Creating a Monitor Mode Interface
This document does not apply to "old" versions of MadWifi (Prior to November 2005).
NOTE: because a station VAP is created by default, wlanconfig will fail to create an AP VAP (for MadWifi releases >1407) unless the parameter 'autocreate=none' is passed when loading the ath_pci module. See UserDocs/autocreate for details.
wlanconfig ath0 destroy
And then to create an interface (called ath0) in monitor mode, issue the command:
wlanconfig ath0 create wlandev wifi0 wlanmode monitor
wlanconfig ath create wlandev wifi0 wlanmode monitor
The only difference is the lack of '0' in the second command. The kernel will give the interface the lowest free integer as its suffix. More information and examples can be found in man wlanconfig 8, and UserDocs/MonitorMode.
To finish bring the interface up
ifconfig ath0 up
By default, monitor mode receives packets with prism2 headers prepended on them. To change this, you must run one of the following:
- Only 802.11 headers: echo '801' > /proc/sys/net/ath0/dev_type
- Prism2 headers: echo '802' > /proc/sys/net/ath0/dev_type
- Radiotap headers: echo '803' > /proc/sys/net/ath0/dev_type
- Atheros Descriptors: echo '804' > /proc/sys/net/ath0/dev_type
NOTE: tcpdump and related programs may be unable to use filters such as "wlan src" on packets with extra headers. There is a program "prism-strip" which will strip Prism2 headers from a capture file, enabling filters to be used on an existing file if the capture cannot be repeated with only 802.11 headers