On Wednesday 08 November 2006 21:35, Matthias Kilian wrote:
> On Sun, Oct 29, 2006 at 04:15:40PM +0100, Steffen Schuetz wrote:
> > With ath(4) only detecting networks worked; i was not able to
> > capture data packets.
>
> I've got another report where not even detection worked. Which
> capture source did you use?
source=radiotap_bsd_b,ath0,radiotap_bsd_b
> > The ral(4) card didn't work in monitor mode - i had to disable
> > the monitor mode by hand using ifconfig _after_ starting kismet.
> > But even then only discovering networks worked for me.
>
> I just veryfied that ral(4) doesn't work (using radiotap_bsd_b),
> however I didn't try the part disabling monitor mode.
>
> On the other hand, tcpdump -y IEEE802_11_RADOI *did* work. Time to
> have a look at the OpenBSD specific parts of pcapsource.cc, I guess.
I've an update regarding ral and kismet - detecting networks _and_ capturing
data using a ral card with kismet works now for me.
There were two problems to solve.
The first problem was the ral driver not reporting channel changes back to the
application.
There is a bug report ( kernel/5321 ) which includes a patch for this.
And the second problem was loosing promiscuous mode on the card.
It seems that inside PcapSource::OpenSource() right after
calling pcap_set_datalink(pd, DLT_IEEE802_11_RADIO), the promiscuous mode gets
unset.
To make sure the card is in promiscuous mode while running kismet, i've added
one
ioctl after the pcal_set_datalink call.
And then it works for me.
A patch against your port which includes my changes is at the end of this
message.
After that patch you can find the dmesg, just to show on which hardware i've
tested.
Steffen
--8<------8<------8<------8<------8<------8<------8<------8<------8<------8<
Index: net/kismet/patches/patch-pcapsource_cc
===================================================================
RCS file: /home/cvsync/ports/net/kismet/patches/patch-pcapsource_cc,v
retrieving revision 1.2
diff -u -r1.2 patch-pcapsource_cc
--- net/kismet/patches/patch-pcapsource_cc 1 Nov 2006 21:13:20 -0000
1.2
+++ net/kismet/patches/patch-pcapsource_cc 3 Dec 2006 16:43:28 -0000
@@ -5,8 +5,19 @@
# close(2).
--- pcapsource.cc.orig Sun Apr 2 17:13:00 2006
-+++ pcapsource.cc Fri Oct 20 13:42:27 2006
-@@ -124,17 +124,17 @@ int PcapSource::OpenSource() {
++++ pcapsource.cc Sun Dec 3 17:43:08 2006
+@@ -108,7 +108,9 @@ typedef unsigned long u64;
+ #ifdef HAVE_LIBPCAP
+
+ // This is such a bad thing to do...
+-// #include <pcap-int.h>
++#if defined(SYS_OPENBSD)
++#include <pcap-int.h>
++#endif
+
+ // Pcap global callback structs
+ pcap_pkthdr callback_header;
+@@ -124,17 +126,18 @@ int PcapSource::OpenSource() {
pd = pcap_open_live(unconst, MAX_PACKET_LEN, 1, 1000, errstr);
@@ -19,6 +30,7 @@
/* Request desired DLT on multi-DLT systems that default to EN10MB. We do
this
later anyway but doing it here ensures we have the desired DLT from
the get go. */
pcap_set_datalink(pd, DLT_IEEE802_11_RADIO);
++ ioctl(pd->fd, BIOCPROMISC, NULL);
#endif
- free(unconst);
@@ -29,7 +41,7 @@
paused = 0;
errstr[0] = '\0';
-@@ -146,7 +146,7 @@ int PcapSource::OpenSource() {
+@@ -146,7 +149,7 @@ int PcapSource::OpenSource() {
#ifdef HAVE_PCAP_NONBLOCK
pcap_setnonblock(pd, 1, errstr);
@@ -38,7 +50,7 @@
// do something clever (Thanks to Guy Harris for suggesting this).
