HOW TO - Airsnort patched (monitor mode patched) orinoco drivers with Fedora Core 1

HOW TO patch, compile and install AirSnort patched (monitor mode patched) orinoco drivers for Fedora Core 1

By

Abstract

Provides basic instructions on patching, compiling and installing patched orinoco drivers for operation with AirSnort Wireless Sniffer. The patch allows orinoco based wireless cards to be set into "Monitor Mode", required for the correct operation of AirSnort. Without this patch, it is not possible to use AirSnort with orinoco based wireless cards.

This how-to assumes a basic understanding of the linux command line.

Introduction

The standard orinoco drivers that are part of most standard distribution kernels don't contain the extra functionality required to operate with the AirSnort Wireless Sniffer Program. So a patch needs to be applied to the orinoco drivers. On a vanilla system, this is quite straight forward, but when using a distro specific kernel, like Fedora Core 1, I discovered a little bit of hacking is required to get the patched drivers to compile and insert.

I decided to write this document to record the steps I took to compile and install the patched orinoco drivers with a standard Fedora Core 1 distribution kernel. If you follow these steps, you should not have to recompile the kernel at all, but rather the drivers will be built against the kernel source and can then be inserted into the standard kernel.

If you have any suggestions as to how I can improve this documentation, please feel free to e-mail me by clicking on the above link.

Please note, I am not a programmer and cannot answer difficult compiler related questions. I managed to get this going by a bit of my own hacking and by a lot of googling. The information following is presented "as is" and on that basis, no warranty is offered and no responsiblity will be taken for system problems as a result of these instructions. Please proceed at your own peril. :)

My environment

Before getting into the nitty gritty's of the steps involved, these instructions where written based on the following envronment:

Distribution: Fedora Core 1
Kernel Version Installed: kernel-2.4.22-1.2174.nptl (installed from rpm)
Wireless Card: Avaya/Orinoco/Hermes 802.11b Wireless PCMCIA Card

Installation Steps:

Most of the following installation steps will require root access, so I recommend changing to the root user prior to commencing installation.

Step 1

Obtain and install the Fedora source kernel package (rpm) that matches your kernel version. In my case, this meant downloading and installing the package named "kernel-source-2.4.22-1.2174.nptl". The kernel source packages are available from the Fedora project homepage or your local Fedora mirror.

Once downloaded, the kernel source rpm can be installed using the following command:

# rpm -ivh kernel-source-2.4.22-1.2174.nptl.i686.rpm

Note that the kernel source must be clean and unmodified. The first time I attempted to compile the patched drivers, I had trouble because I had previously compiled some lucent modem drivers against the source, which had modified the installed source code, causing the issue. If you're not sure, it's best to remove and re-install the source rpm to ensure it's fresh and clean.

Step 2

From a command prompt, change directories to the newly installed source directory:

# cd /usr/src/linux-2.4/

Step 3

Copy the pre-made config file (found in the "configs" directory under the current directory) that matches your installed kernel. Because I'm running the i686 kernel, this meant copying the config file called "kernel-2.4.22-i686.config". This file needs to be copied to the file called ".config" in the current directory.

Eg:

# cp configs/kernel-2.4.22-i686.config .config

Step 4

Run the following command:

# make oldconfig

This will setup the source configuration using the pre-made config file that was copied over in Step 3. When it's completed, you will be returned to the command prompt.

Step 5

Run the following command:

# make dep

This will setup dependencies in the kernel source tree.

Step 6

Edit the following file with your favorite text editor (e.g. vim):

/usr/src/linux-2.4/include/linux/version.h

Find the line that reads:

#define UTS_RELEASE "2.4.22-1.2174.nptlcustom"

and remove the word "custom", so the modified line should read:

#define UTS_RELEASE "2.4.22-1.2174.nptl"

This is necessary as otherwise the compiled modules would fail to load with a version mismatch error.

Step 7

Download and unpack the orinoco driver source code into a suitable location (we'll use your home directory "~/" for our example) using the tar command as follows:

# cd ~/
# tar -zxvf orinoco-0.13d.tar.gz

assuming the tarball is present in the current directory (otherwise specify the full path to the filename in the above command).

For the kernel version specified above, you'll need to download the tarball called "orinoco-0.13d.tar.gz". If you are running a different kernel version, you can find out what driver source version you need to download by looking at the file named:

/usr/src/linux-2.4/drivers/net/wireless/orinoco.c

The very first line of this file will tell you what version of orinoco driver your kernel source is using. For example, the kernel source used in this example contains the following line:

/* orinoco.c 0.13d - (formerly known as dldwd_cs.c and orinoco_cs.c)

so it's clear the kernel is using version 0.13d of the orinoco driver and therefore this is the version of driver source you need to obtain.

You can download the above mentioned version of orinoco source from:

http://ozlabs.org/people/dgibson/dldwd/orinoco-0.13d.tar.gz

Other versions of the driver can be obtained from:

http://ozlabs.org/people/dgibson/dldwd/

Step 8

Download the matching AirSnort orinoco patch for your version of orinoco driver. In our case, you'll need the patch available at:

http://airsnort.shmoo.com/orinoco-0.13d-patch.diff

Patches for other versions of the orinoco driver can be found at:

http://airsnort.shmoo.com/orinocoinfo.html

Copy the patch file to the same location as the unpacked orinoco-0.13d directory. (For example, if you unpacked the orinoco driver to the path "~/orinoco-0.13d", you'll need to copy the patch to "~/".

In our example, the patch file is called "orinoco-0.13d-patch.diff".

Step 9

From the same directory, (in our example that is "~/"), run the following command to apply the AirSnort patch to the orinoco driver source:

# patch -p0 < orinoco-0.13d-patch.diff

If the patch applied successfully, you should be returned to the command prompt with no errors.

Step 10

Make a backup copy of your current orinoco/wireless modules, so that if the new, patched version doesn't insert for some reason, you can always back out the patched modules and replace them with the originals. To do this, run the following command from your default directory ("~/"):

# cp -r /lib/modules/2.4.22-1.2174.nptl/kernel/drivers/net/wireless/ wireless_backup

(Note: the exact directory name will change depending on the version of kernel you are running.)

Step 11

Change your current directory to the orinoco-0.13d directory with the following command:

# cd orinoco-0.13d

Step 12

Run the following command to compile the patched driver source:

# make

Step 13

You may notice a few compiling warnings, but don't worry too much about these. As long as the compile process doesn't abort with any serious errors, the modules should now have been compiled successfully (might take a few minutes depending on the speed of your system). Once the compile process has finished, you should be returned to the command prompt where you can run the following command to install the newly compiled modules:

# make install

Step 14

Run the following command and watch for errors. The command should complete without error:

# depmod -a

Step 15

You should now be able to insert or orinoco/compatible card into the system and have the modules load successfully. Keep an eye on /var/log/messages for any error messages about the insertion of the modules.

Problems

If you run into trouble, remember you can always copy back your original orinoco drivers from the wireless_backup directory, that we backed up in Step 10. Don't forget to re-run the "depmod -a" command after you have copied the original modules back.

Finally

If all has gone well, you should now be able to run AirSnort and activate monitor mode on your orinoco/compatible card. The quickest way I found to install AirSnort (particularly if you want to avoid having to compile the program from source) is to download the rpm from:

http://dag.wieers.com/packages/airsnort/

Cross References

AirSnort Wireless Sniffer home page
AirSnort Orinoco Monitor Mode Patch home page

Author:

$Date: 2004/04/09 14:20:50 $