Can't discover any devices

[xcodian]

I can't discover any devices via the opendrop find command. It successfully starts looking for receivers but then just sits there and can't discover any devices. OWL seems to be working fine, and with wireshark (not wireshark-awdl) I can see packets being sent between other devices.

Is this a problem on my end or a bug/limitation of OpenDrop?
Cheers.

[vinint]

I also can't find any apple devices

[schmittner]

There could be several causes here. Maybe this helps the debug process:

1. Does opendrop receive work on your setup? If yes, goto 3. If no, goto 2.
2. Your Wi-Fi card probably does not support active monitor mode and/or frame injection. You’ll need a different Wi-Fi card in that case. Our owl repository has more info.
3. Is your Apple device in everyone mode? If no, turn that on. If yes, goto 4.
4. Apple devices only turn on the receiver mode if they receive a special BLE advertisement. Unfortunately, OpenDrop currently does not implement this (see TODOs in the README). You can check whether this is causing the problem by opening the AirDrop sharing pane on a different Apple device.

[anarcat]

thanks so much for the debugging script. Here is what it looks like on a Purism Librem13v4 (Qualcomm Atheros AR9462 wifi chipset) trying to pair with an iPad 4:

1. no, opendrop receive (and opendrop find) do not find the iPad
2. the wifi card does support active monitor mode and frame injection
3. yes, the iPad is in "everyone" mode
4. I don't have another apple device on hand right now, unfortunately, this might be the problem although I shouldn't have reached this step because receive doesn't work either.

For what it's worth, the Atheros device I have is slightly different from your lab device. Here's the output of the info command (as per seemoo-lab/owl#9)

