How to capture ethernet and 802.11 traffiic at once.
Use a linux OS PC with wlan interface
In a terminal use the following commands:
- sudo iw dev wlan0 interface add mon0 type monitor
- sudo ifconfig mon0 up
Start wireshark and select wlan0 and mon0 to capture traffic
If needed you can add a capture filter i.e.:
ether host 84:3a:4b:d3:2c:1c
wlan host 84:3a:4b:d3:2c:1c
Don’t forget to sort on Time!
Below you’ll see an example of a DNS request (see marked packets). Trace is taken without a capture filter.
to remove the monitor port:
- sudo ifconfig mon0 down
- sudo iw dev mon0 del