Unable to decrypt wds (4-address atheros openwrt) bridge traffic

[Jacobo Pantoja <jacobopantoja () gmail com>]

Hi,

I'm trying to capture network traffic between a wireless bridge made with two OpenWRT devices, which means they use 4 
address atheros stuff for wireless bridge. For testing, beside the "client" AP, a non-wds client joined to the "master" 
AP.

The AP is using WPA2-PSK, and I can sucessfully see decrypted traffic for non-wds clients, i.e. frames with both 
wlan.fc.ds set to 01 and to 10. But traffic from the "client" AP to the "master" AP (i.e. frames with wlan.fc.ds == 11) 
are not decrypted.

I guess that the PSK should be the same for the non-wds clients than for the wds client, but perhaps I'm wrong. All the 
EAPOL messages are properly captured. Also, I don't know if the 4address Linux stuff is adding something non-standard 
that WireShark cannot deal with at this moment.

Any ideas?
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe