e9a50d9f25
Co-authored-by: Cursor <cursoragent@cursor.com> |
||
|---|---|---|
| src | ||
| .gitignore | ||
| BUILD_PI5.md | ||
| INSTALL.md | ||
| Makefile.am | ||
| PUSH_TO_UMBER.md | ||
| QUICK_START_PI5.md | ||
| README.md | ||
| SETUP_GIT.md | ||
| VERIFICATION_GUIDE.md | ||
| ar-lib | ||
| autogen.sh | ||
| build_pi5.sh | ||
| compile | ||
| configure.ac | ||
| depcomp | ||
| install-sh | ||
| missing | ||
| wifi_monitor.py | ||
README.md
Wireless Monitor
A Linux C program for capturing and parsing 802.11 WiFi frame headers in monitor mode. This tool is designed to verify and cross-check the ESP32 monitor code by comparing what a Linux machine sees vs what the ESP32 sees when monitoring the same WiFi traffic.
Purpose
This program captures 802.11 frames and displays:
- RA (Receiver Address) and TA (Transmitter Address) - same fields ESP32 extracts
- Frame type, size, duration (NAV)
- RSSI, MCS, spatial streams (when available from radiotap)
- Retry flag
This allows you to verify that the ESP32's frame parsing matches what Linux sees, helping debug issues like:
- Missing frames
- Incorrect MAC address extraction
- Duration/NAV mismatches
- Frame type classification
Requirements
- Linux kernel with nl80211 support
- libpcap development files
- libnl3 development files
- GNU autotools (autoconf, automake, libtool)
Install Dependencies
Ubuntu/Debian:
sudo apt-get install build-essential autoconf automake libtool \
libpcap-dev libnl-genl-3-dev libnl-3-dev pkg-config
Fedora/RHEL:
sudo dnf install gcc autoconf automake libtool \
libpcap-devel libnl3-devel pkg-config
Building
# Generate configure script
./autogen.sh
# Configure build
./configure
# Build
make
# Install (optional)
sudo make install
Usage
# Run as root (required for monitor mode)
sudo ./src/wireless_monitor wlan0 11
# Or after installation
sudo wireless_monitor wlan1 36
# Example output (comparable to ESP32 debug logs):
# [1770775602.813] DATA: TA=80:84:89:93:c4:b6, RA=e0:46:ee:07:df:e1, Size=228 bytes, Dur=25038 us, RSSI=-94 dBm, Retry=YES
Comparison with ESP32
The output format is designed to match ESP32's debug output format:
- TA = Transmitter Address (same as ESP32's
addr2) - RA = Receiver Address (same as ESP32's
addr1) - Frame type, size, duration, RSSI, retry flag
You can run both simultaneously on the same channel and compare:
- Are the same frames seen?
- Do RA/TA match?
- Do durations match?
- Are retry flags consistent?
Project Structure
wireless-monitor/
├── configure.ac # Autoconf configuration
├── Makefile.am # Top-level automake file
├── autogen.sh # Script to generate configure
├── README.md
└── src/
├── Makefile.am # Source automake file
├── main.c # Main program
├── monitor.c # Monitor mode setup (libnl3)
├── monitor.h
├── capture.c # Packet capture (libpcap)
├── capture.h
├── frame_parser.c # 802.11 frame parsing
└── frame_parser.h # Frame structures (matches ESP32)