Please note: This project is no longer active. The website is kept online for historic purposes only.
If you´re looking for a Linux driver for your Atheros WLAN device, you should continue here .

Ticket #2272 (new defect)

Opened 13 years ago

Wrong MAC sent on broadcast data frames after associating

Reported by: antareus@live.com Assigned to:
Priority: major Milestone:
Component: madwifi: other Version: v0.9.4
Keywords: Cc:
Patch is attached: 0 Pending: 0

Description

I need to change the MAC address of a local adapter before associating to an AP.

I followed the directions under the FAQ regarding this point, but they do not help. The MAC, according to ifconfig, changes on the physical wifiX device, and the subsequent station VAP that is recreated. So far, so good.

I start associating, and see (with Wireshark) that the new MAC is used by the client when communicating with the AP. Association completes successfully; that is, the VAP's entry in /proc/net/wireless is 4, and /sys/class/net/vap/carrier changes to 1. Then, the script sends an ARP request, or requests an address via DHCP. (Note in both cases a raw socket is opened on the VAP, this may have something to do with it.) The 'real' address of the card is sent, not the modified one I set previously. The AP deauthorizes the client with the 'real' address, as it should, and the card complies. The /proc/net/wireless entry changes to 2, or 3, and attempts to reauthorize. This does not always complete.

The one way I have gotten it to work is to down the interface while Kismet is using it in monitor mode, change the MAC, and up it again. However, this seems dangerous, and does not work in releases after 0.9.4.