102 lines
3.0 KiB
Markdown
102 lines
3.0 KiB
Markdown
# ESP32 Monitor Verification Guide
|
|
|
|
This Linux C program captures 802.11 frames and displays them in a format that matches ESP32's debug output, allowing you to verify that the ESP32 monitor code is correctly parsing frames.
|
|
|
|
## Quick Start
|
|
|
|
```bash
|
|
# Build
|
|
cd wireless-monitor-template
|
|
./autogen.sh
|
|
./configure
|
|
make
|
|
|
|
# Run (as root)
|
|
sudo ./src/wireless_monitor wlan0 11
|
|
|
|
# With MAC filter (to match ESP32 filter)
|
|
sudo ./src/wireless_monitor wlan0 11 80:84:89:93:c4:b6
|
|
```
|
|
|
|
## Comparison Workflow
|
|
|
|
### 1. Setup ESP32 Monitor
|
|
|
|
```bash
|
|
# On ESP32 console
|
|
monitor start -c 11
|
|
monitor debug on
|
|
monitor filter 80:84:89:93:c4:b6
|
|
```
|
|
|
|
### 2. Setup Linux Monitor (Same Channel)
|
|
|
|
```bash
|
|
# On Linux machine (same channel!)
|
|
sudo ./src/wireless_monitor wlan0 11 80:84:89:93:c4:b6
|
|
```
|
|
|
|
### 3. Generate Test Traffic
|
|
|
|
```bash
|
|
# On another device (e.g., Raspberry Pi)
|
|
iperf -c <server_ip> -u -b 10M -t 60
|
|
```
|
|
|
|
### 4. Compare Outputs
|
|
|
|
**ESP32 Output:**
|
|
```
|
|
[1770775602.813] I MONITOR: DATA: DATA, TA=80:84:89:93:c4:b6, Size=228 bytes, Rate=54 Mbps, MCS=0, SS=1, BW=20 MHz, RSSI=-94 dBm, Retry:YES
|
|
```
|
|
|
|
**Linux Output:**
|
|
```
|
|
[1770775602.813] DATA: TA=80:84:89:93:c4:b6, RA=e0:46:ee:07:df:e1, Size=228 bytes, Dur=25038 us, RSSI=-94 dBm, Retry=YES
|
|
```
|
|
|
|
## What to Verify
|
|
|
|
1. **Same Frames Seen**: Do both see the same number of frames?
|
|
2. **TA Matches**: Transmitter Address should be identical
|
|
3. **RA Present**: Linux shows RA, ESP32 extracts it as `addr1`
|
|
4. **Duration/NAV**: Duration field should match (for collapse detection)
|
|
5. **Retry Flag**: Should be consistent
|
|
6. **Frame Types**: Both should classify frames the same way
|
|
|
|
## Troubleshooting
|
|
|
|
### No Frames on Linux but ESP32 Sees Them
|
|
|
|
- **Channel Mismatch**: Ensure both are on the same channel
|
|
- **Interface Issue**: Check `iw dev wlan0 info` shows monitor mode
|
|
- **Permissions**: Must run as root
|
|
|
|
### Different TA/RA Values
|
|
|
|
- **Address Order**: ESP32 uses `addr2`=TA, `addr1`=RA (correct)
|
|
- **To DS/From DS**: Address meanings change based on these bits
|
|
- **Frame Direction**: Client→AP vs AP→Client have different addressing
|
|
|
|
### Duration Mismatches
|
|
|
|
- **NAV Field**: Both should read the same Duration/ID field
|
|
- **Expected vs Actual**: ESP32 calculates expected duration, Linux shows actual
|
|
- **Collapse Detection**: Large mismatches indicate potential collisions
|
|
|
|
## Example: Debugging Missing Frames
|
|
|
|
If ESP32 shows `Filter: 80:84:89:93:c4:b6 (0 frames, 0.0 fps)` but Linux sees frames:
|
|
|
|
1. **Check Channel**: `monitor status` on ESP32 vs `iw dev wlan0 info` on Linux
|
|
2. **Check MAC**: Verify the MAC address is correct
|
|
3. **Check Filter Logic**: ESP32 checks both TA and RA, Linux does the same
|
|
4. **Check Frame Types**: ESP32 might be filtering by frame type
|
|
|
|
## Notes
|
|
|
|
- Linux output format matches ESP32 debug logs for easy comparison
|
|
- Both tools filter on TA **and** RA to maximize matches
|
|
- Radiotap header parsing (RSSI, MCS) is simplified - full parsing would require radiotap library
|
|
- For accurate PHY info, consider using `tcpdump` or `wireshark` with radiotap support
|