Search Linux Wireless

Capturing hardware-decrypted packets in monitor mode on ath9k/ath10k

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On a station or AP device, I'd like to capture packets in monitor mode
(ie. with radiotap headers).  Normally this captures the encrypted
packets as they appear on the air.  In my case, I'd like to capture
the *decrypted* packets where possible (ie. packets communicating with
this node, where the local machine already knows the session key and
is presumably decrypting the packets anyway so that it can carry on
the session).

I know wireshark (etc) can decrypt packets for a given session if you
capture the EAPOL frames.  The advantages of having the driver do it
in hardware are a) hopefully less performance impact, and b) you can
easily start capturing at any time, even post EAPOL, because the
driver already has a cached copy of the keys.

Is there a flag somewhere I can set to make this happen?  Is this even
a feature supported by most hardware?

Thanks,

Avery
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux