On Wed, 2016-01-13 at 08:58 +0100, Mikael Kanstrup wrote: > Hi, > > Roger James reported that capturing wireless data on monitor > interfaces created by Wireshark only capture frames to/from BSSID of > the monitor interface. This was solved using iw by setting otherbss > monitor flag. See Wireshark mailing list thread here: > https://www.wireshark.org/lists/wireshark-dev/201601/msg00031.html > > I suggested a patch to handle this within Wireshark: > https://code.wireshark.org/review/#/c/13219 > > Now before merging I hope to get some feedback here if this is safe > for the general case? For most users/drivers it appears explicitly > setting the flag is not needed. > It should be safe I think. However, it's really only necessary if the monitor interface isn't the only interface in the system, and more generally, if that's the case, monitoring may always be less reliable (though very much depending on the driver.) However, I'm not entirely happy with this patch (by default, and not configurable) since we routinely use wireshark (and often tcpdump, which isn't affected) to debug things where "otherbss" is *not* desired since we really might *want* to have only packets from the BSS to debug issues within, and to not affect the wifi NICs operation. Could it perhaps be made configurable? johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