int save_mode = fcntl(pcap_get_selectable_fd(pd), F_GETFL, 0);
if (fcntl(pcap_get_selectable_fd(pd), F_SETFL, save_mode | O_NONBLOCK) <
0) {
-@@ -180,6 +180,20 @@ int PcapSource::FetchSignalLevels(int *i
+@@ -180,6 +183,20 @@ int PcapSource::FetchSignalLevels(int *i
return 0;
}
@@ -59,7 +71,7 @@
// Errorcheck the datalink type
int PcapSource::DatalinkType() {
datalink_type = pcap_datalink(pd);
-@@ -233,7 +247,13 @@ int PcapSource::CloseSource() {
+@@ -233,7 +250,13 @@ int PcapSource::CloseSource() {
}
int PcapSource::FetchDescriptor() {
@@ -73,7 +85,7 @@
}
void PcapSource::Callback(u_char *bp, const struct pcap_pkthdr *header,
-@@ -291,7 +311,8 @@ int PcapSource::ManglePacket(kis_packet
+@@ -291,7 +314,8 @@ int PcapSource::ManglePacket(kis_packet
int ret = 0;
memset(packet, 0, sizeof(kis_packet));
@@ -83,7 +95,7 @@
packet->data = data;
packet->moddata = moddata;
packet->modified = 0;
-@@ -310,9 +331,35 @@ int PcapSource::ManglePacket(kis_packet
+@@ -310,9 +334,35 @@ int PcapSource::ManglePacket(kis_packet
ret = Radiotap2KisPack(packet, data, moddata);
#endif
} else {
@@ -120,7 +132,7 @@
ret = 1;
}
-@@ -2054,7 +2101,10 @@ int monitor_ipwlivetap(const char *in_de
+@@ -2054,7 +2104,10 @@ int monitor_ipwlivetap(const char *in_de
return -1;
}
@@ -132,7 +144,7 @@
// We're done with the RO
fclose(sysf);
-@@ -2084,7 +2134,10 @@ int monitor_ipwlivetap(const char *in_de
+@@ -2084,7 +2137,10 @@ int monitor_ipwlivetap(const char *in_de
return -1;
}
@@ -144,7 +156,7 @@
fclose(sysf);
-@@ -2353,38 +2406,10 @@ int monitor_wrt54g(const char *in_dev, i
+@@ -2353,38 +2409,10 @@ int monitor_wrt54g(const char *in_dev, i
#endif
#ifdef SYS_OPENBSD
@@ -186,7 +198,7 @@
}
int monitor_openbsd_prism2(const char *in_dev, int initch, char *in_err, void
**in_if, void *in_ext) {
-@@ -2436,30 +2461,6 @@ int monitor_openbsd_prism2(const char *i
+@@ -2436,30 +2464,6 @@ int monitor_openbsd_prism2(const char *i
return -1;
}
@@ -217,7 +229,7 @@
// Enable driver processing of 802.11b frames
bzero((char *)&wreq, sizeof(wreq));
wreq.wi_len = WI_MAX_DATALEN;
-@@ -2473,14 +2474,17 @@ int monitor_openbsd_prism2(const char *i
+@@ -2473,14 +2477,17 @@ int monitor_openbsd_prism2(const char *i
return -1;
}
@@ -237,7 +249,7 @@
snprintf(in_err, 1024, "Roaming disable ioctl failed: %s",
strerror(errno));
}
-@@ -2750,7 +2754,7 @@ bool RadiotapBSD::getmediaopt(int& optio
+@@ -2750,7 +2757,7 @@ bool RadiotapBSD::getmediaopt(int& optio
return false;
memset(&ifmr, 0, sizeof(ifmr));
@@ -246,7 +258,7 @@
/*
* We must go through the motions of reading all
-@@ -2775,7 +2779,7 @@ bool RadiotapBSD::setmediaopt(int option
+@@ -2775,7 +2782,7 @@ bool RadiotapBSD::setmediaopt(int option
return false;
memset(&ifmr, 0, sizeof(ifmr));
@@ -255,7 +267,7 @@
/*
* We must go through the motions of reading all
-@@ -2803,7 +2807,7 @@ bool RadiotapBSD::setmediaopt(int option
+@@ -2803,7 +2810,7 @@ bool RadiotapBSD::setmediaopt(int option
delete mwords;
memset(&ifr, 0, sizeof(ifr));
@@ -264,7 +276,7 @@
ifr.ifr_media = (ifmr.ifm_current &~ IFM_OMASK) | options;
ifr.ifr_media = (ifr.ifr_media &~ IFM_MMASK) | IFM_MAKEMODE(mode);
-@@ -2857,7 +2861,7 @@ bool RadiotapBSD::get80211(int type, int
+@@ -2857,7 +2864,7 @@ bool RadiotapBSD::get80211(int type, int
if (!checksocket())
return false;
memset(&ireq, 0, sizeof(ireq));
@@ -273,7 +285,7 @@
ireq.i_type = type;
ireq.i_len = len;
ireq.i_data = data;
-@@ -2875,7 +2879,7 @@ bool RadiotapBSD::set80211(int type, int
+@@ -2875,7 +2882,7 @@ bool RadiotapBSD::set80211(int type, int
if (!checksocket())
return false;
memset(&ireq, 0, sizeof(ireq));
@@ -282,7 +294,7 @@
ireq.i_type = type;
ireq.i_val = val;
ireq.i_len = len;
-@@ -2892,6 +2896,7 @@ bool RadiotapBSD::getifflags(int& flags)
+@@ -2892,6 +2899,7 @@ bool RadiotapBSD::getifflags(int& flags)
return false;
strncpy(ifr.ifr_name, ifname.c_str(), sizeof (ifr.ifr_name));
--8<------8<------8<------8<------8<------8<------8<------8<------8<------8<
OpenBSD 4.0-current (GENERIC) #2: Sun Dec 3 21:54:55 CET 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 1073278976 (1048124K)
