1diff -ur ../madwifi-cvs-20050707/ath/if_ath.c ./ath/if_ath.c 2--- ../madwifi-cvs-20050707/ath/if_ath.c 2005-06-25 02:35:12.000000000 +0200 3+++ ./ath/if_ath.c 2005-07-30 00:27:46.000000000 +0200 4@@ -1117,7 +1117,8 @@ 5 /* 6 * Encapsulate the packet for transmission. 7 */ 8- skb = ieee80211_encap(ic, skb, &ni); 9+ if (ic->ic_opmode != IEEE80211_M_MONITOR) 10+ skb = ieee80211_encap(ic, skb, &ni); 11 if (skb == NULL) { 12 DPRINTF(sc, ATH_DEBUG_XMIT, 13 "%s: discard, encapsulation failure\n", __func__); 14@@ -2830,7 +2831,7 @@ 15 struct ieee80211com *ic = &sc->sc_ic; 16 struct ath_hal *ah = sc->sc_ah; 17 int iswep, ismcast, keyix, hdrlen, pktlen, try0; 18- u_int8_t rix, txrate, ctsrate; 19+ u_int8_t rix = 0, txrate, ctsrate; 20 u_int8_t cix = 0xff; /* NB: silence compiler */ 21 struct ath_desc *ds; 22 struct ath_txq *txq; 23@@ -2847,7 +2848,7 @@ 24 hdrlen = ieee80211_anyhdrsize(wh); 25 pktlen = skb->len; 26 27- if (iswep) { 28+ if (iswep && ic->ic_opmode != IEEE80211_M_MONITOR) { 29 const struct ieee80211_cipher *cip; 30 struct ieee80211_key *k; 31 32@@ -2909,7 +2910,7 @@ 33 * use short preamble based on the current mode and 34 * negotiated parameters. 35 */ 36- if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 37+ if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && ni != NULL && 38 (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_PREAMBLE)) { 39 shortPreamble = AH_TRUE; 40 sc->sc_stats.ast_tx_shortpre++; 41@@ -2924,6 +2925,11 @@ 42 */ 43 switch (wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) { 44 case IEEE80211_FC0_TYPE_MGT: 45+ if (ic->ic_opmode == IEEE80211_M_MONITOR) { 46+ atype = HAL_PKT_TYPE_NORMAL; 47+ txq = sc->sc_ac2q[skb->priority]; 48+ break; 49+ } 50 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 51 if (subtype == IEEE80211_FC0_SUBTYPE_BEACON) 52 atype = HAL_PKT_TYPE_BEACON; 53@@ -2943,6 +2949,11 @@ 54 txq = sc->sc_ac2q[WME_AC_VO]; 55 break; 56 case IEEE80211_FC0_TYPE_CTL: 57+ if (ic->ic_opmode == IEEE80211_M_MONITOR) { 58+ atype = HAL_PKT_TYPE_NORMAL; 59+ txq = sc->sc_ac2q[skb->priority]; 60+ break; 61+ } 62 atype = HAL_PKT_TYPE_PSPOLL; /* stop setting of duration */ 63 rix = 0; /* XXX lowest rate */ 64 try0 = ATH_TXMAXTRY; 65@@ -2958,8 +2969,9 @@ 66 /* 67 * Data frames; consult the rate control module. 68 */ 69- ath_rate_findrate(sc, an, shortPreamble, skb->len, 70- &rix, &try0, &txrate); 71+ if (ic->ic_opmode != IEEE80211_M_MONITOR) 72+ ath_rate_findrate(sc, an, shortPreamble, skb->len, 73+ &rix, &try0, &txrate); 74 /* 75 * Default all non-QoS traffic to the background queue. 