Wireshark
the world's foremost network protocol analyzer
Wireshark-users: Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
From: "Shahed Moolji" <shahed100@xxxxxxxxx>
Date: Tue, 13 Jan 2009 01:29:38 +0000
Ok I think I get it ... So If I really want to see whats going on (like how an client associates with an AP) I just need to have another device talk to the AP, and monitor the conversation.. THANKS !! 2009/1/13 Guy Harris <guy@xxxxxxxxxxxx>: > > On Jan 12, 2009, at 5:05 PM, Shahed Moolji wrote: > >> I have a MacMini running 10.5.4, and though I can capture data frames >> on en0, when I try to capture wifi headers, the wifi connection drops. > > Many 802.11 adapters and their drivers will > > 1) only supply control or management frames in monitor mode > > and > > 2) not remain associated with a network in monitor mode. > > Unfortunately, this includes at least some of the Mac adapters and Mac > OS X drivers. > >> I have searched a bit and see some users having problems, but am not >> sure if this is a know issue, as the wiki seems to suggest that >> capturing >> Link Layer frames should work on MacOS. > > It *does* work. > > It just doesn't work while associated with a network. > > To quote the Wiki page to which I assume you're referring: > > So in order to capture all traffic that the adapter can receive, the > adapter must be put into "monitor mode", sometimes called "rfmon > mode". In this mode, the driver will not make the adapter a member of > any service set, so it won't support sending any traffic and will only > supply received packets to a packet capture mechanism, not to the > networking stack. This means that the machine will not be able to use > that adapter for network traffic; if it doesn't have any other network > adapters, it will not be able to: > > o resolve addresses to host names using a network protocol such as > DNS; > o save packets to a file on a network file server; > etc.. > ___________________________________________________________________________ > Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx> > Archives: http://www.wireshark.org/lists/wireshark-users > Unsubscribe: https://wireshark.org/mailman/options/wireshark-users > mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe >
- Follow-Ups:
- Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
- From: Guy Harris
- Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
- References:
- [Wireshark-users] Capturing Wifi Control Frames on MacOS
- From: Shahed Moolji
- Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
- From: Guy Harris
- [Wireshark-users] Capturing Wifi Control Frames on MacOS
- Prev by Date: Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
- Next by Date: Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
- Previous by thread: Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
- Next by thread: Re: [Wireshark-users] Capturing Wifi Control Frames on MacOS
- Index(es):