Wireshark-users: Re: [Wireshark-users] Capturing 802.11 RSSI and TX Rate Values Using Ubuntu Linu
From: "Tal Rusak" <tr76@xxxxxxxxxxx>
Date: Wed, 14 Jan 2009 23:48:03 -0500 (EST)
>>     Thanks for your reply.
>>     "Other" are just 802.11 beacons for the most part--none of the
>> colored packets, UDP, TCP, ect. are showing up anymore.
>
> Are there any hosts on your network other than your host?

     Yes, the ones I am monitoring.

>
> Does your machine remain associated with the network when capturing on
> mon0?  If so, then if you try to do some network operations (such as
> fetching a Web page), does that traffic show up when you're capturing?

     That's what happens if I try to capture on wlan0. But on mon0 my
machine would not stay associated.

>
>>     It is possible I updated Ubuntu, maybe even the Kernel. Why would
>> this make a negative impact?
>
> Updating the kernel might have changed something in the mac80211 layer
> that would cause problems; I'm not familiar enough with it to say.
> Updating the driver could possibly break things as well.
>
> The same issue will probably show up if you run tcpdump (as it's
> probably an issue with the card or the driver or the mac80211
> framework), but, just to check, try running "tcpdump -s 0 -i mon0"
> after doing "ifconfig mon0 up" and see if it prints anything other
> than beacons.

     tcpdump captures mostly beacons, probe responses, and a few
acknowledgments.
     Can you please let me know how to proceed?

Thanks,
Tal