diff -Nurb madwifi-ng-r1457/ath/if_ath.c patched_madwifi-ng-r1457/ath/if_ath.c --- madwifi-ng-r1457/ath/if_ath.c 2006-02-25 00:24:30.000000000 +0100 +++ patched_madwifi-ng-r1457/ath/if_ath.c 2006-03-01 23:23:32.000000000 +0100 @@ -2166,6 +2166,7 @@ struct ath_softc *sc = dev->priv; struct ath_hal *ah = sc->sc_ah; struct ieee80211_phy_params *ph = (struct ieee80211_phy_params *) (skb->cb + sizeof(struct ieee80211_cb)); + struct ieee80211com *ic = &sc->sc_ic; const HAL_RATE_TABLE *rt; int pktlen; int hdrlen; @@ -2180,9 +2181,12 @@ struct ieee80211_frame *wh; wh = (struct ieee80211_frame *) skb->data; - try0 = ATH_TXMAXTRY; + try0 = (ic->ic_opmode == IEEE80211_M_MONITOR) ? 1 : ATH_TXMAXTRY; + /* + * The retry value has to be patched to 1 when injecting, + * otherwise the card waits for acknowledges... + */ rt = sc->sc_currates; - txrate = dot11_to_ratecode(sc, rt, ph->rate0); + txrate = dot11_to_ratecode(sc, rt, (ic->ic_opmode == IEEE80211_M_MONITOR) ? (ic->inject_rate / 500) : ph->rate0); power = ph->power > 60 ? 60 : ph->power; hdrlen = ieee80211_anyhdrsize(wh); pktlen = skb->len + IEEE80211_CRC_LEN; diff -Nurb madwifi-ng-r1457/net80211/ieee80211_var.h patched_madwifi-ng-r1457/net80211/ieee80211_var.h --- madwifi-ng-r1457/net80211/ieee80211_var.h 2006-02-06 20:58:08.000000000 +0100 +++ patched_madwifi-ng-r1457/net80211/ieee80211_var.h 2006-03-01 23:24:38.000000000 +0100 @@ -138,6 +138,7 @@ u_int16_t ic_txpowlimit; /* global tx power limit */ u_int16_t ic_uapsdmaxtriggers; /* max triggers that could arrive */ u_int8_t ic_coverageclass; /* coverage class */ + int inject_rate; /* injection rate in Monitor mode */ /* * Channel state: diff -Nurb madwifi-ng-r1457/net80211/ieee80211_wireless.c patched_madwifi-ng-r1457/net80211/ieee80211_wireless.c --- madwifi-ng-r1457/net80211/ieee80211_wireless.c 2006-02-19 18:35:54.000000000 +0100 +++ patched_madwifi-ng-r1457/net80211/ieee80211_wireless.c 2006-03-01 23:30:34.000000000 +0100 @@ -346,6 +346,18 @@ struct ifmediareq imr; int rate, retv; + if (ic->ic_opmode == IEEE80211_M_MONITOR) { + rate = rrq->value / 1000; + if (rate != 1000 && rate != 2000 && rate != 5500 && + rate != 11000 && rate != 6000 && rate != 9000 && + rate != 12000 && rate != 18000 && rate != 24000 && + rate != 36000 && rate != 48000 && rate != 54000 ) + return -EINVAL; + printk(KERN_DEBUG "setting xmit rate to %d\n", rate); + ic->inject_rate = rate; + return 0; + } + if (vap->iv_media.ifm_cur == NULL) return -EINVAL; memset(&ifr, 0, sizeof(ifr)); @@ -379,9 +391,15 @@ struct iw_param *rrq, char *extra) { struct ieee80211vap *vap = dev->priv; + struct ieee80211com *ic = vap->iv_ic; struct ifmediareq imr; int rate; + if (ic->ic_opmode == IEEE80211_M_MONITOR) { + rrq->value = ic->inject_rate * 1000; + return 0; + } + memset(&imr, 0, sizeof(imr)); vap->iv_media.ifm_status(vap->iv_dev, &imr); @@ -1051,6 +1069,7 @@ __u32 *mode, char *extra) { struct ieee80211vap *vap = dev->priv; + struct ieee80211com *ic = vap->iv_ic; struct ifmediareq imr; int valid = 0; @@ -1060,8 +1079,10 @@ if (imr.ifm_active & IFM_IEEE80211_HOSTAP) valid = (*mode == IW_MODE_MASTER); #if WIRELESS_EXT >= 15 - else if (imr.ifm_active & IFM_IEEE80211_MONITOR) + else if (imr.ifm_active & IFM_IEEE80211_MONITOR) { valid = (*mode == IW_MODE_MONITOR); + ic->inject_rate = 5500; /* default = 5.5M CCK */ + } #endif else if (imr.ifm_active & IFM_IEEE80211_ADHOC) valid = (*mode == IW_MODE_ADHOC);