创建一个monitor接口,然后设置抓包的信道,然后使用tcpdump或者wireshark抓包。
但是有些坑,需要解决才可以:
# rfkill list
0: hci0: Bluetooth
Soft blocked: yes
Hard blocked: no
1: phy0: Wireless LAN
Soft blocked: yes
Hard blocked: no
如果rfkill显示无线blocked,则需要unblock。
# rfkill unblock 1
或者
# rfkill unblock wifi
intel ax201的无线驱动为iwlwifi。根据文档2, 需要设置这个参数才可以开启抓包模式。之前没搜到这个文档,一直抓不到包。
amsdu_size=3
根据文档4, 为了使参数设置永久生效。在/etc/modprobe.d下面添加一个文件
# cat iwlwifi.conf
options iwlwifi amsdu_size=3
重启后,可以看到参数变为了3
# cat /sys/module/iwlwifi/parameters/amsdu_size
3
更新驱动
# ethtool -i wlo1
driver: iwlwifi
version: 5.16.18-200.fc35.x86_64
firmware-version: 67.8f59b80b.0 QuZ-a0-hr-b0-67.u
expansion-rom-version:
bus-info: 0000:00:14.3
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: no
查看当前phy
# iw list
Wiphy phy0
wiphy index: 0
max # scan SSIDs: 20
max scan IEs length: 365 bytes
max # sched scan SSIDs: 20
max # match sets: 8
Retry short limit: 7
查看当前无线接口
# iw dev
1 删除旧接口
# iw wlo1 del
phy#0
Interface wlo1
ifindex 3
wdev 0x1
addr d6:40:e5:35:92:77
type managed
txpower 0.00 dBm
multicast TXQ:
qsz-byt qsz-pkt flows drops marks overlmt hashcol tx-bytes tx-packets
0 0 0 0 0 0 0 0 0
2 创建monitor接口
# iw phy phy0 interface add mon0 type monitor
3 设置频率
# ifconfig mon0 up
# iw mon0 set freq 2412
没抓到任何包 ~。准备提问题给intel
参考:
[1] https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi/debugging
[2] https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi
[3] https://sandilands.info/sgordon/capturing-wifi-in-monitor-mode-with-iw