I have Vim4 with ubuntu 22.04, I want to activate the monitor mode on the on-board WiFi card, but after running the command “sudo iwconfig wlan0 mode monitor” I get the error “Error for wireless request “Set Mode” (8B06): SET failed on device wlan0; Invalid argument”.
Even the command “lspci | grep -i wireless” doesn’t show anything.
I think it is a firmware issue but I don’t know how to fix it. I think I found the needed firmware in the following link but not sure how to fix the issue using it.
The on-board wifi card is AP6275S Wi-Fi 6 Module
Any help is really appreciated, and thank you very much.
numbqq
January 5, 2023, 3:12am
2
Hello @HadK123
In order to use the Wi-Fi monitor mode, you need to upgrade the kernel.
Follow the steps below to upgrade the kernel:
wget https://dl.khadas.com/.test/wifi/linux-image-amlogic-5.4_1.4.2_arm64.deb
sudo dpkg -i linux-image-amlogic-5.4_1.4.2_arm64.deb
sudo reboot
Afrer reboot, follow the steps below to enable monitor mode on node radiotap0
wget https://dl.khadas.com/.test/wifi/dhd_priv
chmod +x dhd_priv
sudo ./dhd_priv monitor 1
sudo ifconfig radiotap0 up
sudo tcpdump -i radiotap0
1 Like
Hello @numbqq thank you for your reply, I tried your solution, but when I run the command “sudo ./dhd_priv monitor 1” I get the error: “dhd_priv(2.4): failed to send cmd at wlan0 with error -1”
I also checked the command that I mentioned in my original post and still getting the same results!
numbqq
January 6, 2023, 12:55am
4
Hello @HadK123
Which version of Ubuntu you used? I checked on my side with latest release 1.4-221229, it works well.
khadas@Khadas:~$ cat /etc/fenix-release
# PLEASE DO NOT EDIT THIS FILE
BOARD=VIM4
VENDOR=Amlogic
VERSION=1.4
ARCH=arm64
INITRD_ARCH=arm64
IMAGE_VERSION=1.4-221229
################ GIT VERSION ################
UBOOT_GIT_VERSION=khadas-vims-u-boot-2019.01-v1.4-release
LINUX_GIT_VERSION=khadas-vims-linux-5.4-v1.4-release
FENIX_GIT_VERSION=v1.4
#############################################
Please provide the information below to me:
cat /etc/fenix-release
uname -a
Yes @numbqq , this is what I also get, exactly what you have
khadas@Khadas:~$ cat /etc/fenix-release
# PLEASE DO NOT EDIT THIS FILE
BOARD=VIM4
VENDOR=Amlogic
VERSION=1.4
ARCH=arm64
INITRD_ARCH=arm64
IMAGE_VERSION=1.4-221229
################ GIT VERSION ################
UBOOT_GIT_VERSION=khadas-vims-u-boot-2019.01-v1.4-release
LINUX_GIT_VERSION=khadas-vims-linux-5.4-v1.4-release
FENIX_GIT_VERSION=v1.4
#############################################
khadas@Khadas:~$ uname -a
Linux Khadas 5.4.180 #1.4.2 SMP PREEMPT Thu Jan 5 10:45:07 CST 2023 aarch64 aarch64 aarch64 GNU/Linux
khadas@Khadas:~$
numbqq
January 6, 2023, 2:27am
6
Hello @HadK123
I guess you connected the Wi-Fi, right? Please distconnect the Wi-Fi connection and try again.
That worked! thank you so much @numbqq ! I really appreciate your help.
