Denis Kenzior
96d0703eb3
monitor: Add decoder for HT Capabilities field
2015-05-07 21:33:07 -05:00
Denis Kenzior
2948f2d933
monitor: Pretty-print Extended Capabilities IE
2015-05-06 21:57:53 -05:00
Denis Kenzior
9ac2e109e3
monitor: Reflow formatting of ie_entry
2015-05-06 21:55:55 -05:00
Denis Kenzior
0239c6f09e
monitor: Add decoder for NL80211_ATTR_EXT_CAPA
2015-05-06 21:50:30 -05:00
Denis Kenzior
6f7a07e012
monitor: Add additional nl80211 command names
2015-05-06 15:29:28 -05:00
Denis Kenzior
c3abaf8181
monitor: Pretty-print commands supported by phy
2015-05-06 15:23:57 -05:00
Denis Kenzior
7744c38ec1
monitor: Add Beacon Loss Event entry
2015-04-30 17:47:23 -05:00
Denis Kenzior
c8fc79c611
monitor: Print AKM suites
2015-04-17 12:49:54 -05:00
Denis Kenzior
835ae605d9
monitor: Make sure to print attribute type
2015-04-17 12:49:51 -05:00
Denis Kenzior
90c922f2ca
monitor: Fix buffer overrun
...
When printing New Address events, the extra_str buffer is overrun,
resulting in weird stuff happening.
> RTNL: Error (0x02) len 20 > 5.252075
Flags: 0 (0x000)
Sequence number: 189 (0x000000bd)
Port ID: 2116
ACK: 0
==4080== Invalid read of size 1
==4080== at 0x4E8000E: vfprintf (in /lib64/libc-2.20.so)
==4080== by 0x4EA8A24: vsnprintf (in /lib64/libc-2.20.so)
==4080== by 0x4E86011: snprintf (in /lib64/libc-2.20.so)
==4080== by 0x403B64: print_packet (nlmon.c:238)
==4080== by 0x40C8FD: print_nlmsghdr (nlmon.c:3197)
==4080== by 0x40CD9E: print_rtnl_msg (nlmon.c:3266)
==4080== by 0x40CE4F: nlmon_print_rtnl (nlmon.c:3298)
==4080== by 0x40D1CD: nlmon_receive (nlmon.c:3390)
2015-04-12 12:25:55 -05:00
Jukka Rissanen
02a2515f3d
monitor: Pretty print LinkMode value
...
LinkMode tells whether kernel (0) or user space (1) is controlling
the link.
2015-03-27 13:31:41 -05:00
Jukka Rissanen
f4f5afdd50
monitor: Pretty print OperState value
...
Instead of plain number, decode the value for human consumption.
2015-03-27 13:31:41 -05:00
Jukka Rissanen
2c3c96f322
monitor: Print OperState instead of Openstate for operational state flag
2015-03-27 13:31:41 -05:00
Denis Kenzior
d277456852
monitor: Always hexdump the raw PAE frame
2015-03-20 13:48:49 -05:00
Denis Kenzior
9318414f22
monitor: Fix Capabilities Field dump
...
The capabilities field was not decoded from the appropriate place in the
data file. This resulted in bogus values being printed.
2015-03-20 13:47:47 -05:00
Denis Kenzior
a2bc325b3b
monitor: Fix typo
2015-03-20 11:34:21 -05:00
Patrik Flykt
2129becac8
monitor: Print HT Operation IE
...
As well as the therein contained MCS field
2015-03-20 11:29:42 -05:00
Ravi kumar Veeramally
8e6bd7d613
monitor: Fix encrypted key data pretty printing
...
If key data is encrypted then print only hexdump. If not pass it to
print_ie (key data may contains other IE elements).
2015-03-18 09:04:20 -05:00
Ravi kumar Veeramally
7eac75fa69
monitor: Print EAPoL key details
...
e.g.
< PAE: len 123
Interface Index: 9
EAPoL: len 123
Version: 2 (802.11X-2004)
Type: 3 (Key)
Lenth: 119
Descriptor Type: 2
Key MIC: true
Secure: false
Error: false
Request: false
Encrypted Ket Data: false
SMK Message: false
Key Descriptor Version: 1 (01)
Ket Type: true
Install: false
Key ACK: false
Key Length: 0
Key Replay Counter: 4
Key NONCE
af 38 0d 3a 24 1a f7 09 3e ad b9 6e e6 33 02 8b .8.:$...>..n.3..
fa 00 f6 40 71 38 e9 d5 d1 e3 ca 3b c2 16 83 d9 ...@q8.....;....