anarcat@angela:~(master)$ iw phy phy0 info
Wiphy phy0
	max # scan SSIDs: 4
	max scan IEs length: 2257 bytes
	max # sched scan SSIDs: 0
	max # match sets: 0
	max # scan plans: 1
	max scan plan interval: -1
	max scan plan iterations: 0
	Retry short limit: 7
	Retry long limit: 4
	Coverage class: 0 (up to 0m)
	Device supports RSN-IBSS.
	Device supports AP-side u-APSD.
	Device supports T-DLS.
	Supported Ciphers:
		* WEP40 (00-0f-ac:1)
		* WEP104 (00-0f-ac:5)
		* TKIP (00-0f-ac:2)
		* CCMP-128 (00-0f-ac:4)
		* CCMP-256 (00-0f-ac:10)
		* GCMP-128 (00-0f-ac:8)
		* GCMP-256 (00-0f-ac:9)
		* CMAC (00-0f-ac:6)
		* CMAC-256 (00-0f-ac:13)
		* GMAC-128 (00-0f-ac:11)
		* GMAC-256 (00-0f-ac:12)
	Available Antennas: TX 0x3 RX 0x3
	Configured Antennas: TX 0x3 RX 0x3
	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * AP/VLAN
		 * monitor
		 * mesh point
		 * P2P-client
		 * P2P-GO
		 * outside context of a BSS
	Band 1:
		Capabilities: 0x11ef
			RX LDPC
			HT20/HT40
			SM Power Save disabled
			RX HT20 SGI
			RX HT40 SGI
			TX STBC
			RX STBC 1-stream
			Max AMSDU length: 3839 bytes
			DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 8 usec (0x06)
		HT TX/RX MCS rate indexes supported: 0-15
		Bitrates (non-HT):
			* 1.0 Mbps
			* 2.0 Mbps (short preamble supported)
			* 5.5 Mbps (short preamble supported)
			* 11.0 Mbps (short preamble supported)
			* 6.0 Mbps
			* 9.0 Mbps
			* 12.0 Mbps
			* 18.0 Mbps
			* 24.0 Mbps
			* 36.0 Mbps
			* 48.0 Mbps
			* 54.0 Mbps
		Frequencies:
			* 2412 MHz [1] (30.0 dBm)
			* 2417 MHz [2] (30.0 dBm)
			* 2422 MHz [3] (30.0 dBm)
			* 2427 MHz [4] (30.0 dBm)
			* 2432 MHz [5] (30.0 dBm)
			* 2437 MHz [6] (30.0 dBm)
			* 2442 MHz [7] (30.0 dBm)
			* 2447 MHz [8] (30.0 dBm)
			* 2452 MHz [9] (30.0 dBm)
			* 2457 MHz [10] (30.0 dBm)
			* 2462 MHz [11] (30.0 dBm)
			* 2467 MHz [12] (disabled)
			* 2472 MHz [13] (disabled)
			* 2484 MHz [14] (disabled)
	Band 2:
		Capabilities: 0x11ef
			RX LDPC
			HT20/HT40
			SM Power Save disabled
			RX HT20 SGI
			RX HT40 SGI
			TX STBC
			RX STBC 1-stream
			Max AMSDU length: 3839 bytes
			DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 8 usec (0x06)
		HT TX/RX MCS rate indexes supported: 0-15
		Bitrates (non-HT):
			* 6.0 Mbps
			* 9.0 Mbps
			* 12.0 Mbps
			* 18.0 Mbps
			* 24.0 Mbps
			* 36.0 Mbps
			* 48.0 Mbps
			* 54.0 Mbps
		Frequencies:
			* 5180 MHz [36] (23.0 dBm) (no IR)
			* 5200 MHz [40] (23.0 dBm) (no IR)
			* 5220 MHz [44] (23.0 dBm) (no IR)
			* 5240 MHz [48] (23.0 dBm) (no IR)
			* 5260 MHz [52] (23.0 dBm) (no IR, radar detection)
			* 5280 MHz [56] (23.0 dBm) (no IR, radar detection)
			* 5300 MHz [60] (23.0 dBm) (no IR, radar detection)
			* 5320 MHz [64] (23.0 dBm) (no IR, radar detection)
			* 5500 MHz [100] (23.0 dBm) (no IR, radar detection)
			* 5520 MHz [104] (23.0 dBm) (no IR, radar detection)
			* 5540 MHz [108] (23.0 dBm) (no IR, radar detection)
			* 5560 MHz [112] (23.0 dBm) (no IR, radar detection)
			* 5580 MHz [116] (23.0 dBm) (no IR, radar detection)
			* 5600 MHz [120] (23.0 dBm) (no IR, radar detection)
			* 5620 MHz [124] (23.0 dBm) (no IR, radar detection)
			* 5640 MHz [128] (23.0 dBm) (no IR, radar detection)
			* 5660 MHz [132] (23.0 dBm) (no IR, radar detection)
			* 5680 MHz [136] (23.0 dBm) (no IR, radar detection)
			* 5700 MHz [140] (23.0 dBm) (no IR, radar detection)
			* 5745 MHz [149] (30.0 dBm) (no IR)
			* 5765 MHz [153] (30.0 dBm) (no IR)
			* 5785 MHz [157] (30.0 dBm) (no IR)
			* 5805 MHz [161] (30.0 dBm) (no IR)
			* 5825 MHz [165] (30.0 dBm) (no IR)
	Supported commands:
		 * new_interface
		 * set_interface
		 * new_key
		 * start_ap
		 * new_station
		 * new_mpath
		 * set_mesh_config
		 * set_bss
		 * authenticate
		 * associate
		 * deauthenticate
		 * disassociate
		 * join_ibss
		 * join_mesh
		 * remain_on_channel
		 * set_tx_bitrate_mask
		 * frame
		 * frame_wait_cancel
		 * set_wiphy_netns
		 * set_channel
		 * set_wds_peer
		 * tdls_mgmt
		 * tdls_oper
		 * probe_client
		 * set_noack_map
		 * register_beacons
		 * start_p2p_device
		 * set_mcast_rate
		 * connect
		 * disconnect
		 * channel_switch
		 * set_qos_map
		 * set_multicast_to_unicast
	Supported TX frame types:
		 * IBSS: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * mesh point: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * P2P-device: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
	Supported RX frame types:
		 * IBSS: 0x40 0xb0 0xc0 0xd0
		 * managed: 0x40 0xd0
		 * AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
		 * AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
		 * mesh point: 0xb0 0xc0 0xd0
		 * P2P-client: 0x40 0xd0
		 * P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
		 * P2P-device: 0x40 0xd0
	software interface modes (can always be added):
		 * AP/VLAN
		 * monitor
	valid interface combinations:
		 * #{ managed } <= 2048, #{ AP, mesh point } <= 8, #{ P2P-client, P2P-GO } <= 1,
		   total <= 2048, #channels <= 1, STA/AP BI must match
	HT Capability overrides:
		 * MCS: ff ff ff ff ff ff ff ff ff ff
		 * maximum A-MSDU length
		 * supported channel width
		 * short GI for 40 MHz
		 * max A-MPDU length exponent
		 * min MPDU start spacing
	Device supports TX status socket option.
	Device supports HT-IBSS.
	Device supports SAE with AUTHENTICATE command
	Device supports low priority scan.
	Device supports scan flush.
	Device supports AP scan.
	Device supports per-vif TX power setting
	P2P GO supports CT window setting
	Driver supports full state transitions for AP/GO clients
	Driver supports a userspace MPM
	Device supports active monitor (which will ACK incoming frames)
	Driver/device bandwidth changes during BSS lifetime (AP/GO mode)
	Device supports configuring vdev MAC-addr on create.
	Supported extended features:
		* [ RRM ]: RRM
		* [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
		* [ CQM_RSSI_LIST ]: multiple CQM_RSSI_THOLD records
		* [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
		* [ TXQS ]: FQ-CoDel-enabled intermediate TXQs

