Hi everyone. Does anybody know how to capture SNR value of a WiFi link using tcpdump? I tried capturing using wireshark by showing the signal and noise but those values never exists during capturing. Thanks asked 24 Apr '13, 22:15  Tyanium |
2 Answers:
Capturing WiFi traffic including the 802.11 layer requires a little more preparation, especially on Windows (which may not be the OS in your case since you mentioned tcpdump) where you need to have an AirPCAP USB adapter to do it. See this Wiki page: http://wiki.wireshark.org/CaptureSetup/WLAN I'm not sure if TCPdump is capable of capturing the radio layer, but there are tools like airodump-ng that could help you out. answered 25 Apr '13, 01:27  Jasper ♦♦ tcpdump can capture the radio layer, but, on most OSes, you have to be in monitor mode to do that, and his libpcap and tcpdump are too old to support having tcpdump do it with the (08 May '13, 20:30) Guy Harris ♦♦ |
You'll have to put your adapter into monitor mode in order to get the radio information. Try using the airmon-ng script from aircrack-ng; there might be a Fedora 9 RPM for aircrack-ng. answered 08 May '13, 20:29  Guy Harris ♦♦ Now I put my computer in monitor mode already. But when I try to capture packets, this is what happen: My goal is to capture SINR value of a wifi channel. Do u have any idea what's going on? And please guide me to achieve my goal. Thanks (15 May '13, 21:21) Tyanium
So that was capturing on Also:
Sadly, this is an old version of tcpdump, which defaults (when it supports IPv6) to a snapshot length of 96 bytes. Try doing (15 May '13, 21:31) Guy Harris ♦♦ Thank for your comment. I tried again yet still not working. No packets are captured. [[email protected] ~]# tcpdump -s 0 -i ath0 tcpdump: bind: Network is down [[email protected] ~]# tcpdump -s 0 -i wifi0 tcpdump: WARNING: wifi0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on wifi0, link-type IEEE802_11 (802.11), capture size 65535 bytes ^C 0 packets captured 0 packets received by filter 0 packets dropped by kernel (15 May '13, 22:22) Tyanium I still don't get it, I put ath0 in monitor mode already but once typing tcpdump using ath0 it won't work [[email protected] ~]# iwconfig lo no wireless extensions. eth0 no wireless extensions. wifi0 no wireless extensions. pan0 no wireless extensions. ath0 IEEE 802.11g ESSID:"" Nickname:"" Mode:Monitor Channel:0 Access Point: Not-Associated [[email protected] ~]# tcpdump -i ath0 -s 0 -w stress.pcap tcpdump: bind: Network is down (15 May '13, 23:07) Tyanium |
What version of what OS is this? (For Linux, that means both "what version of the kernel" and "what distribution and what version of that distribution".)
What does
tcpdump -hprint?This is what printed after tcpdump -h
Im using fedora release 9 with kernel version 2.6.27.25-78.2.56.fc9.i686