I'm not sure if this is the right place to post this, but I'm having some
issues with the BPF using madwifi that I can't resolve.
I have brought up a monitor-mode interface on an ad-hoc link between two
nodes. My client attaches to this interface and installs the following BPF:
// outgoing frames
/* 01 */ stmt(BPF_LD+BPF_B+BPF_ABS, SKF_AD_OFF+SKF_AD_PKTTYPE);
/* 02 */ jump(BPF_JMP+BPF_JEQ+BPF_K, PACKET_OUTGOING, 0, 3);
// be a data frame
/* 03 */ stmt(BPF_LD+BPF_W+BPF_ABS, 0);
/* 04 */ stmt(BPF_ALU+BPF_AND+BPF_K, 0x0C);
/* 05 */ jump(BPF_JMP+BPF_JEQ+BPF_K, 0x08, 1, 0);
/* 06 */ stmt(BPF_RET+BPF_K, 0);
/* 07 */ stmt(BPF_LD+BPF_W+BPF_LEN, 0);
/* 08 */ stmt(BPF_RET+BPF_A, 0);
Unfortunately, the filter fails to receive any frames at all. If I remove
the 'be a data frame' block, the filter correctly passes outgoing frames
through. Using a similar filter on tcpdump (wlan & 0x0C == 0x08)
correctly filters only DATA frames through. I can't work out why this filter
isn't working in my code, and I have no idea how I could debug it as I'm no
good at kernel-level debugging.
I'm wondering if anyone would be able to shed some light on this, or point
me in the right direction so that I can investigate this further.