Please note: This project is no longer active. The website is kept online for historic purposes only.
If you´re looking for a Linux driver for your Atheros WLAN device, you should continue here .

Ticket #1699 (new defect)

Opened 14 years ago

Last modified 14 years ago

VAP with WEP and athraw or monitor mode decrypt packets

Reported by: umon Assigned to:
Priority: minor Milestone:
Component: madwifi: other Version: trunk
Keywords: Cc:
Patch is attached: 0 Pending:


Hi All, If I use VAP with WEP encryption and trying to monitor 802.11 frames on madwifi_old and madwifi_ng (last stable versions) on monitor interfaces (ath1 or ath0raw in example) I receive not raw but decrypted packets. But on madwifi_old (20060124) everything is ok and I can get raw packets without decryption.


wlanconfig ath0 create wlandev wifi0 mode ap wlanconfig ath1 create wlandev wifi0 mode monitor iwconfig ath0 essid foo channel 1 key open s:12345


iwconfig ath0 essid foo channel 1 key open s:12345 mode master echo 1 > /proc/sys/dev/ath0/rawdev echo 1 > /proc/sys/dev/ath0/rawdev_type

Change History

12/19/07 12:06:33 changed by pochka

With madwifi-ng drivers it's posible to get RAW data on monitor interface (say ath0 - ap, ath1 - monitor) by specifing a key for ath0 with the IEEE80211_KEY_SWCRYPT flag specified.

One could do it by slightly modifing athkey utility, but thereis one problem. Driver cleans all uncommon flags which are gone from user space, so to set such a flag on the key we should humbly patch the driver.....

hopefully it changes in future...

12/19/07 17:37:17 changed by pochka

Finally i've found the trick. No need to patch driver! uff

To set the key with IEEE80211_KEY_SWCRYPT flag specified one should first invoke private ioctl and set driver_capabilities without IEEE80211_C_WEP (WEP available) flag.

Then driver will add IEEE80211_KEY_SWCRYPT to wep keys himself.

so the whole thing is like that

1) iwpriv ath0 get_driver_caps -> 2005666767 2) iwpriv ath0 driver_caps 2005666766 3) iwconfig ath0 key s:12345

4) Wow, we've got the real raw packets on ath1 (monitor)

12/20/07 10:44:16 changed by mrenzmann

Thanks for the feedback and explanation.

It would be nice if someone could write up a wiki page about the issue (with some explanation of the problem and details on the solution), in case someone else faces a similar issue. Volunteers?