So this might just be the iPad not waking up, but then again I don't understand why it wouldn't show up when trying to send a file from the iPad.

By the way, thank you so much for your work on this project. I've been wondering for a long time if someone would manage to reverse engineer this protocol, and you made it! I can only hope this can be standardized a bit more in Linux so that more users can use this thing to talk to Apple devices. Congratulations!

[anarcat]

This is how I setup everything:

1. install opendrop:

   virtualenv --python=python3 ~/.virtualenvs/opendrop/
   . ~/.virtualenvs/opendrop/bin/activate
   pip3 install opendrop
   

2. install owl

   sudo apt install libpcap-dev libev-dev libnl-3-dev libnl-genl-3-dev libnl-route-3-dev cmake
   git clone https://github.com/seemoo-lab/owl.git
   git submodule update --init
   mkdir build
   cd build
   cmake ..
   make
   sudo make install
   

3. create a monitoring interface:

   sudo iw phy `iw dev wlp1s0 info | gawk '/wiphy/ {printf "phy" $2}'` interface add mon0 type monitor
   sudo ifconfig mon0 up
   

4. start owl and opendrop:

   sudo owl -i mon0 -v -N
   opendrop -i awdl0 -d find
   

This is what the latter two look like:

$ opendrop -i awdl0 -d find
2019-09-15 14:46:43,358 INFO     opendrop.cli: Looking for receivers. Press enter to stop ...

