tcpdump can't pick up mobile device traffic

Question

I have a wireless usb dongle running in monitor mode. By executing the following command I am able to pick up the source and destination mac address of packets sent between AP's and laptops, but not between AP's and mobile devices.

tcpdump -i wlan0 -s 0 -nne '(type mgt or type ctl or type data) and (not type mgt subtype beacon) and (not type mgt subtype probe-req)'

The only time I am able to pick up my mobile device's mac address, is when it attempts to connect to my AP. After that, any data packets between the AP and my device are not captured...

Can anyone shed some light on this? I assumed that the steps I had followed above would allow me to at least sniff any data packets sent over the wireless medium.

Answer 1

The problem lay not with tcpdump (or wireshark -which I tried later). The problem is that the device I was using, was not really up to the task. The device in question Edimax EW-7811Un, which has a realtek chipset, just can't handle all that much - I think it was a bit naive of me to expect such a tiny little chipset to perform the heavy packet sniffing I wanted it to.

I run the command from my question on my atheros chipset on my laptop, not only could I pick up the mobile devices, but the granularity was excellent.