On 4/24/13 1:33 AM, Pontus Fuchs wrote:
> On 2013-04-24 04:34, Guy Harris wrote:
>>
>> On Apr 22, 2013, at 3:12 AM, Vladimir Bondar
>> <vladimir91.bondar@xxxxxxxxx> wrote:
>>
>>> I'm a student who wants to take a part in Wireshark for Android
>>> developing.
>>> I have just read about that, and I have a question does it work only
>>> with RTL 8187 adapter?
>
> I have captured raw 802.11 frames on a number of different Android devices.
>
>> libpcap can be compiled for Android; that's what Wireshark would use
>> for Android, just as it uses libpcap or WinPcap on other OSes.
>
> If fact, if you compile engineering builds of Android tcpdump is
> included by default.
>
>> The only way in which libpcap knows about particular Wi-Fi adapters is
>> in code it uses to put adapters into monitor mode if the driver is
>> *not* a mac80211 driver; I *suspect* the drivers for adapters used on
>> Android machines are new enough that they're mac80211 drivers.
>
> Unfortunately this is not universally true. A lot of devices use
> proprietary drivers that lacks monitor mode support.
The "RTL 8187" might be a reference to Android PCAP, which allows packet
capture on non-rooted Android devices but is currently limited to
adapters using that particular chipset:
http://www.kismetwireless.net/android-pcap/