I'm trying to read the RSSI of the devices connected to my router with airodump-ng mon0 and iw dev wlan0 station dump, I'm running my own C++ code on it, this is mainly what my C++ code is doing:

The code works perfectly, but after running it in background for a couple minutes the router stops working at all, WiFi drops and the only way to get the router working again is by a hard reset.

Am I doing anything wrong? Is there any way I can debug what's going on?

I have no idea what is making it freeze.

See the RAM usage with a cat /proc/meminfo in the seconds previous to freeze.
The solution probably will be modify airodump-ng source code instead of pipe it.

Btw tell us if your project to get the physical position of stations through rssi goes well and what aproximation error it has.

(Last edited by iasimov on 18 Mar 2016, 16:49)

Will do, that's my main purpose of getting the RSSIs. I've got a network with 4APs and a router sending the RSSIs to a local server, but can't do much with this freezing peoblem.

How hard is to modify the airodump-ng code? I've never done that before. Any tips of how to do it?

Firstly, did you check it was a ram overconsumption problem?

Take a look to http://trac.aircrack-ng.org/browser/tru … ep/linux.c
In the functions "linux_read", "openraw" and "do_linux_open" you have almost all you need to write your own code without use airodump.

In a nutshell
1. create a packet socket, see the code of "do_linux_open" and http://man7.org/linux/man-pages/man7/packet.7.html
2. bind the socket to the wifi interface, see the code of "openraw"
3. read packets using "read" with the file descriptor of the socket, and get the rssi, see the code of "linux_read" and the lines of "ri_power" (ri = rx info)

I checked the ram consumption and is doing all good, it doesn't seem to be the problem. I can't check it when it freezes, because by that time I cannot run "cat /proc/meminfo", but when is not frozen I can see that the memory is not dropping, it stays stable at a really decent ammount of free memory available.

I've also tried to cross-compile the airodump-ng file as it is, but I can't get passed from this errors:

I don't know why it says "undefined reference" for all these files, I'm including the headers.

Do you really think I should cross-compile the airodump-ng?

Maybe I'm doing something really wrong on my C code that pipesout the data. Do you mind checking my C code? I keep reading it and see no problems there tho, but I might be missing something as I'm really knew with C.

UPDATE

I missunderstood what you meant on your last post, I'm going to try it now the way you are telling using only the linux.c file, without airodump-ng.

(Last edited by cabada on 23 Mar 2016, 06:09)

My suggestion was write your own code, it wasn't compile linux.c, in linux.c there is the code that you should read to understand how to write your own code to read rssi, it's a easy thing, you can read packets RSSI and MAC addresses with a few lines of C code, without use airodump-ng at all.

If it's not a RAM problem I don't know how the program can crash the whole router.

By the other side, if you want to improve your code with pipes, you can use "rb" instead of "r" in popen, and "fread" instead "fgets" to work with binary arrays instead strings.

Good luck.

I've done my own  C++ code to get the RSSI and MAC addresses, without airodump-ng, but the router keeps freezing. I'm running a C++ code that reads the RSSI from packets and writes them in a local file. I don't see why the router would freeze with this, the file is not even getting bigger and bigger, I'm clearing it and writing, so is always less than a few bytes.

The only thing that could be freezing it is that I'm creating the monitor interface with

airmon-ng start wlan0

? I don't know what could airmon-ng would be doing, isn't it suppose to only copy wlan0 and create a new interface called mon0 with monitor mode enabled?

After a lot of tries, I've made it.

Now I'm applying AI to try to predict where in the house I am, I'll be posting the code and project information on Github when I get it working perfectly.

I am also trying to keep the iPhone sending or faking probe requests so the APs and Routers get the RSSI in small gaps of time.

(Last edited by cabada on 3 Apr 2016, 23:41)

Hello cabada,

I've started a project similar to yours, using C code. If you want, we can share advices and source code in this thread.
I'm using a ath9k htc dongle for my tests.

In order to keep iPhone or any other device sending data to measure its RSSI you can do a ping from router to iPhone.

My device use radiotap headers to send the RSSI.

I start the dongle with the next commands.

ifconfig wlan0 down
iw wlan0 del
iw phy0 interface add wlan0 type monitor
airmon-ng start wlan0

and I read the RSSI of radiotap, and MAC's of ieee80211 using C code with packet sockets.

More info about radiotap headers here http://www.radiotap.org/

Remember disable the wifi device in openwrt before start monitor mode, maybe that is what freeze your router.

(Last edited by iasimov on 10 Apr 2016, 08:51)

cadaba and iasimov, please share your ongoing projects. I would want to learn more about capturing RSSI and how to use them!

cadaba and iasimov, please share your ongoing projects. I would want to learn more about capturing RSSI and how to use them!