Search Linux Wireless

nl80211 scanning from userspace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm trying to figure out how to use nl80211 to scan.  The "iw" example
has been somewhat helpful, though the userspace header file nl80211
and /usr/include/netlink/*.h have been helpful.  I'm on an ubuntu
system, and I'm sorry to say that the libnl1-doc package has some
doxygen files in it that don't agree with the actual headers (function
prototypes differ, etc.) but it's enough to get at least some picture
of what's going on.

Here's what I have put together so far, in snippets:

Register callbacks for all messages:
    callbacks = nl_cb_alloc(NL_CB_DEFAULT);
    nl_cb_set_all(callbacks,  NL_CB_CUSTOM, rx, NULL);

Create a socket, allocate a cache.  I do error checking on each of
these calls to make sure they succeed, but I'm eliminating that here
for brevity:
    genl_connect(sock);
    cache = genl_ctrl_alloc_cache(sock);
    nl80211 = genl_ctrl_search_by_name(cache, cacheName);   /*
cacheName is "nl80211" */

Start building the message.  First build an SSID list with one entry
in it (empty string)
    struct nl_msg *ssids = nlmsg_alloc();
    nla_put_string(ssids, 0, "");

Next build the scan request message:
    struct nl_msg *msg = nlmsg_alloc();
    int flags = 0;
    int cmd = NL80211_CMD_TRIGGER_SCAN;
    genlmsg_put(msg, 0, 0, genl_family_get_id(nl80211), 0, flags, cmd, 0);
    /* append our ssid list to this message as a nested message */
    nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids)

Finally I send the request:
    int rc = nl_send_auto_complete(sock, msg);

>From this I found out that 32 bytes were sent (seems reasonable).
Unfortunately, what I get back is this:
  [HEADER] 16 octets
    .nlmsg_len = 52
    .nlmsg_type = 2 <ERROR>
    .nlmsg_flags = 0 <>
    .nlmsg_seq = 1282012377
    .nlmsg_pid = 30415
  [ERRORMSG] 20 octets
    .error = -22 "Invalid argument"
  [ORIGINAL MESSAGE] 16 octets
    .nlmsg_len = 16
    .nlmsg_type = 23 <0x17>
    .nlmsg_flags = 5 <REQUEST,ACK>
    .nlmsg_seq = 1282012377
    .nlmsg_pid = 30415

so, even following what iw's "scan.c" does I have somehow pieced the
request together incorrectly.

Questions:
1. Am I doing something obviously wrong?
2. Is this even the interface I should be using to do this?  (I need
to scan for all access points on a specific "hidden" SSID to retrieve
some information about their SNR.  It's a type of "site survey"
application for building contour maps of coverage).

I'm not sure what I'm doing next makes sense, either.  After I send
the scan request I wait 3 seconds then start reading like this:
    while(nl_recvmsgs(sock, callbacks) != 0)
    {
        printf("processed a result\n");
    }

I have registered my callback earlier; this seems to work because I
get the message (above) plus later an "Operation Not Supported"
message.  The operation is indeed supported, as it works with the
iwlist and iw command line tools.

--Chris
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux