Wireshark mailing list archives
Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows?
From: Yang Luo <hsluoyb () gmail com>
Date: Thu, 31 Dec 2015 13:03:51 +0800
Hi Alexis, So it seems that I need to build Wireshark from source. I encountered some errors when building: My build machine is Win10 x64. I am using the trunk code of Wireshark (git clone https://code.wireshark.org/review/wireshark), VS 2013 Ultimate, QT 5.5.1 for MSVC 2013 64bit, CMake 3.4.1 and latest cygwin64. I followed the guide here: https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupCMake.html#ChWin32Build The code is stored here: J:\github_repos\wireshark My commands are: set CYGWIN=nodosfilewarning set WIRESHARK_BASE_DIR=J:\github_repos set WIRESHARK_TARGET_PLATFORM=win64 set QT5_BASE_DIR=C:\Qt\Qt5.5.1\5.5\msvc2013_64 set WIRESHARK_VERSION_EXTRA=-MonitorEnabled set WIRESHARK_CYGWIN_INSTALL_PATH=c:\cygwin64 mkdir J:\github_repos\wsbuild64 cd J:\github_repos\wsbuild64 cmake -DENABLE_CHM_GUIDES=on -G "Visual Studio 12 2013 Win64" ..\wireshark msbuild /m /p:Configuration=RelWithDebInfo Wireshark.sln And I encountered many errors like below, how to fix these errors? The entire build log is in the attachment. 74>C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\V120\Microsoft.CppCommon.targets(170,5): error MSB6006: "cmd.e xe" exited with code 9009. [J:\github_repos\wsbuild64\docbook\developer_guide_docbook.vcxproj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : error C2220: warning treated as e rror - no 'object' file generated (J:\github_repos\wireshark\ui\gtk\about_dlg.c) [J:\github_repos\wsbuild64\ui\g tk\gtkui.vcxproj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : error C2220: warning treated as e rror - no 'object' file generated (J:\github_repos\wireshark\ui\gtk\addr_resolution_dlg.c) [J:\github_repos\wsbu ild64\ui\gtk\gtkui.vcxproj] capture_if_dlg.c capture_info_dlg.c color_dlg.c 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : warning C4819: The file contains a character that cannot be represented in the current code page (936). Save the file in Unicode format to preven t data loss (J:\github_repos\wireshark\ui\gtk\about_dlg.c) [J:\github_repos\wsbuild64\ui\gtk\gtkui.vcxproj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : warning C4819: The file contains a character that cannot be represented in the current code page (936). Save the file in Unicode format to preven t data loss (J:\github_repos\wireshark\ui\gtk\addr_resolution_dlg.c) [J:\github_repos\wsbuild64\ui\gtk\gtkui.vcx proj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : error C2220: warning treated as e rror - no 'object' file generated (J:\github_repos\wireshark\ui\gtk\bytes_view.c) [J:\github_repos\wsbuild64\ui\ gtk\gtkui.vcxproj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : error C2220: warning treated as e rror - no 'object' file generated (J:\github_repos\wireshark\ui\gtk\capture_dlg.c) [J:\github_repos\wsbuild64\ui \gtk\gtkui.vcxproj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : error C2220: warning treated as e rror - no 'object' file generated (J:\github_repos\wireshark\ui\gtk\capture_file_dlg.c) [J:\github_repos\wsbuild 64\ui\gtk\gtkui.vcxproj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : error C2220: warning treated as e rror - no 'object' file generated (J:\github_repos\wireshark\ui\gtk\color_dlg.c) [J:\github_repos\wsbuild64\ui\g tk\gtkui.vcxproj] 91>J:\github_repos\wireshark-win64-libs\gtk2\include\glib-2.0\gobject/gsignal.h : error C2220: warning treated as e rror - no 'object' file generated (J:\github_repos\wireshark\ui\gtk\capture_info_dlg.c) [J:\github_repos\wsbuild 64\ui\gtk\gtkui.vcxproj] Cheers, Yang On Wed, Dec 30, 2015 at 9:38 PM, Alexis La Goutte <alexis.lagoutte () gmail com
wrote:
Hi Yang, Good idea ! (i like) There is a "Monitor" column on Wireshark but need to have SHOW_MONITOR_COLUMN (HAVE_PCAP_CREATE) enable (see ui/qt/capture_interfaces_dialog.cpp ) But the column will look no available on Windows... Cheers On Wed, Dec 30, 2015 at 8:29 AM, Yang Luo <hsluoyb () gmail com> wrote:Hi list, I am considering adding native 802.11 packet capturing support (including management and control frames) in Npcap. This is possible because Microsoft Network Monitor already implements this feature for Vista and later. To enable these packets' capturing, we need to switch on the Wi-Fi adapter's monitor mode. With the help of Guy ( http://stackoverflow.com/questions/34507789/how-to-enable-802-11-monitor-mode-dot11-operation-mode-network-monitor-in-a-nd), I know some stuffs about it. In NDIS side, there's an OID called *OID_DOT11_CURRENT_OPERATION_MODE *to set and get the current operation mode of the adapter. Possible values are *DOT11_OPERATION_MODE_NETWORK_MONITOR *(monitor mode) and *DOT11_OPERATION_MODE_EXTENSIBLE_STATION *(non-monitor mode). There's no way to check whether an adapter supports monitor mode or not. In Npcap's libpcap/wpcap part, I have added the monitor mode support by changing two places, I don't know if this is the right way: 1) *pcap_activate_win32 *function in \wpcap\libpcap\pcap-win32.c: https://github.com/nmap/npcap/blob/master/wpcap/libpcap/pcap-win32.c Line 569 if (p->opt.rfmon) { /* * No monitor mode on Windows XP and earlier. It could be done on * Vista with drivers that support the native 802.11 * mechanism and monitor mode. */ DOT11_CURRENT_OPERATION_MODE operation_mode; operation_mode.uCurrentOpMode = DOT11_OPERATION_MODE_NETWORK_MONITOR; if (pcap_oid_set_request_win32(p, OID_DOT11_CURRENT_OPERATION_MODE, &operation_mode, sizeof(DOT11_CURRENT_OPERATION_MODE)) != 0) return (PCAP_ERROR_RFMON_NOTSUP); } So instead of originally return (PCAP_ERROR_RFMON_NOTSUP);, this code will set the monitor mode of the adapter. 2) *pcap_cant_set_rfmon *function in wpcap\libpcap\pcap.c: https://github.com/nmap/npcap/blob/master/wpcap/libpcap/pcap.c Line 98 /* * For systems where rfmon mode is never supported. */ static int pcap_cant_set_rfmon(pcap_t *p _U_) { return (1); // return (0); } I changed this function to always returning 1, which means "supported". I know here I should check whether the adapter supports the monitor mode, but I found no way to check. All I can do is to get/set the current mode using the OID way above. After all these changes, there's no change in Wireshark, I didn't find a place to switch on/off the monitor mode like Microsoft Network Monitor. So I doubt whether Wireshark supports the monitor mode of Wlan in Windows? And how Wireshark UI make use of the monitor mode? Thanks. Cheers, Yang ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Yang Luo (Dec 29)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Alexis La Goutte (Dec 30)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Yang Luo (Dec 30)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Graham Bloice (Dec 31)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Guy Harris (Dec 31)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Yang Luo (Dec 30)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Alexis La Goutte (Dec 30)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Guy Harris (Dec 30)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Guy Harris (Dec 30)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Guy Harris (Dec 30)
- Re: How Wireshark supports monitor mode for WLAN 802.11 adapter in Windows? Guy Harris (Dec 30)