Key IV
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Key RSC
00 00 00 00 00 00 00 00 ........
Key MIC Data
86 b7 54 45 7c 37 45 c1 31 e7 65 4b 70 c8 43 c0 ..TE|7E.1.eKp.C.
Key Data: len 24
dd 16 00 50 f2 01 01 00 00 50 f2 02 01 00 00 50 ...P.....P.....P
f2 02 01 00 00 50 f2 02 .....P..
Vendor Specific: len 22
Microsoft (00:50:f2)
WPA:
Type: 1
Version: 1(0001)
Group Data Cipher Suite: len 4
TKIP (00:50:f2) suite 02
Pairwise Cipher Suite: len 4
TKIP (00:50:f2) suite 02
AKM Suite: len 4
PSK; RSNA PSK (00:50:f2) suite 02
2015-03-16 11:56:43 -05:00
Ravi kumar Veeramally
b8cc01eedc
monitor: Print vendor specific data with more details
...
Currently it supports Microsoft specific data which has type
and vesion value 1.
e.g.
Vendor specific: len 22
Microsoft (00:50:f2)
WPA:
Type: 1
Version: 1(0001)
Group Data Cipher Suite: len 4
TKIP (00:50:f2) suite 02
Pairwise Cipher Suite: len 4
TKIP (00:50:f2) suite 02
AKM Suite: len 4
IEEE 802.1X/PMKSA; RSNA/PMKSA caching (00:50:f2) suite 01
2015-03-12 11:29:37 -05:00
Patrik Flykt
6d652fb743
monitor: Support arbitrarily long bitfields
...
Support arbitrarily long bitfields by providing field and mask values
as arrays with their length measured in bytes. Some of the IE fields
easily reach 80 bits or more, thus easily overrunning any integer sizes
used by the OS architecture.
2015-03-06 13:11:03 -06:00
Jukka Rissanen
7a16f0a263
monitor: RTNL IFLA flags were printed incorrectly
...
If flags was 0, then an uninitialized buffer was printed. Changed
this so that if flags == 0, then just the value is printed.
If flags != 0, then print flags values to a buffer that is big
enough to hold all the sub-strings.
2015-02-26 09:49:32 -06:00
Jukka Rissanen
42f8adbab9
nlmon: String buffer overflow
...
The buffer that is allocated for the filename is too short and
as sprintf() was used it overflowed the buffer easily when longer
interface name was used.
2015-02-25 10:31:48 -06:00
Denis Kenzior
62bfb6f8c8
iwmon: Remove unneeded casts
2015-02-23 12:39:20 -06:00
Patrik Flykt
56a0b6de60
nlmon: Pretty-print RSN IE
...
Pretty-print RSN cipher suites, bit fields and PMKIDs if any. Reuse
existing functionality for printing netlink message ciphers.
2015-02-23 12:33:11 -06:00
Denis Kenzior
17dcd420c2
monitor: Fix up minor style issue
2015-02-04 20:49:38 -06:00
Denis Kenzior
44aaaa74ee
monitor: Fix some whitespace corruption
2015-02-04 20:47:23 -06:00
Ravi kumar Veeramally
ea39ea3e00
monitor: Filter wlan related messages from RTNL traffic
...
Filter wlan related messages from all netlink routing messages.
2015-02-04 20:43:00 -06:00
Ravi kumar Veeramally
e79ab9d622
monitor: Print Netlink Rekey nested attributes
2015-02-04 11:15:28 -06:00
Ravi kumar Veeramally
ea4158c76c
monitor: Print RTNL ADDRESS messages
...
Print RTM_NEWADDR, RTM_DELADDR and RTM_GETADDR messages header
and its attributes.
2015-02-04 11:14:02 -06:00
Ravi kumar Veeramally
30573d71c5
monitor: Print RTNL LINK messages
...
Print RTM_NEWLINK, RTM_DELLINK, RTM_SETLINK and RTM_GETLINK
messages header, flags and its attributes.