avail mem = 907567104 (886296K)
using 22937 buffers containing 107536384 bytes (105016K) of memory
mainbus0 (root)
bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf0630 (22 entries)
bios0: MSI MS-6702
acpi at mainbus0 not configured
cpu0 at mainbus0: (uniprocessor)
cpu0: AMD Athlon(tm) 64 Processor 3400+, 2400.42 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,NXE,MMXX,LONG,3DNOW2,3DNOW
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative
pci0 at mainbus0 bus 0: configuration mode 1
pchb0 at pci0 dev 0 function 0 "VIA K8HTB Host" rev 0x01
ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Radeon VE QY" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
wi0 at pci0 dev 5 function 0 "Eumitcom WL11000P" rev 0x02: irq 11
wi0: "Belkin, 11Mbps Wireless Notebook Network Adapter, Version 01.02"
wi0: PRISM2 HWB3163 rev.A (0x8002), Firmware 0.3.0 (primary), 0.8.3 (station),
address 00:30:bd:63:8d:7c
ppb1 at pci0 dev 6 function 0 "Intel S21152BB PCI-PCI" rev 0x00
pci2 at ppb1 bus 2
"D-Link Systems 550TX" rev 0x14 at pci2 dev 4 function 0 not configured
"D-Link Systems 550TX" rev 0x14 at pci2 dev 5 function 0 not configured
"D-Link Systems 550TX" rev 0x14 at pci2 dev 6 function 0 not configured
"D-Link Systems 550TX" rev 0x14 at pci2 dev 7 function 0 not configured
ral0 at pci0 dev 7 function 0 "Ralink RT2561S" rev 0x00: irq 12, address
00:18:39:19:c6:bf
ral0: MAC/BBP RT2561C, RF RT2527
re0 at pci0 dev 11 function 0 "Realtek 8169" rev 0x10: irq 11, address
00:11:09:8f:0f:2e
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0
pciide0 at pci0 dev 13 function 0 "Promise PDC20378" rev 0x02: DMA
pciide0: using irq 10 for native-PCI interrupt
"VIA VT6306 FireWire" rev 0x80 at pci0 dev 14 function 0 not configured
pciide1 at pci0 dev 15 function 0 "VIA VT6420 SATA" rev 0x80: DMA
pciide1: using irq 10 for native-PCI interrupt
pciide2 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, channel
0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide2 channel 0 drive 0: <HDS722516VLAT20>
wd0: 16-sector PIO, LBA48, 157066MB, 321672960 sectors
atapiscsi0 at pciide2 channel 0 drive 1
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <ATAPI, DVD DD 2X16X4X16, G7N9> SCSI0 5/cdrom
removable
wd0(pciide2:0:0): using PIO mode 4, Ultra-DMA mode 2
cd0(pciide2:0:1): using PIO mode 4, Ultra-DMA mode 2
pciide2: channel 1 disabled (no drives)
uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: irq 11
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: irq 10
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: irq 10
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: irq 12
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
viapm0 at pci0 dev 17 function 0 "VIA VT8237 ISA" rev 0x00
iic0 at viapm0
iic0: addr 0x2f 00=10 01=0f 02=10 03=01 04=07 05=00 06=18 07=00 08=00 14=14
15=62 16=02 17=05
auvia0 at pci0 dev 17 function 5 "VIA VT8233 AC97" rev 0x60: irq 12
ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0)
audio0 at auvia0
pchb1 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00
pchb2 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00
pchb3 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00
pchb4 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00
isa0 at mainbus0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
lm0 at isa0 port 0x290/8: W83697HF
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
uhub5 at uhub3 port 2
uhub5: Texas Instruments TUSB2046 hub, rev 1.10/1.25, addr 2
uhub5: 4 ports with 4 removable, self powered
uhidev0 at uhub5 port 3 configuration 1 interface 0
uhidev0: Justcom Technology USB KVM Switch, rev 1.10/1.00, addr 3, iclass 3/1
ukbd0 at uhidev0: 8 modifier keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub5 port 3 configuration 1 interface 1
uhidev1: Justcom Technology USB KVM Switch, rev 1.10/1.00, addr 3, iclass 3/1
ums0 at uhidev1: 3 buttons and Z dir.
wsmouse0 at ums0 mux 0
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
