Tiny Core Linux
Off-Topic => Off-Topic - Tiny Core Lounge => Topic started by: GNUser on May 27, 2020, 01:31:57 PM
-
I discovered something strange. If I connect my laptop to a hotspot, for example AndroidAP being hosted on my phone, then the hotspot goes away (because I completely powered off my phone for example), the next time I scan for networks using this command on the laptop...
$ sudo iwlist wlan0 scanning
...the now-nonexistent AndroidAP hotspot still shows up in the scan results. I have to scan a second time in order for the nonexistent hotspot to disappear from the scan results.
Any idea why the hotspot scan is finding this non-existent hotspot?
-
Here's relevant part of scan results when AndroidAP is up:
Cell 21 - Address: [redacted]
Channel:1
Frequency:2.412 GHz (Channel 1)
Quality=70/70 Signal level=-37 dBm
Encryption key:on
ESSID:"AndroidAP-bd"
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s
24 Mb/s; 36 Mb/s; 54 Mb/s
Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s
Mode:Master
Extra:tsf=00000000006b424f
Extra: Last beacon: 90ms ago
IE: Unknown: 000C416E64726F696441502D6264
IE: Unknown: 010882848B962430486C
IE: Unknown: 030101
IE: Unknown: 2A0100
IE: Unknown: 32040C121860
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : CCMP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
IE: Unknown: 2D1A2D0017FFFF000000000000000000000000000000000000000000
IE: Unknown: 3D1601081100000000000000000000000000000000000000
IE: Unknown: 7F080400008001000040
IE: Unknown: DD1E00904C0408BF0C3258810FFAFF0000FAFF0000C0050001000000C3020010
IE: Unknown: DD090010180200001C0000
IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00
And here is the "ghost" AndroidAP showing up in subsequent scan, when the hotspot is actually 100% nonexistent because my phone is physically turned off:
Cell 18 - Address: [redacted]
Channel:1
Frequency:2.412 GHz (Channel 1)
Quality=70/70 Signal level=-30 dBm
Encryption key:on
ESSID:"AndroidAP-bd"
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s
24 Mb/s; 36 Mb/s; 54 Mb/s
Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s
Mode:Master
Extra:tsf=000000000268ac75
Extra: Last beacon: 7230ms ago
IE: Unknown: 000C416E64726F696441502D6264
IE: Unknown: 010882848B962430486C
IE: Unknown: 030101
IE: Unknown: 2A0100
IE: Unknown: 32040C121860
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : CCMP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
IE: Unknown: 2D1A2D0017FFFF000000000000000000000000000000000000000000
IE: Unknown: 3D1601081500000000000000000000000000000000000000
IE: Unknown: 7F080400008001000040
IE: Unknown: DD1E00904C0408BF0C3258810FFAFF0000FAFF0000C0050001000000C3020010
IE: Unknown: DD090010180201001C0000
IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00
-
I found this, but the answers only pertain to wpa_supplicant (not iwlist):
https://unix.stackexchange.com/questions/391237/wifi-scans-show-ssid-of-a-powered-off-network-for-several-scans-afterwards
-
Hi GNUser
Sounds like some kind of caching may be going on. Look at the time difference since the last updates:
Android up
Extra: Last beacon: 90ms ago
vs. Android down
Extra: Last beacon: 7230ms ago
-
Yes, cache issue sounds quite likely. However, iwlist man page does not talk about how to ignore the cache.
I'd like to try scanning using wpa_cli since it seems wpa_supplicant has some relevant configuration options, but I'm stuck here:
$ sudo wpa_cli -i wlan0 scan
Failed to connect to non-global ctrl_ifname: wlan0 error: No such file or directory
Any idea how to work around the above?
-
Best solution would be to figure out where iwlist keeps its cache, so that I can flush it before scanning.
-
Hi GNUser
From the man page:
scan[ning]
Give the list of Access Points and Ad-Hoc cells in range, and optionally a whole bunch of information about them (ESSID, Quality, Frequency, Mode...). The type of information returned depends on what the card supports.
Triggering scanning is a privileged operation (root only) and normal users can only read left-over scan results. By default, the way scanning is done (the scope of the scan) is dependant on the card and card settings.
This command take optional arguments, however most drivers will ignore those. The option essid is used to specify a scan on a specific ESSID. The option last do not trigger a scan and read left-over scan results.
Notice what the last sentence says:
The option last do not trigger a scan and read left-over scan results.
Try adding another option after scan.
-
$ iwlist --help
Usage: iwlist [interface] scanning [essid NNN] [last]I think it means that if the option last (literal) is used, then no scan is performed and results come 100% from cache.
I'm not using the last option.
It seems that if last is omitted, then scan results include those of an actual scan plus what's in the cache.
There must be a way to either ignore the cache or else to flush it before scanning...
-
I can confirm that adding the option last results in only cached results being shown.