76 */ 77@@ -2970,6 +2982,11 @@ 78 txq = sc->sc_ac2q[WME_AC_BK]; 79 break; 80 default: 81+ if (ic->ic_opmode == IEEE80211_M_MONITOR) { 82+ atype = HAL_PKT_TYPE_NORMAL; 83+ txq = sc->sc_ac2q[skb->priority]; 84+ break; 85+ } 86 printk("%s: bogus frame type 0x%x (%s)\n", dev->name, 87 wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK, __func__); 88 /* XXX statistic */ 89@@ -3092,6 +3109,17 @@ 90 txq->axq_intrcnt = 0; 91 } 92 93+ if (ic->ic_opmode == IEEE80211_M_MONITOR) { 94+ int i; 95+ try0 = 1; /* no retransmissions */ 96+ txrate = 0; 97+ rt = sc->sc_rates[IEEE80211_MODE_11G]; 98+ for (i = 0; i < rt->rateCount; i++) { 99+ if (rt->info[i].rateKbps == ic->inject_rate) 100+ txrate = rt->info[i].rateCode; 101+ } 102+ } 103+ 104 /* 105 * Formulate first tx descriptor with tx controls. 106 */ 107@@ -3100,7 +3128,7 @@ 108 , pktlen /* packet length */ 109 , hdrlen /* header length */ 110 , atype /* Atheros packet type */ 111- , MIN(ni->ni_txpower,60)/* txpower */ 112+ , 60 /* txpower */ 113 , txrate, try0 /* series 0 rate/tries */ 114 , keyix /* key cache index */ 115 , sc->sc_txantenna /* antenna mode */ 116@@ -3115,7 +3143,7 @@ 117 * when the hardware supports multi-rate retry and 118 * we don't use it. 119 */ 120- if (try0 != ATH_TXMAXTRY) 121+ if (try0 != ATH_TXMAXTRY && ic->ic_opmode != IEEE80211_M_MONITOR) 122 ath_rate_setupxtxdesc(sc, an, ds, shortPreamble, rix); 123 124 ds->ds_link = 0; 125Only in ./ath: if_ath.c.orig 126diff -ur ../madwifi-cvs-20050707/net80211/ieee80211_var.h ./net80211/ieee80211_var.h 127--- ../madwifi-cvs-20050707/net80211/ieee80211_var.h 2005-02-16 17:09:03.000000000 +0100 128+++ ./net80211/ieee80211_var.h 2005-07-29 22:43:08.000000000 +0200 129@@ -307,6 +307,8 @@ 130 */ 131 const struct ieee80211_aclator *ic_acl; 132 void *ic_as; 133+ 134+ int inject_rate; /* injection rate in Monitor mode */ 135 }; 136 137 #define IEEE80211_ADDR_EQ(a1,a2) (memcmp(a1,a2,IEEE80211_ADDR_LEN) == 0) 138diff -ur ../madwifi-cvs-20050707/net80211/ieee80211_wireless.c ./net80211/ieee80211_wireless.c 139--- ../madwifi-cvs-20050707/net80211/ieee80211_wireless.c 2005-03-07 17:35:09.000000000 +0100 140+++ ./net80211/ieee80211_wireless.c 2005-07-29 22:50:42.000000000 +0200 141@@ -328,6 +328,18 @@ 142 struct ifreq ifr; 143 int rate; 144 145+ if (ic->ic_opmode == IEEE80211_M_MONITOR) { 146+ rate = rrq->value / 1000; 147+ if (rate != 1000 && rate != 2000 && rate != 5500 && 148+ rate != 11000 && rate != 6000 && rate != 9000 && 149+ rate != 12000 && rate != 18000 && rate != 24000 && 150+ rate != 36000 && rate != 48000 && rate != 54000 ) 151+ return -EINVAL; 152+ printk(KERN_DEBUG "setting xmit rate to %d\n", rate); 153+ ic->inject_rate = rate; 154+ return 0; 155+ } 156+ 157 if (!ic->ic_media.ifm_cur) 158 return -EINVAL; 159 memset(&ifr, 0, sizeof(ifr)); 160@@ -354,6 +366,11 @@ 161 struct ifmediareq imr; 162 int rate; 163 164+ if (ic->ic_opmode == IEEE80211_M_MONITOR) { 165+ rrq->value = ic->inject_rate * 1000; 166+ return 0; 167+ } 168+ 169 memset(&imr, 0, sizeof(imr)); 170 (*ic->ic_media.ifm_status)(ic->ic_dev, &imr); 171 172@@ -782,6 +799,7 @@ 173 #if WIRELESS_EXT >= 15 174 case IW_MODE_MONITOR: 175 ifr.ifr_media |= IFM_IEEE80211_MONITOR; 176+ ic->inject_rate = 5500; /* default = 5.5M DSSS */ 177 break; 178 #endif 179 default: 180