CnR89
February 1, 2023, 7:55pm
8
Same issue here:
uname -a Linux Khadas 5.10.66 #1.4 SMP PREEMPT Thu Dec 29 08:18:53 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux
cat /etc/fenix-release
# PLEASE DO NOT EDIT THIS FILE
BOARD=Edge2
VENDOR=Rockchip
VERSION=1.4
ARCH=arm64
INITRD_ARCH=arm64
IMAGE_VERSION=1.4-221229
################ GIT VERSION ################
UBOOT_GIT_VERSION=khadas-edges-u-boot-2017.09-v1.4-release
LINUX_GIT_VERSION=khadas-edges-linux-5.10-v1.4-release
FENIX_GIT_VERSION=v1.4
#############################################
@CnR89
1.The Monitor Mode configuration was enabled
The corresponding modification is as follows:
After modification, recompile and update the kernel
diff --git a/drivers/net/wireless/rockchip_wlan/rkwifi/bcmdhd/Makefile b/drivers/net/wireless/rockchip_wlan/rkwifi/bcmdhd/Makefile
index 5b147c9ff6e5..b74c65aa97c6 100755
--- a/drivers/net/wireless/rockchip_wlan/rkwifi/bcmdhd/Makefile
+++ b/drivers/net/wireless/rockchip_wlan/rkwifi/bcmdhd/Makefile
@@ -33,7 +33,7 @@ DHDCFLAGS = -Wall -Wstrict-prototypes -Wno-date-time \
-DPOWERUP_MAX_RETRY=0 -DIFACE_HANG_FORCE_DEV_CLOSE -DWAIT_DEQUEUE \
-DUSE_NEW_RSPEC_DEFS -Wno-declaration-after-statement \
-DWL_EXT_IAPSTA -DWL_ESCAN -DCCODE_LIST \
- -DENABLE_INSMOD_NO_FW_LOAD -DBCM_USE_PLATFORM_STRLCPY
+ -DENABLE_INSMOD_NO_FW_LOAD -DBCM_USE_PLATFORM_STRLCPY -DWL_MONITOR
DHDOFILES = aiutils.o siutils.o sbutils.o bcmutils.o bcmwifi_channels.o \
dhd_linux.o dhd_linux_platdev.o dhd_linux_sched.o dhd_pno.o \
2.Install the tcpdump tool
$ sudo apt update
$ sudo apt-get install tcpdump
3.To enable the Monitor Mode, you need to configure it using the tool
Download and compile the configuration code.
$ wget https://dl.khadas.com/development/wifi/dhd_priv.tgz
$ tar xvzf dhd_priv.tgz
$ cd dhd_priv
$ make
$ ls dhd_priv
dhd_priv
Run the following command to configure the Monitor Mode:Turn on WiFi and leave it unconnected
$ sudo ./dhd_priv monitor 1
4.Configure the listening node and test
$ sudo ifconfig radiotap0 up
$ ifconfig radiotap0
radiotap0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
unspec 00-00-00-00-00-00-10-CC-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 84967 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
$ sudo tcpdump -i radiotap0
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on radiotap0, link-type IEEE802_11_RADIO (802.11 plus radiotap header), snapshot length 262144 bytes
02:45:43.246094 226443984us tsft short preamble 24.0 Mb/s 5180 MHz 11a -67dBm signal -92dBm noise antenna 1 BA RA:68:77:24:51:be:2d (oui Unknown)
02:45:43.248106 226444815us tsft short preamble 24.0 Mb/s 5180 MHz 11a -79dBm signal -92dBm noise antenna 1 BA RA:68:77:24:51:be:2d (oui Unknown)
02:45:43.248109 226445024us tsft short preamble 6.0 Mb/s 5180 MHz 11a -77dBm signal -92dBm noise antenna 1 Beacon (Sales) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 36, PRIVACY
02:45:43.248111 226445853us tsft short preamble 24.0 Mb/s 5180 MHz 11a -79dBm signal -92dBm noise antenna 1 BA RA:68:77:24:51:be:2d (oui Unknown)
02:45:43.248112 226445934us tsft short preamble wep 6.0 Mb/s 5180 MHz 11a -77dBm signal -92dBm noise antenna 1 Data IV:7200 Pad 20 KeyID 1
02:45:43.251586 226448984us tsft short preamble 6.0 Mb/s 5180 MHz 11a -77dBm signal -92dBm noise antenna 1 Beacon () [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 36, PRIVACY