2015-02-04 11:14:02 -06:00
Ravi kumar Veeramally
08e0ea755e
monitor: Print detailed BSS Capability information
...
e.g:
Capability: 1073 (0x0431)
ESS
Privacy
ShortPreamble
ShortSlotTime
2015-02-04 11:14:02 -06:00
Ravi kumar Veeramally
e5b25c2cac
monitor: Separate nlmsg and rtnl printing functions
...
To track RTNL wlan related messages separating nlmsg and rtnl
message printing functios.
2015-02-03 11:38:22 -06:00
Denis Kenzior
63a57453da
monitor: Fix transaction_sequence byte-ordering
...
transaction_sequence must be compared in host byte-order
2015-01-22 12:42:20 -06:00
Denis Kenzior
373d276dfc
monitor: algorithm was not in host byte-order
...
auth.algorithm field is an __le16, so must be converted to host byte
order first.
2015-01-22 12:41:08 -06:00
Denis Kenzior
f94f3d561c
monitor: duration should be printed in host-order
2015-01-22 12:28:47 -06:00
Tomasz Bursztyka
9e3cc8bf42
monitor: Print (de)authentication frame info
...
This patch adds decoding and printing of information contained in
authentication and de-authentication management frames.
2015-01-22 12:24:20 -06:00
Ravi kumar Veeramally
a83dc52d50
monitor: Decode additional flags from NLMSG header
...
Additional universal message flags are defined which are applied
only for GET requests (NLM_F_ROOT, NLM_F_ATOMIC, NLM_F_MATCH,
NLM_F_DUMP) and flags which are related to NEW requests
(NLM_F_REPLACE, NLM_F_EXCL, NLM_F_CREATE, NLM_F_APPEND).
2015-01-21 13:31:55 -06:00
Ravi kumar Veeramally
fa40340d68
monitor: Print netlink core control messages
...
Decode core control messages (NLMSG_ERROR and NLMSG_DONE).
2015-01-19 21:17:52 -06:00
Ravi kumar Veeramally
4d7ff64f38
monitor: Print NLMSG header
...
Print NLMSG header for detailed information.
e.g:
> RTNL: Done (0x03) len 4 [multi]
Flags: 2 (0x002)
Sequence number: 1421667486 (0x54bcec9e)
Port ID: 24768
2015-01-19 21:11:45 -06:00
Ravi kumar Veeramally
0922ce9817
monitor: Provide a helper function
...
Provide a helper function to convert NLMSG type to string.
2015-01-19 21:11:12 -06:00
Marcel Holtmann
75ec08df73
monitor: Define ARPHRD_NETLINK if it not provided by system headers
2014-12-19 01:44:49 +01:00
Patrik Flykt
ac663fba69
monitor: Print SSID IE
...
Print the SSID IE. If the SSID is not UTF-8 compliant, replace the non-
compliant byte with the UTF-8 substitution character. If the SSID is
hidden, its length and/or all characters are zero; print nothing in
this case.
2014-12-18 11:10:03 -06:00
Ravi kumar Veeramally
deb80322ea
monitor: Fix memory leak
...
Memory allocated l_timeout struct from l_timeout_create not being
freed.
==4184== HEAP SUMMARY:
==4184== in use at exit: 32 bytes in 1 blocks
==4184== total heap usage: 50 allocs, 49 frees, 39,902 bytes allocated
==4184==
==4184== 32 bytes in 1 blocks are definitely lost in loss record 1 of 1
==4184== at 0x4C2ABA0: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4184== by 0x40706D: l_malloc (util.c:62)
==4184== by 0x408D9A: l_timeout_create (timeout.c:117)
==4184== by 0x40896A: signal_callback (signal.c:82)
==4184== by 0x408692: l_main_run (main.c:346)
==4184== by 0x402474: main (main.c:797)
==4184==
==4184== LEAK SUMMARY:
==4184== definitely lost: 32 bytes in 1 blocks
==4184== indirectly lost: 0 bytes in 0 blocks
==4184== possibly lost: 0 bytes in 0 blocks
==4184== still reachable: 0 bytes in 0 blocks
==4184== suppressed: 0 bytes in 0 blocks
2014-12-16 08:56:57 -06:00
Denis Kenzior
44301601ed
monitor: Various style cleanups
2014-12-15 16:19:29 -06:00
Patrik Flykt
214c89ba8b
monitor: Print BSS load information
2014-12-15 16:14:31 -06:00
Patrik Flykt
4b8542e671
monitor: Print TPC Report information
2014-12-15 16:14:31 -06:00
Patrik Flykt
2f21cb47c4
monitor: Print TIM information
2014-12-15 16:14:30 -06:00
Patrik Flykt
ca77daafe3
monitor: Print ERP information
2014-12-15 16:14:30 -06:00
Patrik Flykt
afbf098774
monitor: Print Power constraint
2014-12-15 16:14:30 -06:00
Patrik Flykt
87b49f8071
monitor: Print DSSS parameter set
2014-12-15 16:14:30 -06:00
Denis Kenzior
e2cd88c1cd
nlmon: Fix style
2014-12-12 10:59:48 -06:00
Patrik Flykt
f2745611f6
monitor: Print country/regulatory IEs
2014-12-12 10:58:25 -06:00
Patrik Flykt
ce93e1bf9c
monitor: Print supported rates
...