Running strace does not reveal an obvious cache file:
$ strace -e trace=file iwlist wlan0 scanning last
execve("/usr/local/sbin/iwlist", ["iwlist", "wlan0", "scanning", "last"], [/* 27 vars */]) = 0
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/usr/local/lib/libiw.so.29", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/lib/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
wlan0 Scan completed :
Cell 01 - Address: 00:E1:6D:63:57:47
Channel:1
Frequency:2.412 GHz (Channel 1)
Quality=53/70 Signal level=-57 dBm
Encryption key:off
ESSID:"WorkVisitor"
Bit Rates:5.5 Mb/s; 6 Mb/s; 9 Mb/s; 11 Mb/s; 12 Mb/s
18 Mb/s; 24 Mb/s; 36 Mb/s
Bit Rates:48 Mb/s; 54 Mb/s
Mode:Master
Extra:tsf=000003a70067d7f9
Extra: Last beacon: 752737ms ago
IE: Unknown: 000B41524D4356697369746F72
IE: Unknown: 01088B0C129618243048
IE: Unknown: 030101
IE: Unknown: 0706555320010B1E
IE: Unknown: 0B0505005E8D5B
IE: Unknown: 2A0100
IE: Unknown: 2D1A2C181BFFFF000000000000000000000000000000000000000000
IE: Unknown: 3202606C
IE: Unknown: 3D1601000500000000000000000000000000000000000000
IE: Unknown: 7F080010000001400001
IE: Unknown: 851E09008F000F00FF0359004C41502D41432D322D303600000000000500003A
IE: Unknown: 9606004096000800
IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00
IE: Unknown: DD06004096010104
IE: Unknown: DD050040960305
IE: Unknown: DD050040960B09
IE: Unknown: DD080040961301003401
IE: Unknown: DD050040961404
+++ exited with 0 +++
Where are the cached results hiding? If I can find them, then maybe I can flush them.
-
Hi GNUser
$ iwlist --help
Usage: iwlist [interface] scanning [essid NNN] [last]I think it means that if the option last (literal) is used, then no scan is performed and results come 100% from cache.
I'm not using the last option.
It seems that if last is omitted, then scan results include those of an actual scan plus what's in the cache. ...
Seems they forgot to list that in the man pages Synopsis. The word last showed up exactly one time in the man page.
Maybe do a search for something you can change (scan, iwlist, cache, wlan, etc.) in sysctl:
sudo sysctl -a 2>&1 | grep -i wlan
-
I found that removing then reloading my wifi interface's kernel module clears the cache:
$ sudo modprobe -r ath9k
$ sudo modprobe ath9k
$ sudo ifconfig wlan0 up
$ sudo iwlist wlan0 scanning last
wlan0 No scan results # nothing in cache, nice!
$ sudo iwlist wlan0 scanning
-> no cached hotspots in scan result :)
It works, but it's a kludge. Does the above suggest where the cache might be hiding?
-
Hi, GNUser!
It may be internal kernel buffer (
-
Thanks, jazzbiker. Seems we're getting warmer.
Hopefully the kernel does not have one giant buffer for everything. There must be a sub-buffer with cached wifi scan results somewhere. I'll try grepping though /proc, but I suspect the buffer is binary and I'll get no hits.
-
Wow, You monster! You want to destroy our beloved TinyCore! Stop immediately!!!
-
Haha. TCL made me fearless. If the computer blows up in my face, a reboot magically fixes everything ;D
-
Reloading the wireless interface's kernel module before scanning is a good-enough solution for now.
If I find a more direct way of clearing the cached scan results, I'll post it here.
If someone beats me to the punch, please do share ;)
-
II have to scan a second time in order for the nonexistent hotspot to disappear from the scan results.
You wrote this.
-
I don't like that "solution" because I don't have any guarantees--I don't know for how long entries live in the cache.
Maybe it's just by accident that a second scan works. Perhaps if second scan completes quickly enough, the non-existent hotspot will still show up...
-
Hi GNUser
I just turned on a Netbook to see what shows up in sysctl for wireless networking and this provided many results:
sudo sysctl -a 2>&1 | grep -i wlanI recommend researching the names containing time or delay for starters.
-
Thank you, Rich. I took a look and the output and there are indeed several candidate parameters.
Unfortunately, even with help (https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt) it's hard to find what I'm looking for given the highly technical verbiage. I'll explore this further when I have more time.
-
Hi, GNUser!
I'm surrounded by a lot of Wifi networks. I've chosen one of them with the weak signal under -90dB, and made:
tc@box:/tmp$ APN="<SSID of distant Wifi network>"
tc@box:/tmp$ while true; do sudo iwlist wlan0 scan | grep -A 6 "$APN" | grep "Last beacon" ; [ $? = 1 ] && echo none ; done
Extra: Last beacon: 19547ms ago
Extra: Last beacon: 22734ms ago
Extra: Last beacon: 25917ms ago
Extra: Last beacon: 29104ms ago
none
Extra: Last beacon: 361ms ago
Extra: Last beacon: 3547ms ago
Extra: Last beacon: 6741ms ago
Extra: Last beacon: 9927ms ago
Extra: Last beacon: 13117ms ago
Extra: Last beacon: 16301ms ago
Extra: Last beacon: 19487ms ago
Extra: Last beacon: 22674ms ago
Extra: Last beacon: 25861ms ago
Extra: Last beacon: 29047ms ago
none
none
In my understanding this means, that lost AP stay in the cache for 30 seconds and only then is thrown away.
-
recently I re-looked at wicd.
Altho its a GUI and might not suit GNUser, I can confirm its quite good at detecting real networks, not past networks. Might be worth a shot?
and purely selfishly.....I like its ability to swap between wired and wireless if you name your interfaces, wlan0 and eth0.....and hide WL router names you do not want to connect to, ie your neighbours