TX Packets in Monitor Mode

Wireless Dude wirelessdude12345 at hotmail.com
Tue Nov 1 22:44:04 EST 2005 

Hi again,

I've managed to send packets in Monitor Mode.
As a first pass, I have just editted the driver source.
I have editted

hostap_data_start_xmit()

in hostap_80211_tx.c

and more specifically I have hard-coded the setting of,
hdr.addr1
hdr.addr2
hdr.addr3

Using this method I can set the address fields to what ever I want.
I have noticed that it is possible to change the source address (addr2).
The prism programmers manual seems to indicate that the firmware will 
automatically set addr2 but this doesn't seemd to be the case.

I am now trying to set the frame control field.
Setting fc =0x0080 (data packet type, subtype 0 , version 0), allows me to 
send a packet using the 802.11 header that is passed as part of

struct hfa384x_tx_frame txdesc;

in function
prism_tx_80211()
located in hostap_hw.c

When I try to set TODS in the frame control field the card seems to 
construct the packet using the 802.3 header info, even through the 
struct_type in the TxControl field that gets passed to the card as part of 
the hfa384x_tx_frame is set to 1 (ie 802.11 format).

Has anyone seen behaviour like this? The programmers manual doesn't mention 
much about Monitor Mode, am I trying to do the impossible here?
If anyone can point me to any extra documentation apart from the prism 
programmers manual that would be great.


James P.


>From: "Wireless Dude" <wirelessdude12345 at hotmail.com>
>To: hostap at shmoo.com
>Subject: TX Packets in Monitor Mode
>Date: Mon, 31 Oct 2005 01:15:40 -0600
>
>Hi all,
>
>I'm trying to send an arbitry packet while in monitor mode.
>(We are creating our own lightweight wireless protocol for a university 
>project).
>I adapted hostapd.c to send a packet with the payload I want.
>I put the card in monitor mode and try to send the packet.
>I have a sniffer accepting all packets, and it sees 4 packets, that look 
>like they have my created payload spread through them (data seems to be 
>there, just spread out across the 4 packets).
>My question is, can I send a packet in monitor mode?
>If not, how can I send a packet that I have constructed? ie no source addr, 
>destination addr, BSSID, type, etc..
>Is this possible using the hostap driver?
>I'm using a prism2 card and the latest hostap driver.
>
>thanks.
>James P.
>
>_________________________________________________________________
>Don’t just search. Find. Check out the new MSN Search! 
>http://search.msn.click-url.com/go/onm00200636ave/direct/01/
>


>_______________________________________________
>HostAP mailing list
>HostAP at shmoo.com
>http://lists.shmoo.com/mailman/listinfo/hostap

_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from McAfee® 
Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

More information about the HostAP mailing list