On 02/24/2014 07:58 PM, Billy Crook wrote: > On Thu, Feb 20, 2014 at 3:50 PM, Frank Cox <theatre at melvilletheatre.com> wrote: >> On Thu, 20 Feb 2014 15:42:35 -0600 >> Joseph Hesse wrote: >> >>> Apparently my hardware is not sufficient. When I run "iwlist scan" I get: >>> >>> lo p5p1; Interface doesn't support scanning >> I'm pretty sure you have to run it as root user. > You also have to run it on your wireless nic. p5p1 sounds like a > gig-ethernet wired nic. wlp should be your wireless > > You might also have to ifup wlan0 or ifconfig wlan0 up to get it to > scan. Sometimes if its down, it won't scan. > > I thought I might share my scripts anyway. First the awk, then the cronjob. > > # cat bin/iwlistparse.awk > $1 == "BSS" { > MAC = $2 > wifi[MAC]["enc"] = "Open" > wifi[MAC]["mac"] = $MAC > } > $1 == "SSID:" { > wifi[MAC]["SSID"] = $2 > } > $1 == "freq:" { > wifi[MAC]["freq"] = $NF > } > $1 == "signal:" { > wifi[MAC]["sig"] = $2 " " $3 > } > $1 == "WPA:" { > wifi[MAC]["enc"] = "WPA" > } > $1 == "WEP:" { > wifi[MAC]["enc"] = "WEP" > } > END { > # printf "%s\t\t%s\t%s\t\t%s\n","SSID","Frequency","Signal","Encryption" > > for (w in wifi) { > printf "%s\t\t%s\t\t%s\t%s\n",wifi[w]["SSID"],wifi[w]["mac"],wifi[w]["freq"],wifi[w]["sig"],wifi[w]["enc"] > } > } > > # cat bin/wlanpatrol > #!/bin/bash > tstamp="$(date +\%Y\%m\%d\%H\%M\%S)" > > #Wirelss is flakey. Retry a 'few' times to get the right number of > authorized APs, or any APs at all. sometimes scans just fail > iter=0 > while [[ "${iter}" -le 60 ]] > do > iter=$(( ${iter} + 1 )) > /sbin/iwlist wlp12s0 scanning 2>&1 | grep -v 'wlp12s0\ \ \ > Interface\ doesn'\''t\ support\ scanning\ :\ Device\ or\ resource\ > busy' > /root/iwlistlogs/${tstamp} > > #Replace 00.11.22.33.44.55's with the mac addresses of your authorised APs > OurAPCount="$( awk -f /root/bin/iwlist.awk < > /root/iwlistlogs/${tstamp} | grep -i -e '00.11.22.33.44.55' -e > '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e > '00.11.22.33.44.55' -e '00.11.22.33.44.55' | wc -l)" > if [[ ! -s "/root/iwlistlogs/${tstamp}" ]] > then > continue > fi > > #In our environment, I expect 6 legitimate APs be visible at all times. > if [[ ${OurAPCount} -eq 6 ]] > then > break > fi > #echo OurAPCountError: ${OurAPCount} found. > > sleep 0.1 > done > > APCount="$( awk -f /root/bin/iwlist.awk /root/iwlistlogs/${tstamp} | wc -l)" > > #Here we check for bits and pieces of our actual company name in the > names of all detected APs. Then we ignore the authorized mac > addresses, to come upwith a list of APs pretending to be us. > RogueAPs="$( awk -f /root/bin/iwlist.awk < /root/iwlistlogs/${tstamp} | \ > grep -i -e my -e company -e mc -e myc -e yco -e com -e omp -e mpa -e > pan -e any | \ > grep -i -v -e '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e > '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e '00.11.22.33.44.55' -e > '00.11.22.33.44.55' )" > > if [[ $OurAPCount != 6 ]] > then > awk -f /root/bin/iwlist.awk < /root/iwlistlogs/${tstamp} | > mail -s "Abnormal number of Our authorized APs: ${OurAPCount}" > bcrook at mycompany.com > fi > > > if [[ ! -z "${RogueAPs}" ]] > then > mail -s "ROGUE APS IN USE" bcrook at OurAPCount.com <<< "${RogueAPs}" > fi > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos Thank you for the script. FYI: p5p1 is the name of the wireless interface on my Fedora 20 laptop. It was assigned automatically. It appears as wlan0 on my CentOS 6.5 laptop.