There is an issue applying BPF filters when using the libpcap0.8 version found on bullseye.
2021-12-09 00:25:54,837 [ERROR] fakeap.py: we had a problem creating BPF filters on L2socket/wlan0mon
Traceback (most recent call last):
File "/opt/wlanpi-profiler/lib/python3.9/site-packages/profiler/fakeap.py", line 385, in __init__
sniff(
File "/opt/wlanpi-profiler/lib/python3.9/site-packages/scapy/sendrecv.py", line 1263, in sniff
sniffer._run(*args, **kwargs)
File "/opt/wlanpi-profiler/lib/python3.9/site-packages/scapy/sendrecv.py", line 1127, in _run
sniff_sockets[L2socket(type=ETH_P_ALL, iface=iface,
File "/opt/wlanpi-profiler/lib/python3.9/site-packages/scapy/arch/linux.py", line 497, in __init__
attach_filter(self.ins, filter, self.iface)
File "/opt/wlanpi-profiler/lib/python3.9/site-packages/scapy/arch/linux.py", line 166, in attach_filter
bp = compile_filter(bpf_filter, iface)
File "/opt/wlanpi-profiler/lib/python3.9/site-packages/scapy/arch/common.py", line 156, in compile_filter
raise Scapy_Exception(
scapy.error.Scapy_Exception: Failed to compile filter expression type mgt subtype probe-req or type mgt subtype auth or type mgt subtype assoc-req or type mgt subtype reassoc-req (-1)
2021-12-09 00:25:54,840 [INFO] fakeap.py: try running with --no_bpf_filters
I've implemented a manual workaround to remove BPF filters using the --no_bpf_filters option. We can apply it like this:
But how do we fix the dependency problem on libpcap?
If we're on bullseye, we can update libpcap0.8 from the bullseye-backports repo like this:
# Add Backports to sources.list (or add a new file with the ".list" extension to /etc/apt/sources.list.d/).
sudo apt edit-sources
deb http://deb.debian.org/debian bullseye-backports main
## Intall GPG keys
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
## Update apt
sudo apt update
## Installing backports on the command line
sudo apt -t bullseye-backports install libpcap0.8
There is an issue applying BPF filters when using the libpcap0.8 version found on bullseye.
I've implemented a manual workaround to remove BPF filters using the
--no_bpf_filters
option. We can apply it like this:But how do we fix the dependency problem on libpcap?
If we're on bullseye, we can update libpcap0.8 from the bullseye-backports repo like this:
This should resolve the problem.