Archive for September 6th, 2006

madwifi, radiotap and libtrace

Spent some time today figuring out how to get low-level radio information from Atheros-based wireless cards. A madwifi device can be set to a pretty standard monitor mode, with a choice of several encapsulations. 802.11 is better than nothing, but doesn’t give the physical layer information I’m after. Radiotap and Prism monitoring headers are also supported, as well as output of the actual atheros descriptors used by the driver/HAL which contain HAL status information after each descriptor is processed by the hardware. The atheros descriptor format is something I’d like to look at later. With a choice of Prism or Radiotap, I’m going with Radiotap as it seems much saner.
Radiotap allows us to on a per-packet basis get RSSI (signal in db above noise floor), timing information (a 64-bit value in microseconds indicating when the first bit of the MPDU hit the MAC), rate, channel, and most importantly (for me at least) the 802.11 frame-check sequence which is usually stripped off the end of the frame before being passed up.
Unfortunately, it seems that pcap doesn’t know about the radiotap ARPHRD used by madwifi, which is fair enough I guess, as neither libc nor linux have defined an ARPHRD for radiotap yet. What this means is that tcpdump will fall back to linux SLL and you’ll end up with an unusable trace.
Enter libtrace. libtrace doesn’t have radiotap support yet, but after a bit of a chat with Perry I’ve got it recognising the ARPHRD madwifi uses and I can now open a trace on a live device and get the radiotap headers. Right now I’m just grabbing each frame and manually casting to a radiotap structure, but I plan on implementing proper radiotap support in libtrace over the next while, which should be interesting and allow us to do fun things like run tracedump over a radiotap trace.
So there’s a few things on my todo list now…

  • Implement proper radiotap support in libtrace
  • Add a /proc interface to madwifi monitor vaps to enable passing up frames that fail their FCS (and other error frames)
  • Figure out exactly what does/doesn’t work when creating a monitor mode vap when there’s already a sta/ap/adhoc vap around
  • Create libtrace packages for crcnet-bpc
  • Grab some decent traces from CRCnet with radiotap headers enabled
  • Analyse :)
      • That should keep me busy for a while at least… Hopefully this work will also help with things like the link-testing stuff that Ivan is up to at the moment.

      1 comment September 6th, 2006

Calendar

September 2006
M T W T F S S
« Aug   Jan »
 123
45678910
11121314151617
18192021222324
252627282930  

Posts by Month

Posts by Category