From mboxrd@z Thu Jan 1 00:00:00 1970 From: Pavel Roskin Date: Tue, 02 Mar 2010 22:45:20 -0500 Subject: [ath9k-devel] ath9k: injecting frames at a rate other than 1Mbps In-Reply-To: <40101cc31003021325w4d65f116g6711b2d60cb66ff9@mail.gmail.com> References: <40101cc31003021325w4d65f116g6711b2d60cb66ff9@mail.gmail.com> Message-ID: <1267587920.30055.1.camel@mj> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: ath9k-devel@lists.ath9k.org On Tue, 2010-03-02 at 22:25 +0100, rootkit85 at yahoo.it wrote: > Do you inject from userspace or kernelspace? > How do you know that they are sent at 1 Mbit? Do you sniff from another pc? > My patch was tested only with kernelspace injection, feedback is welcome. I think that part is wrong: + if (sband->bitrates[i].bitrate <= + *iterator.this_arg * 5) { + info->control.rates[0].idx = i; + break; + } If a bitrate is less than the requested one, it would still match. I think we should require an exact match. Requests to use an unsupported rate should result in dropping the packet. That applies to rate 0 as well, unless there is a special interpretation in the standard. I don't see any: http://www.radiotap.net/defined-fields/Rate I tried the part of you patch that handles IEEE80211_RADIOTAP_RATE, but it still would not work. It turns out the rate control would override the rate. I don't see an easy way to prevent it short of introducing another flag. I've made an alternative patch and I'll submit it to linux-wireless shortly. It actually works for userspace injection. -- Regards, Pavel Roskin