensions.
eth0 no wireless extensions.
sit0 no wireless extensions.
eth1 unassociated ESSID:off/any
Mode:Managed Channel=0 Access Point: Not-Associated
Bit Rate=0 kb/s Tx-Power=20 dBm Sensitivity=8/0
Retry limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality:0 Signal level:0 Noise level:0
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
egg2:/home/jmayer/work/wireless/ipw # iwlist eth1 scan
eth1 Scan completed :
Cell 01 - Address: 00:40:96:33:DB:80
ESSID:"FUNKL"
Protocol:IEEE 802.11b
Mode:Master
Channel:1
Encryption key:off
Bit Rates:11 Mb/s
Extra: Rates (Mb/s): 1 2 5.5 11
Quality=35/100 Signal level=-79 dBm
Extra: Last beacon: 5096ms ago
egg2:/home/jmayer/work/wireless/ipw # iwconfig eth1 mode monitor
egg2:/home/jmayer/work/wireless/ipw # iwconfig eth1 channel 1
egg2:/home/jmayer/work/wireless/ipw # tshark -i eth1
Duplicate field detected in call to proto_register_field_array: rtcp.profile-specific-extension is already registered
Capturing on eth1
0.000000 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=565,FN=0,BI=100, SSID: "FUNKL"
0.025122 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=566,FN=0,BI=100, SSID: "FUNKL"
0.027803 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=567,FN=0,BI=100, SSID: "FUNKL"
0.127854 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=568,FN=0,BI=100, SSID: "FUNKL"
0.231884 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=569,FN=0,BI=100, SSID: "FUNKL"
0.335877 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=570,FN=0,BI=100, SSID: "FUNKL"
2.484073 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=603,FN=0,BI=100, SSID: "FUNKL"
2.560022 Cisco_1a:37:e6 -> Broadcast ARP Who has 131.246.70.247? Tell 131.246.70.98
2.588300 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=605,FN=0,BI=100, SSID: "FUNKL"
2.688027 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=608,FN=0,BI=100, SSID: "FUNKL"
2.792032 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=610,FN=0,BI=100, SSID: "FUNKL"
2.896045 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=612,FN=0,BI=100, SSID: "FUNKL"
2.996051 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=613,FN=0,BI=100, SSID: "FUNKL"
3.100058 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=614,FN=0,BI=100, SSID: "FUNKL"
3.200063 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=615,FN=0,BI=100, SSID: "FUNKL"
3.304709 Aironet_33:db:80 -> Broadcast IEEE 802.11 Beacon frame,SN=616,FN=0,BI=100, SSID: "FUNKL"
16 packets captured
egg2:/home/jmayer/work/wireless/ipw #
Script done on Fri Jun 9 13:45:27 2006
_______________________________________________ Ethereal-users mailing list Ethereal-users@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-users
- Follow-Ups:
- References:
- Prev by Date: Re: [Ethereal-users] Thank you for your attention and I just want to sniff the mangement and control frames
- Next by Date: [Ethereal-users] RE: Checksum Errors when analyzing hp-ux traffic
- Previous by thread: Re: [Ethereal-users] Thank you for your attention and I just want to sniff the mangement and control frames
- Next by thread: Re: [Ethereal-users] Thank you for your attention and I just want to sniff the mangement and control frames
- Index(es):