$ sudo  owl -i mon0 -v -N
              .oOXWMMMMWXOx:
         .oOOOx:'''''''''''':OOOx:
      oXOo'      ........      ':OXx.
           .oOOO''''''''''OOOo.
        oXOo'                'oOO:
             :oOOOOXXXXOOOOo:.
          oXO:'            ':OXo
              .:xOXXXXXXOx:.
          .xXMMMMMMMMMMMMMMMMXx.
  'XWWWWWWMMMMMMMMMMMMMMMMMMMMMMWWWWWWX'
    oWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWo
     OMMMMMMWWMMMMMMMMMMMMMMWWWMMMMMO
    OMMWx'      'xWMMMMWx'      'oXMMO
   :MW:            oMMx            'WM:
   XM'    .xOOo.    :o     .xOOo.    WX
   WX    :MMMMMX          :MMMMMX    xW
   XW    'WMMMMX   .xx.   'WMMMWX    XX
   'Wx    'xWMx'   OMMO    'xWMx'   xM'
    'XX:           'XX'           :XX'
      'xXOx:..................:xXWx'
         'xXMMMMMMMMMMMMMMMMMMWO'

            Open Wireless Link

            https://owlink.org

14:46:40 INFO : WLAN device: mon0 (addr 18:cf:5e:c5:3d:d0)
14:46:40 INFO : Host device: awdl0
14:46:40 DEBUG: switch channel to 6 (slot 0)

Note that if I start opendrop receive in another window, the two
processes do see each other, for what it's worth:

2019-09-15 14:46:52,475 DEBUG    opendrop.client: Add service b33d39275490._airdrop._tcp.local.
2019-09-15 14:46:52,477 DEBUG    opendrop.cli: AirDrop service found: angela.local., fe80::1acf:5eff:fec5:3dd0:8771, ID b33d39275490
2019-09-15 14:46:52,478 DEBUG    opendrop.client: Send /Discover request
2019-09-15 14:46:52,982 DEBUG    opendrop.client: /Discover request successful
2019-09-15 14:46:52,983 INFO     opendrop.cli: Found  index 0  ID b33d39275490  name angela

2019-09-15 14:46:52,923 INFO     opendrop.server: Starting HTTPS server
2019-09-15 14:46:52,939 DEBUG    opendrop.server: POST request at /Discover
2019-09-15 14:46:52,944 DEBUG    opendrop.server: Headers
Host: [fe80::1acf:5eff:fec5:3dd0%awdl0]:8771
Content-Length: 42
Content-Type: application/octet-stream
Connection: keep-alive
Accept: */*
User-Agent: AirDrop/1.0
Accept-Language: en-us
Accept-Encoding: br, gzip, deflate


2019-09-15 14:46:52,946 DEBUG    opendrop.server: fe80::1acf:5eff:fec5:3dd0 - - [15/Sep/2019 14:46:52] "POST /Discover HTTP/1.1" 200 -

I can even transfer files (locally) this way, and I suspect this might
work between two Linux laptops (but I haven't tried).

So, any idea on how I can debug this?

[schmittner]

3. create a monitoring interface:

   sudo iw phy `iw dev wlp1s0 info | gawk '/wiphy/ {printf "phy" $2}'` interface add mon0 type monitor
   sudo ifconfig mon0 up
   

4. start owl and opendrop:

   sudo owl -i mon0 -v -N
   opendrop -i awdl0 -d find
   

This is not the way to start owl with a Wi-Fi driver that properly supports nl80211. The -N flag effectively disables all nl80211 functionality which means that neither active monitor mode is enabled nor the Wi-Fi channel is set correctly (which is the problem that you are facing here; you still get the console output put that's a no-op). You should not use -N as it is just a dirty hack to support devices that use Nexmon for monitor mode and require you to manually set the channel, which is why I did not document this in the README.
To make life easier, simply run:

sudo owl -i wlp1s0 -v

Depending on your regdom, you might want to set channel 44 or 149 via the -c flag for better performance.

