Looking for example of sending a raw wifi packet

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
Anonymous
Not applicable

I am able to receive raw wifi packets which include all the fields in the ieee80211_header_t structure via wwd_wifi_enable_monitor_mode().

Is there a way to *send* raw wifi packets where I specify the fields in the ieee80211_header_t structure and send it?

I have found things like wiced_cooee.c that appear to dance around that capability but I cannot find an example where it is actually done.


I am using the BCM43341WCD1 evaluation kit as my platform currently.

Roger

0 Likes
9 Replies
Anonymous
Not applicable

Given that there have been many views of this post and no replies from Broadcom on the subject, I assume that this cannot be done.

If that's the case, this is the first Wi-Fi product intended for embedded use that I have found that does not support a true promiscuous mode.  As such I find the product unusable in my application until this capability exists.

0 Likes
Anonymous
Not applicable

Hi Roger,

Which version of SDK are you using?

You may want to try the Wiced Software Development Kit 3.3.1

The sdk can be downloaded from here.

There isn't a ready example to demonstrate sending raw wifi packets, but it seems possible to do with Wiced SDK 3.3.1.

Best Regards,

Ab

0 Likes
Anonymous
Not applicable

Thank you for answering.  I am running WICED-SDK-3.1.2.  I will look for 3.3.1 and try that. If there are no examples, are there hints in the documentation for API calls to make that would support it?

Roger

0 Likes
Anonymous
Not applicable

I downloaded WICED SDK 3.3.1 and ported my application to use it.  After scanning through the directories for hours I don't see anything that allows me to build and send a raw wifi packet.  The closest I can come is in wwd_sdpcm.c in wwd_network_send_ethernet_data() which allows me to construct a raw ethernet packet of my choosing, but not the 802.11 fields.

Roger

0 Likes
Anonymous
Not applicable

I noticed that Qualcomm Atheros QCA4004  is a similar product that supports packet injection (raw 802.11 packet send) but the WICED environment is so much simpler and cleaner that I hate to switch to that.  But I am still unable to find a way to send a raw 802.11 packet using the BCM943341WCDI platform.

0 Likes

This may not be what you are looking for, but take a look at the mfg_test code.  It only works with the mfg_test_image for your module, but in order to pass FCC testing, the modules have to send raw wifi packets.  We've only ever done blind sends with this code for the FCC testing.

0 Likes
Anonymous
Not applicable

The mfg_test code seems to be built on the list of commands in libraries/utilities/command_console.  I looked through all the commands in the subdirectories there and didn't see one for sending packets at the wifi/802.11 level.  I did find that there is a way to invoke "wl" commands and one of those commands causes packets to be transmitted via:

int wlmTxPacketStart(unsigned int interPacketDelay, unsigned int numPackets, unsigned int packetLength, const char* destMac, int withAck, int syncMode);

But this does not seem to allow one to specify the contents of the wifi packet.

The ability to craft and send a wifi packet would seem to be a very basic capability, especially to incorporate the product as a part of a test instrument.  I have existing code that does this on a Texas Instruments platform but need to port it to something that supports 5GHz.  I like the platform but cannot use it as I intended without this capability.


R

0 Likes

I have never tried specifying the payload as it's not needed in FCC testing.  You are probably correct in assuming that it can't be specified.

0 Likes
Anonymous
Not applicable

Now using Wiced SDK 3.5.2. There is not any clean solution for raw Ethernet data because the final packet sent to the SDIO/SPI interface has to use SDPCM format. The function wwd_network_send_ethernet_data() set some flags in the Ethernet header. Finally it calls wwd_sdpcm_send_common(). This function adds the necessary SDPCM header and it buffers the packet to send. Without RTOS, the function wwd_thread_send_one_packet() will actually send the packet using wwd_bus_protocol.c,  wwd_sdio.c or wwd_spi.c functions. It is actually a buffered approach better thought to work with any RTOS. It needs dummy function declarations all them under NoOS folders (semaphores, buffers) to work with no RTOS. It is enough clear that the Wiced SDK does not feature a clear clean Wifi driver. It is platform and RTOS featured from the beginning. Header files in WICED SDK or WICED folders are needed to work only at WWD level. And lots of calls to platform specific constants make the cleaning a mesh.

0 Likes