search

kismetwireless / kismet-docs

Mirror of offical kismet-docs repo from kismetwireless.net
19 stars 14 forks source link

Device Filtering #34

Open BigSkippyRoo opened 4 years ago

BigSkippyRoo commented 4 years ago

In newer versions, currently installed 201908, filter_tracker features to ignore devices not working.

Previously, this was possible in the conf file.

Old kismet.conf

Kismet supports basic filtering; networks can be excluded from tracking, pcap logging, or general logging, based on BSSID, source, or destination MAC addresses.

Filters, when enabled, are "positive-pass"; anything matched by the filter will be allowed, and all other matches are excluded. To process ONLY packets to or from the network with the BSSID AA:BB:CC:DD:EE:FF:

filter_tracker=BSSID(AA:BB:CC:DD:EE:FF)

This behavior can be inverted by using the '!' operator. To exclude packets to or from the BSSID AA:BB:CC:DD:EE:FF:

filter_tracker=BSSID(!AA:BB:CC:DD:EE:FF)

kismetwireless commented 4 years ago

Yes - this functionality is not currently in the new kismet version, because it would badly break a number of other features like tracking association of devices to APs and other AP association.

Until I figure out how to preserve the new features, it's going to be absent. Likely it will surface in some different form, with a pass/block view system or something.

On Tue, May 12, 2020 at 4:38 AM BigSkippyRoo notifications@github.com wrote:

In newer versions, currently installed 201908, filter_tracker features to ignore devices not working.

Previously, this was possible in the conf file. Old kismet.conf

Kismet supports basic filtering; networks can be excluded from tracking, pcap logging, or general logging, based on BSSID, source, or destination MAC addresses.

Filters, when enabled, are "positive-pass"; anything matched by the filter will be allowed, and all other matches are excluded. To process ONLY packets to or from the network with the BSSID AA:BB:CC:DD:EE:FF:

filter_tracker=BSSID(AA:BB:CC:DD:EE:FF)

This behavior can be inverted by using the '!' operator. To exclude packets to or from the BSSID AA:BB:CC:DD:EE:FF:

filter_tracker=BSSID(!AA:BB:CC:DD:EE:FF)

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/kismetwireless/kismet-docs/issues/34#issuecomment-627199351, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFKJYY2DDCOOD64AMAJ7MGLRREDI7ANCNFSM4M6TUDFQ .