[anarcat]

On 2019-09-16 04:11:36, Milan Stute wrote: > 3. create a monitoring interface: > ``` > sudo iw phy `iw dev wlp1s0 info | gawk '/wiphy/ {printf "phy" $2}'` interface add mon0 type monitor > sudo ifconfig mon0 up > ``` > 4. start owl and opendrop: > ``` > sudo owl -i mon0 -v -N > opendrop -i awdl0 -d find > ``` This is *not* the way to start `owl` with a Wi-Fi driver that properly supports `nl80211`. The `-N` flag effectively disables all `nl80211` functionality which means that neither *active* monitor mode is enabled nor the Wi-Fi channel is set correctly (which is the problem that you are facing here; you still get the console output put that's a no-op). You should not use `-N` as it is just a dirty hack to support devices that use Nexmon for monitor mode and require you to manually set the channel, which is why I did not document this in the README. To make life easier, simply run: ``` sudo owl -i wlp1s0 -v ``` Depending on your regdom, you might want to set channel 44 or 149 via the `-c` flag for better performance.

Ah well, I used the -N flag because otherwise I get this error: 10:00:15 ERROR: Error while receiving via netlink: Object busy 10:00:15 ERROR: Could not put device in monitor mode: wlp1s0 10:00:15 ERROR: could not initialize core same if using the `mon0` interface. Is there something special that should be done with Network Manager if it's running? I tried to have it off and on, it doesn't seem to change anything...

[schmittner]

You might have to kill wpa_supplicant, dhclient, and NetworkManager (and possibly others). Also make sure that they do not restart automatically.

[schmittner]

@anarcat any luck?

[anarcat]

haven't found the time to retry, sorry :/

[spadejack014]

I met the same problem after the macbook system update. Everything worked well before the update.
I suspect that this update may make up for some security issues of airdrop.

[spadejack014]

Excuse me, sir.
Have you solved the problem yet?

[pzbitskiy]

I have the same issue and the same testing results as @anarcat with ralink rt5372 even after killing all processes from airmon-ng check wlp0s20u2 output.

$ sudo owl -i wlp0s20u2 -v
00:30:45 ERROR: Error while receiving via netlink: Operation not supported
00:30:45 ERROR: Could not put device in monitor mode: wlp0s20u2
00:30:45 ERROR: could not initialize core

The Wifi adapter rt5372 looks fine from aireplay-ng output. Thoughts?

[rokube]

I'm experiencing the same problem

$ sudo owl -i wlan0 -vv
11:23:14 TRACE: pcap: unable to open savefile (wlan0: No such file or directory)                                                                                          
11:23:14 ERROR: Error while receiving via netlink: Operation not supported                                                                                                
11:23:14 ERROR: Could not put device in monitor mode: wlan0                                                                                                               
11:23:14 ERROR: could not initialize core

I tried with strace to look for something.