Print out supported rates, both basic and extended IEs. A trailing
(B) after the rate indicates BSSBasicRateSet.
2014-12-12 10:55:22 -06:00
Patrik Flykt
fbdb88dda3
monitor: Create table for IE decoding
...
Create a table for IE decoding and modify vendor IE printing to use this
new implementation. Unconditionally print out hexdumps of the IEs in order
to be able to verify the decoded IEs and its byte representation.
2014-12-12 10:47:54 -06:00
Jukka Rissanen
89bacdbc08
monitor: Use standard printf modifiers for attribute values
...
Use PRIu64 etc. macros from inttypes.h so that the code works
in every situation, otherwise using %lu for U64 value gives
segfault.
2014-10-07 21:24:26 -05:00
Denis Kenzior
d9768348d5
monitor: Always try to find an existing interface
...
Duplicate detection will happen when we try to create a new link. The
newlink flags were updated to fail if the device already exists.
2014-10-04 21:31:58 -05:00
Denis Kenzior
046e49588e
monitor: Fix minor coding style issues
2014-10-04 21:08:51 -05:00
Denis Kenzior
5fae2cc524
monitor: Fix whitespace
...
No spaces for indentation
2014-10-04 21:07:18 -05:00
Patrik Flykt
1d4ab8de47
monitor: Remove netlink monitor interface if created by iwmon
...
Send a RTM_DELLINK for the interface in use if it was created by iwmon.
As the main loop needs to be running when sending RTM_DELLINK, add a
timeout function for quitting the main loop.
2014-10-04 21:07:15 -05:00
Patrik Flykt
0b75b71555
monitor: Create netlink monitor interface if not found
...
If the netlink monitor interface is not found or did not have all needed
flags set, create one with the proper flags.
2014-10-04 20:58:46 -05:00
Denis Kenzior
73f5f0766d
monitor: Fix memory leak
...
In the case that we use iwmon --interface nlmon
2014-10-04 20:50:16 -05:00
Denis Kenzior
38ab7511af
monitor: minor coding style fix ups
2014-10-04 20:41:32 -05:00
Patrik Flykt
19e2132fce
monitor: Lookup existing monitor interface via netlink
...
On startup, request a list of interfaces via netlink. Find out whether
an interface of type nlmon exists and use it if it has all the needed
flags set. The default name of the interface is 'nlmon', which can be
changed from the command line. If the interface name is in use and is
not an nlmon type, print out an error message and exit.
