802.11ax Remote Packet Captures using the Jetson Nano
This solution will allow you to perform remote 802.11ax packet capture from your own laptop using the Jetson Nano.
The benefit of using the Jetson Nano (and the Intel AX200 Wi-Fi card) to perform 802.11ax packet capture is that you get a lot more information in the RadioTap Header you get.
The benefit of doing it remotely is that you never need to directly interact with the Jetson Nano OS (no need for keyboards, screens nor mouses)
To make it work, I received help from a couple of talented guys:
They pretty much found the solutions, I was just the one implementing it 😉
Here is the equipment you need to make it work:
- A Nvidia Jetson Nano
- An Intel AX200 802.11ax Wi-Fi card
- Dual band antennas (Here is the one I use)
- OPTIONAL: A case for the Jetson Nano (Here is the one I use)
Initial Setup of the Jetson Nano
Here is what you need to do on the Jetson Nano right after you have loaded the image on the SD card and created your username name:
// Update & Upgrade Ubuntu sudo apt-get update -y sudo apt-get upgrade -y // Install the iwlwifi drivers git clone --single-branch --branch release/core45 https://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/backport-iwlwifi.git cd backport-iwlwifi/ make defconfig-iwlwifi-public sed -i 's/CPTCFG_IWLMVM_VENDOR_CMDS=y/# CPTCFG_IWLMVM_VENDOR_CMDS is not set/' .config make -j4 sudo make install // Install the Intel 802.11ax drivers for linux git clone https://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware.git --branch iwlwifi-fw-2019-07-20 --single-branch cd linux-firmware/ sudo cp iwlwifi-cc-a0-48.ucode /lib/firmware // Install Wireshark (development version) sudo add-apt-repository ppa:wireshark-dev/stable sudo add-apt-repository ppa:dreibh/ppa sudo apt update sudo apt -y install wireshark sudo apt -y install wireshark-qt // Install aircrack-ng sudo apt -y install aircrack-ng // Install tcmpdump sudo apt -y intall tcpdump // Allow the user to be able to use tcmpdump over an SSH connection (remote connection) sudo groupadd pcap sudo usermod -a -G pcap $USER sudo chgrp pcap /usr/sbin/tcpdump sudo chmod 750 /usr/sbin/tcpdump sudo setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump
Initial Wireshark Configurations (On your laptop)
Then you need to configure Wireshark to do the following:
- Establish a SSH connection between your laptop and the Jetson Nano
- Run a tcpdump remotely on the Jetson Nano
- Stream the packets back to your laptop
Thankfully for us, Wireshark has a plugin you can install to make it work. It is called SSHdump. You need to make sure that it is checked when you install Wireshark (Under the “Tool” section) (especially when you install Wireshark on Windows).
When you are ready to perform the packet capture, first you need to SSH into your Jetson Nano and set the Wi-Fi card into monitor mode on the proper channel using the proper channel width:
// Set the wlan0 interface to be used in monitor mode on the proper channel (Ex: 100 here) sudo airmon-ng start wlan0 100 // OPTIONAL: Set the channel width to be 40MHz sudo iw dev wlan0mon set freq 5500 HT40+ //OPTIONAL: Set the channel width to be 80MHZ sudo iw dev wlan0mon set freq 5500 80MHz
Then you can open Wireshark. In the interface list, look for “SSH remote capture: sshdump” and click on the setting gear to modify its settings:
Under the server tab, enter the IP address of the Jetson Nano and enter “22” as the port used (since we are using SSH default port here):
Under the Authentication tab, enter the username and password to connect to your Jetson Nano.
Note: You will have to re-enter your password every time you want to do a packet capture.
Under the “Capture” tab, you need to enter the following command in the “Remote capture command” field: /usr/sbin/tcpdump -i wlan0mon -U -w –. Make sure that you also check the “Use sudo on the remote machine” check box:
Then you can click on “Start” and it will start capturing packets and streaming them back to your Wireshark session.
Here are additional resources you can visit to get more details:
- Remote Wireless Capturing with a Jetson Nano from Gjermund Raaen: https://gjermundraaen.com/2019/10/01/remote-wireless-capturing-with-a-jetson-nano/
- Capturing 802.11ax with jetson nano from Gjermund Raaen: https://gjermundraaen.com/2019/09/25/capturing-802-11ax-with-jetson-nano/
- Using the WLAN Pi to scan for networks in WiFi Explorer Pro from Adrian Granados: https://www.adriangranados.com/blog/wlanpi-as-a-sensor
- You too can have a sub-$200 802.11ax client from John Kilpatrick: http://wifi.hypergeek.net/you-too-can-have-a-sub-200-11ax-client/
- How to setup Wi-Fi 6 sniffer Wireshark in Ubuntu from Tiger Lee: https://wifilogic.wordpress.com/2019/09/21/how-to-setup-wifi6-sniffer-in-ubuntu/
- The State of Wi-Fi 6 in Practise (WLPC EU Presentation): https://www.cleartosend.net/wp-content/uploads/2019/10/Wi-Fi6_in_the_real_world_wlpc_prague_2019.pdf