Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)

From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-07-29 17:09:04 UTC

• Next message: Jun Sun: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Previous message: Jouni Malinen: "Re: HAP and Firmware AP identification"
• In reply to: Eric Johanson: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Next in thread: Jun Sun: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Reply: Jun Sun: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

On Fri, Jul 26, 2002 at 10:26:51PM -0700, Eric Johanson wrote:

> My question: We hop channels to find APs. (see below). Is there any way
> to build a hopper that could tell if it's a good time to change? some
> type of 'busy' flag? or a method to change channels 'at the end of the
> next packet'?

I'm not aware of any mechanism for this. The driver will get interrupted when the RX packet is ready, but there is no info about the packet receiption start to the driver. The firmware code could of course take care of this so that it would delay channel change commands should there be pending packets. I do not know, whether it has any functionality like this.

Since the stations scan different channels every now and then (at least if the signal quality to current AP drops), there might be some optimization that would not change the channel during pending RX. However, whether these same limits work when the channel is changed based on the host driver command is not that clear. It would be nice to get the firmware source code to verify this, but no such luck..

> We are getting lots of these messages when changing the channel rapidly.
>
> wlan0: prism2_rx_80211: len(19878) > MAX(2304)
>
> (len changes, normally less than 32k, but 10k is typical). If I'm reading
> that right, it's a packet that exceeds the expected frame size for
> 802.11. Either somebody is doing something VERY nasty to me right now
> (w/ very good timing when I enable the hopper), or it's being caused by
> the rapid switching.

I would guess that this is due to performing MAC port0 disable command during RX operation. The firmware could, e.g., abort the operation and the still pass the frame (at least in monitor mode) to the host driver with a broken RX header.

I don't known whether there are any mechanism for avoiding this when using monitor mode. With firmware-based AP scanning, similar problems would not probably happen--or at least they would not be visible in the host driver. However, programs like kismet might be forced to use monitor mode to records all the information they need.

-- 
Jouni Malinen                                            PGP id EFC895FA

• Next message: Jun Sun: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Previous message: Jouni Malinen: "Re: HAP and Firmware AP identification"
• In reply to: Eric Johanson: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Next in thread: Jun Sun: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Reply: Jun Sun: "Re: [KISMET] [PATCH] Support for prism2 hostap drivers (fwd)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]