On Tue, Apr 07, 2009 at 11:19:52PM +0300, Maxim Levitsky wrote: > I mostly agree. > But then maybe its better not to show unencryped frames at all on > promisc interface? I was assuming you were talking about some kind of monitor mode, but if this is FIF_PROMISC_IN_BSS on a station interface, I would agree that it would be better not to show some corrupted data frames in the data interface (I'm assuming here that you mean un-decrypted encrypted frames to other STAs in BSS). What kind of frames are you seeing in this case? Which driver are you using? > Exactly. this why I thought it would be nice if kernel could do that and > present a virtual promisc mode. > Userspace helper could do all the job figuring the keys, and kernel > would just use keys to decrypt the traffic. > I could even hack the wpa_supplicant on all systems that belong to my > network to exchange the keys. I think that I continue to say that this should not be in the kernel or well, at least not in the upstream kernel. If the current implementation shows some bogus frames when wlan0 (i.e., non-monitor mode interface) is set to promisc mode when WPA (or even dynamic WEP) is used, the proper fix would be to filter those frames out. If someone wants to see all the frames decrypted, that would be a task for a userspace program (e.g., wireshark) and an interface in monitor mode. I've done that in the past by modifying the AP to send all keys to the sniffer host, but sure, this could also be done by the supplicant side. -- Jouni Malinen PGP id EFC895FA -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