... <crop>
bind(4, {sa_family=AF_NETLINK, nl_pid=750819289, nl_groups=00000000}, 12) = 0                                                                                             
getsockname(4, {sa_family=AF_NETLINK, nl_pid=750819289, nl_groups=00000000}, [12]) = 0                                                                                    
sendmsg(4, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=32, type=nlctrl, flags=NLM_F_REQUEST|NLM_F_ACK, seq=16
17009821, pid=750819289}, "\x03\x01\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00"}, iov_len=32}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 32        
recvmsg(4, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=2336, type=nlctrl, flags=0, seq=1617009821, pid=750819
289}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00"...}, iov_len=16384}], msg_iovlen=
1, msg_controllen=0, msg_flags=0}, MSG_PEEK|MSG_TRUNC) = 2336                                                                                                             
recvmsg(4, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=2336, type=nlctrl, flags=0, seq=1617009821, pid=750819
289}, "\x01\x02\x00\x00\x0c\x00\x02\x00\x6e\x6c\x38\x30\x32\x31\x31\x00\x06\x00\x01\x00\x1d\x00\x00\x00\x08\x00\x03\x00\x01\x00\x00\x00"...}, iov_len=16384}], msg_iovlen=
1, msg_controllen=0, msg_flags=0}, 0) = 2336                                                                                                                              
recvmsg(4, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=36, type=NLMSG_ERROR, flags=NLM_F_CAPPED, seq=16170098
21, pid=750819289}, {error=0, msg={len=32, type=nlctrl, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1617009821, pid=750819289}}}, iov_len=16384}], msg_iovlen=1, msg_controllen=0, 
msg_flags=0}, MSG_PEEK|MSG_TRUNC) = 36                                                                                                                                    
recvmsg(4, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=36, type=NLMSG_ERROR, flags=NLM_F_CAPPED, seq=16170098
21, pid=750819289}, {error=0, msg={len=32, type=nlctrl, flags=NLM_F_REQUEST|NLM_F_ACK, seq=1617009821, pid=750819289}}}, iov_len=16384}], msg_iovlen=1, msg_controllen=0, 
msg_flags=0}, 0) = 36                                                                                                                                                     
openat(AT_FDCWD, "wlan0", O_RDONLY)     = -1 ENOENT (No such file or directory)                                                                                           
openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 5                                                                                                                
fstat(5, {st_mode=S_IFREG|0644, st_size=2326, ...}) = 0                                                                                                                   
fstat(5, {st_mode=S_IFREG|0644, st_size=2326, ...}) = 0                                                                                                                   
read(5, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\t\0\0\0\t\0\0\0\0"..., 4096) = 2326                                                                                    
lseek(5, -1467, SEEK_CUR)               = 859                                                                                                                             
read(5, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\t\0\0\0\t\0\0\0\0"..., 4096) = 1467                                                                                    
close(5)                                = 0                                                                                                                               
write(2, "11:23:41 TRACE: ", 1611:23:41 TRACE: )        = 16                                                                                                              
write(2, "pcap: unable to open savefile (w"..., 64pcap: unable to open savefile (wlan0: No such file or directory)) = 64                                                  
write(2, "\n", 1                                                                                                                                                          
)                       = 1                                                                                                                                               
access("/proc/net", R_OK)               = 0                                                                                                                               
access("/proc/net/unix", R_OK)          = 0                                                                                                                               
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 5                                                                                                                           
ioctl(5, SIOCGIFINDEX, {ifr_name="wlan0", }) = 0                                                                                                                          
close(5)                                = 0                                                                                                                               
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=40, type=RTM_GETLINK, flags=NLM_F_REQUEST|NLM_F_ACK, s
eq=1617009821, pid=167811033}, {ifi_family=AF_UNSPEC, ifi_type=ARPHRD_NETROM, ifi_index=if_nametoindex("wlan0"), ifi_flags=0, ifi_change=0}, {{nla_len=8, nla_type=IFLA_EX
T_MASK}, 1}}, iov_len=40}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 40
... <crop>

I suppose the resource issue arises here: openat(AT_FDCWD, "wlan0", O_RDONLY) = -1 ENOENT (No such file or directory).
Is it possible, that wlan0 (in my case) should be a file path? I try looking it up in the source code myself later on, but maybe someone just knows this and could save some time :)
Or am I on the wrong track and this pcap issue is not the root cause of this issue?

Edit: This was not the issue for me 😊

Remarks:

I've stopped wpa_supplicant and NetworkManager and aligned with the steps described here.

Side note:

Using strace I've stumbled upon another issue, where openat(AT_FDCWD, "/etc/libnl/classid", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) fails, because on Kali Linux, this file is located under: /etc/libnl-3/classid. Maybe this is helpful for someone?

However, fixing this file link issue does not resolve the previous issue.

[rokube]

Update:

so I was able to make it work for me.

I've commented out the relevant two if clauses in OWLs daemon/io.c:

	if (!state->wlan_no_monitor_mode) /* if device is already in monitor mode */
		err = set_monitor_mode(state->wlan_ifindex);
	if (err < 0) {
		log_error("Could not put device in monitor mode: %s", state->wlan_ifname);
		return err;
	}

I'm making sure myself, to put the interface card in monitor mode.

After recompiling and installing, it works.