Let’s look at what information we can extract about the WLAN interface on a Linux box. Linux offers many command line utilities that can be used to gather useful information about 802.11 interfaces.
Install the wireless-tools for a WLAN interface
‘wireless-tools’ is a package that has been around since 2003 and includes a number of commands that can be used to extract different pieces of information. To install it, use:
apt-get install wireless-tools
Let’s review some of its commands:
To refresh your memory when we use commands like ifconfig or ip link show we get only layer 2 and layer 3 information as well some information about the physical layer (e.g. if the interface status is up and running).
netbeez.net $ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether b8:27:eb:90:64:9b brd ff:ff:ff:ff:ff:ff 7: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000 link/ether 40:a5:ef:d5:27:6a brd ff:ff:ff:ff:ff:ff
However, we don’t see any information regarding the BSSID that it’s connected to, the signal strength, or the channel.
iwconfig is reminiscent of ifconfig, but it gives more layer 1 information about any WLAN interface. Here is what the output looks like:
wlan0 IEEE 802.11 ESSID:"netbeez" Mode:Managed Frequency:5.66 GHz Access Point: 38:3B:C8:3E:D4:3A Bit Rate=867 Mb/s Tx-Power=18 dBm Retry short limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=46/70 Signal level=-64 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 lo no wireless extensions. eth0 no wireless extensions.
It tells us which protocol it’s using (IEEE 802.11), which ESSID it’s connected to (netbeez), the frequency (5.66 GHz), BSSID (38:3B:C8:3E:D4:3A), etc. All of this information is necessary when we are looking to extract the status and quality of our WiFi connection.
iwconfig can also be used to manipulate a WLAN interface (e.g. connect it to an SSID or specific channel), but we’ll cover that in another blog post since here we are looking only at what information we can extract.
The output that iwgetid provides overlaps with the output from iwconfig, but it has a neat feature that lends itself to parsing its output in a script. Let’s start with the options it gives us:
netbeez.net $iwgetid --help Usage iwgetid [OPTIONS] [ifname] Options are: -a,--ap Print the access point address -c,--channel Print the current channel -f,--freq Print the current frequency -m,--mode Print the current mode -p,--protocol Print the protocol name -r,--raw Format the output as raw value for shell scripts -s,--scheme Format the output as a PCMCIA scheme identifier -h,--help Print this message
All this information is included in the output of iwconfig, but let’s look at iwgetid’s output format. We’ll try to get the BSSID of the access point it’s connected to:
netbeez.net $iwgetid --ap wlan0 Access Point/Cell: 38:3B:C8:3E:D4:3A
And let’s run the same command by adding the “–raw” option:
netbeez.net $iwgetid --ap --raw 38:3B:C8:3E:D4:3A
iwgetid returns the output without any additional text or comments; this is very convenient when we want to parse the output. You can also parse the output of iwconfig, but it may get quite hairy in certain cases.
iwlist gives the most detailed information and, again, its output overlaps with the previous two commands. Let’s look at some unique features it has: First of all, if you type “iwlist” without any options, you get the list of available options:
netbeez.net $iwlist Usage: iwlist [interface] scanning [essid NNN] [last] [interface] frequency [interface] channel [interface] bitrate [interface] rate [interface] encryption [interface] keys [interface] power [interface] txpower [interface] retry [interface] ap [interface] accesspoints [interface] peers [interface] event [interface] auth [interface] wpakeys [interface] genie [interface] modulation
One feature that is unique to iwlist is that it can give us a list of all supported channels of the WLAN interface as follows:
netbeez.net $iwlist wlan0 frequency wlan0 32 channels in total; available frequencies : Channel 01 : 2.412 GHz Channel 02 : 2.417 GHz Channel 03 : 2.422 GHz Channel 04 : 2.427 GHz Channel 05 : 2.432 GHz Channel 06 : 2.437 GHz Channel 07 : 2.442 GHz Channel 08 : 2.447 GHz Channel 09 : 2.452 GHz Channel 10 : 2.457 GHz Channel 11 : 2.462 GHz Channel 36 : 5.18 GHz Channel 40 : 5.2 GHz Channel 44 : 5.22 GHz Channel 48 : 5.24 GHz Channel 52 : 5.26 GHz Channel 56 : 5.28 GHz Channel 60 : 5.3 GHz Channel 64 : 5.32 GHz Channel 100 : 5.5 GHz Channel 104 : 5.52 GHz Channel 108 : 5.54 GHz Channel 112 : 5.56 GHz Channel 116 : 5.58 GHz Channel 120 : 5.6 GHz Channel 124 : 5.62 GHz Channel 128 : 5.64 GHz Channel 132 : 5.66 GHz Channel 136 : 5.68 GHz Channel 140 : 5.7 GHz Channel 144 : 5.72 GHz Channel 149 : 5.745 GHz Current Frequency:5.66 GHz (Channel 132)
wireless-tools is considered deprecated, however, it’s also installed by default in many popular distributions, so it’s useful to know it exists and how you can use it.