2014-10-04 19:56:01 -05:00
Marcel Holtmann
9fa506c237
monitor: Add option to provide nl80211 family identifier
2014-08-16 00:00:10 +02:00
Marcel Holtmann
18652f1f49
monitor: Add support for extracting family identifiers from traces
2014-08-15 23:38:37 +02:00
Marcel Holtmann
d57006ae23
monitor: Match on skb->dev->type and skb->protocol for both filters
2014-08-13 22:22:28 -07:00
Marcel Holtmann
0d81689e08
monitor: Use socket filter also for netlink monitor interface
2014-08-13 21:55:06 -07:00
Marcel Holtmann
40160a7fd4
monitor: Use socket filter for PAE / EAPoL to catch all packets
2014-08-12 21:44:30 -07:00
Marcel Holtmann
07aabaf455
monitor: Fix spelling mistake with timestamp error message
2014-08-12 21:43:39 -07:00
Marcel Holtmann
50f8c8614b
monitor: Print RTNL traffic also when live sniffing
2014-08-12 20:27:48 -07:00
Marcel Holtmann
d3f37628b0
monitor: Add support for writing combined PCAP trace files
2014-08-12 19:35:59 -07:00
Marcel Holtmann
b97c661a97
monitor: Print out relative timestamp offset for each packet
2014-08-12 17:40:51 -07:00
Marcel Holtmann
2749e4e4a2
monitor: Print details for RTNL Set Link commands
2014-08-12 17:24:03 -07:00
Marcel Holtmann
772574716e
monitor: Add proper labels to RTNL messages
2014-08-12 16:57:48 -07:00
Marcel Holtmann
581f00171d
monitor: Skip packet from PCAP file if it is truncated
2014-08-12 00:40:07 -07:00
Marcel Holtmann
b00bea15ab
monitor: Fix minor typo in management frame type
2014-08-11 20:33:08 -07:00
Marcel Holtmann
da058ae75b
monitor: Add entry for WPI-SMS4 keys and cipher
2014-08-11 00:16:51 -07:00
Marcel Holtmann
7dfe703286
monitor: Add support for decoding pairwise and group cipher information
2014-08-10 21:54:26 -07:00
Marcel Holtmann
e969407e2c
monitor: Add support for decoding cipher suites attribute
2014-08-10 21:48:22 -07:00
Marcel Holtmann
5cf13fa692
monitor: Fix max remain on channel attribute decoding
2014-08-10 21:48:02 -07:00
Marcel Holtmann
a95c720d64
monitor: Decode the EAPoL packet headers of PAE frames
2014-08-10 20:20:13 -07:00
Marcel Holtmann
351208b642
monitor: Decode key default types and key cipher information
2014-08-10 19:22:11 -07:00
Marcel Holtmann
a2a59e78fa
monitor: Extract PAE port traffic out of PCAP files and decode it
2014-08-10 18:32:11 -07:00
Marcel Holtmann
9fbd454c88
monitor: Fix check for netlink hardware and protocol type
2014-08-10 17:33:48 -07:00
Marcel Holtmann
4a5f30bbc2
monitor: Listing to Ethernet packets on PAE port and display them
2014-08-10 14:57:28 -07:00
Marcel Holtmann
a65362f510
monitor: Fix missing timestamp handling for netlink messages
2014-08-10 14:35:33 -07:00
Marcel Holtmann
d8ed30e13b
monitor: Decode OUI portion of vendor specific information elements
2014-08-10 13:21:49 -07:00
Marcel Holtmann
b4eb544355
monitor: Handle timestamp and real packet length information
2014-08-10 12:45:56 -07:00
Marcel Holtmann
b91bb55206
monitor: Use packet buffer of 16 kilobytes to allow large frames
2014-08-10 12:25:20 -07:00
Marcel Holtmann
9cdb52a167
monitor: Fix issue with large packets in PCAP files
2014-08-10 12:19:58 -07:00
Marcel Holtmann
91c305d9af
monitor: Adjust indentation for IE binary data information
2014-08-10 11:41:51 -07:00
Marcel Holtmann
da3c7310a0
monitor: Add support for decoding connection quality monitor attributes
2014-08-10 11:35:16 -07:00
Marcel Holtmann
4ec7eb1c74
monitor: Add support for decoding station info and flags
2014-08-10 11:32:30 -07:00
Marcel Holtmann
c80877808f
monitor: Print error message string for dump requests
2014-08-10 10:38:14 -07:00
Marcel Holtmann
bbca35c57b
monitor: Add support for decoding frame types
2014-08-10 01:01:47 -07:00
Marcel Holtmann
c50d624e55
monitor: Decode information elements binary into individual tags
2014-08-10 00:14:29 -07:00
Marcel Holtmann
0394da4ce2
monitor: Add support for custom decoding functions
2014-08-10 00:07:53 -07:00
Marcel Holtmann
55bbf22edb
monitor: Enable kernel side timestamps and make them available
2014-08-09 23:48:25 -07:00
Marcel Holtmann
7a1bb1e953
monitor: Improve message and attribute display handling
2014-08-09 22:59:42 -07:00