From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark Gannon Date: Tue, 24 Mar 2015 15:35:26 -0400 Subject: [ath9k-devel] Packet Injection in Monitor Mode Sending Packets Twice Message-ID: <2811559.G0lnPVeIZP@scooby> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: ath9k-devel@lists.ath9k.org I'm currently troubleshooting a problem using the ath9k driver where by packets injected via libpcap are sent twice with slightly different radiotap headers. The issue happens with different software injecting the packets. The system is an up to date Gentoo box where uname -a shows: Linux scooby 3.18.5-gentoo #1 SMP PREEMPT Wed Feb 4 16:54:06 EST 2015 x86_64 AMD A6-3650 APU with Radeon(tm) HD Graphics AuthenticAMD GNU/Linux lspci shows the card as: 02:00.0 Network controller: Qualcomm Atheros AR93xx Wireless Network Adapter (rev 01) In order to create the problem: 1. Load the driver: modprobe ath9k debug=0x00000282 Note: The problem happens with or without the debug parameters 2. Create the monitor interface using: iw dev wlan0 interface add fish0 type monitor flags none iw reg set US ifconfig fish0 up 3. Download and build the packetspammer application from: https://wireless.wiki.kernel.org/en/users/Documentation/packetspammer Note: I edited Makefile to remove the -werror that was causing the make to fail. 4. Start Wireshark listening to the fish0 interface. 5. Run packetspammer: ./packetspammer -d 1000000000000000000000000000 fish0 Note: The long delay is to make the issue easier to see in the trace. Result: Wireshark shows two packets with slightly different lengths due to differences in the radiotap header. The second packet has a much smaller radiotap header only setting the speed. In examining the driver code in the kernel tree, there appears to be a difference between main.c and htc_drv_main.c with regard to packet injection. The latter includes a section with the comment: "Associate a station with the interface for packet injection." After the comment, is code to associate a station with the interface. As near as I can tell, this process doesn't occur in main.c, which is the code being executed for my NIC. Could this be the reason for the duplicate packets? Any help addressing this issue is greatly appreciated. Regards, Mark Gannon -- You have to accept whatever comes, and the only important thing is that you meet it with the best you have to give. ? Eleanor Roosevelt -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 181 bytes Desc: This is a digitally signed message part. Url : http://lists.ath9k.org/pipermail/ath9k-devel/attachments/20150324/10262918/attachment.pgp