02:45:43.251764 226449742us tsft -78dBm signal -92dBm noise antenna 1 5180 MHz 11n ht/20 6.5 Mb/s MCS 0 20 MHz long GI greenfield BCC FEC Acknowledgment RA:16:1c:79:a3:40:30 (oui Unknown)
02:45:43.268748 226466307us tsft -78dBm signal -92dBm noise antenna 1 5180 MHz 11n ht/20 6.5 Mb/s MCS 0 20 MHz long GI greenfield BCC FEC Acknowledgment RA:16:1c:79:a3:40:30 (oui Unknown)
02:45:43.289979 226487888us tsft short preamble 24.0 Mb/s 5180 MHz 11a -44dBm signal -92dBm noise antenna 1 BA RA:8c:c8:4b:53:1c:3b (oui Unknown)
02:45:43.294177 226492091us tsft short preamble 6.0 Mb/s 5180 MHz 11a -85dBm signal -92dBm noise antenna 1 Clear-To-Send RA:dc:21:5c:58:8b:53 (oui Unknown)
02:45:43.294881 226492449us tsft short preamble 6.0 Mb/s 5180 MHz 11a -86dBm signal -92dBm noise antenna 1 Clear-To-Send RA:dc:21:5c:58:8b:53 (oui Unknown)
02:45:43.299183 226497114us tsft short preamble 24.0 Mb/s 5180 MHz 11a -77dBm signal -92dBm noise antenna 1 Request-To-Send TA:68:54:5a:54:bf:7d (oui Unknown)
02:45:43.299205 226497159us tsft short preamble 12.0 Mb/s 5180 MHz 11a -60dBm signal -92dBm noise antenna 1 Clear-To-Send RA:68:54:5a:54:bf:7d (oui Unknown)
02:45:43.299597 226497535us tsft short preamble 24.0 Mb/s 5180 MHz 11a -77dBm signal -92dBm noise antenna 1 Request-To-Send TA:68:54:5a:54:bf:7d (oui Unknown)
CnR89
February 3, 2023, 2:58pm
11
Thank you @ivan.li . It works like a charm.
CnR89
March 8, 2023, 2:37pm
12
@ivan.li Hello again,
I can capture packets with “WL_MONITOR” flag but I can’t send raw packets.
Is there anyway to send raw wifi packet’s in monitor mode?
numbqq
March 9, 2023, 8:45am
13
Could you tell us how to test this feature ?
CnR89
March 9, 2023, 8:57am
14
I wrote a golang project which already works on raspberry pi with dongle.
Also I tried aircrack-ng injection test which is fails too
aireplay-ng -9 radiotap0
wmdumb
April 7, 2025, 1:10am
16
Hello. Could you help me out with a similar issue on a Vim3 about running Ubuntu 24.04?
khadas@Khadas:~/dhd_priv$ sudo tcpdump -v -i radiotap0
tcpdump: listening on radiotap0, link-type IEEE802_11_RADIO (802.11 plus radiotap header), snapshot length 262144 bytes
08:54:27.909875 [|802.11_radio]
[Invalid header: caplen==0, len==0]
08:54:27.912057 [|802.11_radio]
08:54:27.933265 [|802.11_radio]
08:54:27.965525 [|802.11_radio]
[Invalid header: caplen==0, len==0]
[Invalid header: caplen==0, len==0]
08:54:27.991947 [|802.11_radio]
[Invalid header: caplen==0, len==0]
08:54:28.035632 [|802.11_radio]
cat /etc/fenix-release and uname -a:
khadas@Khadas:~/dhd_priv$ cat /etc/fenix-release
# PLEASE DO NOT EDIT THIS FILE
BOARD=VIM3
VENDOR=Amlogic
VERSION=1.7.3
ARCH=arm64
INITRD_ARCH=arm64
INSTALL_TYPE=EMMC
IMAGE_VERSION=1.7.3-241129
################ GIT VERSION ################
UBOOT_GIT_VERSION=khadas-vims-u-boot-2015.01-5.15-v1.7.3-release
LINUX_GIT_VERSION=khadas-vims-linux-5.15-v1.7.3-release
FENIX_GIT_VERSION=v1.7.3
#############################################
khadas@Khadas:~/dhd_priv$ uname -a
Linux Khadas 5.15.137 #1.7.3 SMP PREEMPT Fri Nov 29 12:07:37 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux
khadas@Khadas:~/dhd_priv$
Jacobe
April 17, 2025, 2:49am
17
Hello @wmdumb
I have tested VIM3, since the AP6398S don’t have hardware radio, so you can’t use monitor mode on it.
VIM4(Wi-Fi chip is AP6275S) and Edge2(Wi-Fi chip is AP6275P) support the monitor mode and you can use tcpdump to capture network packet.
2 Likes