On Tue, May 08, 2007 at 12:38:11PM +0100, Ritesh Taank wrote:
> My ipw2200 card is in Managed mode as it is actually connected to the
> wlan being studied, and receiving and sending real traffic.
>
> I know that the card must be put into Monitor mode if I want to see all
> the 802.11 data in my Wireshark captures, but then obviously i lose
> connectivity from the wlan, and thus cannot send or receive real traffic
> data anymore - which goes against what i am trying to do in my
> experiments. Thus, the card must remain in a Managed mode, and yet still
> pass all 802.11 information up to Wireshark. This is my dilemma.
>
> I have searched endlessly on the Internet for ways around this, and have
> found only a few articles that touch briefly on the subject, without
> giving too much detail. From what i'm reading out there, i think there
> is a way around this by using a specific type of card/driver
> combination?
While in managed (or whatever) mode, do an ifconfig rtap0 up
(if promiscous has been compiled into the driver you have something like
this in your /etc/modprobe.d/ipw2200: options ipw3945 rtap_iface=1.
Now capture on the rtap0 interface. It will provide radiotap headers and
(almost) all of the mangement frames.
ciao
Joerg
--
Joerg Mayer <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
