Monitor mode not working for iwi(4) on 7.X

Bernhard Schmidt bschmidt at techwires.net
Fri Oct 8 17:47:17 UTC 2010 

On Friday 08 October 2010 19:36:13 Bernhard Schmidt wrote:
> On Friday 08 October 2010 18:59:44 Paul B Mahol wrote:
> > On 10/8/10, Alexey Dokuchaev <danfe at freebsd.org> wrote:
> > > On Fri, Oct 08, 2010 at 03:20:08PM +0000, Paul B Mahol wrote:
> > >> On 10/8/10, Alexey Dokuchaev <danfe at freebsd.org> wrote:
> > >> > On Thu, Oct 07, 2010 at 08:43:37PM +0200, Bernhard Schmidt wrote:
> > >> >> Try the attached patch, this is basically the code from stable/6
> > >> >> ported to head and stable/7. I did only some basic tests but
> > >> >> monitor mode seems to work and it is still possible to use the
> > >> >> card in STA mode.
> > >> > 
> > >> > Unfortunately, I am getting instant panic when trying any of
> > >> > aircrack-ng suite utilities ("ifconfig iwi0 scan/list scan" works
> > >> > though):
> > >> > 
> > >> > Fatal trap 12: page fault while in kernel mode
> > >> > processor eflags        = interrupt enabled, resume, IOPL = 0
> > >> > current process         = 35 (iwi0 taskq)
> > >> > 
> > >> > Any suggestions?
> > >> 
> > >> 7.X is buggy regarding taskqueue, I think (maybe it is net80211 bug
> > >> and not iwi fault).
> > > 
> > > That's a sad thing to hear about stable branch.
> > > 
> > >> Does it panic with tcpdump too?
> > > 
> > > Bernhard's tests indicate it's not.  However, me doing "ifconfig iwi0
> > > mediaopt monitor" here resulted in immediate panic (did not catch the
> > > core this time, but I'm positive it's the same as with aircrack-ng).
> > 
> > Looks like SMP issue.
> > Let me look if it is something obvious.
> 
> After having another cup of coffee it's pretty obvious what's wrong.. and I
> really wonder how that could have worked during my tests yesterday. Just to
> be sure I did the same tests again today and it still worked. The only
> difference between what I did and your scenario is, that I didn't use
> ifconfig iwi0 mediaopt monitor
> but
> ifconfig iwi0 monitor
> instead.. anyways..
> 
> ic != sc
> 
> Attached patched should behave better now.

Sorry.. correct one this time.

> alix# kldload if_iwi
> iwi0: <Intel(R) PRO/Wireless 2200BG> mem 0xe0040000-0xe0040fff irq 10 at
> device
> 12.0 on pci0
> iwi0: Ethernet address: 00:16:6f:64:37:68
> iwi0: [ITHREAD]
> kalix# kldload wlan_scan_sta
> alix# ifconfig iwi0 -mediaopt monitor
> alix# ifconfig iwi0 channel 1 up
> alix# aireplay-ng -9 iwi0
> 00:34:10  Trying broadcast probe requests...
> 00:34:12  No Answer...
> 00:34:12  Found 1 AP
> 
> 00:34:12  Trying directed probe requests...
> 00:34:12  00:15:6D:84:06:6B - channel: 1 - 'aplab'
> wi_write(): Input/output error
> wi_write(): Input/output error
> ^C/ 6:   0%
> alix# tcpdump -nei iwi0 -y IEEE802_11_RADIO
> tcpdump: data link type IEEE802_11_RADIO
> tcpdump: WARNING: iwi0: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on iwi0, link-type IEEE802_11_RADIO (802.11 plus BSD radio
> information
>  header), capture size 96 bytes
> 00:37:56.039527 1.0 Mb/s 2412 MHz 11g antenna 0 37dB signal
> BSSID:00:15:6d:84:06
> 
> :6b DA:ff:ff:ff:ff:ff:ff SA:00:15:6d:84:06:6b Beacon (aplab) [1.0* 2.0*
> :5.5*
> 
> 11.
> 0* 6.0 9.0 12.0 18.0 Mbit] ESS CH: 1, PRIVACY

-- 
Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iwi_monitor-stable7-v2.diff
Type: text/x-patch
Size: 3296 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20101008/7ffd83dc/iwi_monitor-stable7-v2.bin

More information about the freebsd-net mailing list