The most useful feature of iwlist is its scanning option as follows:
netbeez.net $iwlist wlan0 scan wlan0 Scan completed : Cell 01 - Address: 38:3B:C8:3E:D4:3A Channel:132 Frequency:5.66 GHz (Channel 132) Quality=45/70 Signal level=-65 dBm Encryption key:on ESSID:"netbeez" Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s 36 Mb/s; 48 Mb/s; 54 Mb/s Mode:Master Extra:tsf=000000c7bdaa8cd0 Extra: Last beacon: 40ms ago IE: Unknown: 00076E65746265657A …. IE: Unknown: 030184 Cell 02 - Address: 88:96:4E:E1:46:60 Channel:1 Frequency:2.412 GHz (Channel 1) Quality=44/70 Signal level=-66 dBm Encryption key:on ESSID:"D0ntsteamywifi" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s 24 Mb/s; 36 Mb/s; 54 Mb/s Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s Mode:Master Extra:tsf=000000c7bdaa8ce4 Extra: Last beacon: 40ms ago IE: Unknown: 000E44306E74737465616D7977696669 …... IE: Unknown: DD180050F2020101840003A4000027A4000042435E0062322F00 . . .
iwlist scans the air and lists all detected SSIDs with information such as signal strength, link quality, supported bitrates etc. This is useful when you want to manually connect to a specific SSID, while finding one with a good signal strength, on a specific channel, or a specific BSSID.
iw is the replacement of wireless-tools and it can give all the information we see above and then some more. It’s a tool from 2012 and is actively maintained. You can install it with:
apt-get install iw
It doesn’t contain multiple commands, but rather just one command with many different options. If you type “iw –help” you will see pages and pages of options.
The counterpart of iwconfig is the following:
netbeez.net $iw wlan0 link Connected to 38:3b:c8:3e:d4:3a (on wlan0) SSID: netbeez freq: 5660 RX: 1305367378 bytes (3204985 packets) TX: 256492127 bytes (1654676 packets) signal: -66 dBm tx bitrate: 867.0 MBit/s bss flags: short-slot-time dtim period: 0 beacon int: 100
Similar to iwlist, iw can give the capabilities of the hardware in terms of which channels it supports, what encryption methods it uses, etc, as follows:
netbeez.net $iw list Wiphy phy4 max # scan SSIDs: 9 max scan IEs length: 2304 bytes max # sched scan SSIDs: 0 max # match sets: 0 max # scan plans: 1 max scan plan interval: -1 max scan plan iterations: 0 Retry short limit: 7 Retry long limit: 4 Coverage class: 0 (up to 0m) Supported Ciphers: * WEP40 (00-0f-ac:1) * WEP104 (00-0f-ac:5) * TKIP (00-0f-ac:2) * CCMP-128 (00-0f-ac:4) Available Antennas: TX 0 RX 0 Supported interface modes: * IBSS * managed * AP * monitor * P2P-client * P2P-GO Band 1: Capabilities: 0x19f2 HT20/HT40 Static SM Power Save RX Greenfield RX HT20 SGI RX HT40 SGI TX STBC RX STBC 1-stream Max AMSDU length: 7935 bytes DSSS/CCK HT40 . . .
I truncated the output because it can span multiple pages. Compared to iwlist, iw gives a much more detailed and comprehensive list of the hardware capabilities all in one output.
Finally, iw can scan the air for all available SSIDS:
netbeez.net $iw wlan0 scan | more BSS 38:3b:c8:3e:d4:3a(on wlan0) -- associated TSF: 858900650685 usec (9d, 22:35:00) freq: 5660 beacon interval: 100 TUs capability: ESS Privacy SpectrumMgmt ShortSlotTime (0x0511) signal: -64.00 dBm last seen: 0 ms ago SSID: netbeez Supported rates: 6.0* 9.0 12.0* 18.0 24.0 36.0 48.0 54.0 DS Parameter set: channel 132 Country: US Environment: Indoor/Outdoor Channels [36 - 36] @ 30 dBm Channels [40 - 40] @ 30 dBm Channels [44 - 44] @ 30 dBm Channels [48 - 48] @ 30 dBm Channels [52 - 52] @ 24 dBm Channels [56 - 56] @ 24 dBm Channels [60 - 60] @ 24 dBm Channels [64 - 64] @ 24 dBm Channels [100 - 100] @ 24 dBm Channels [104 - 104] @ 24 dBm Channels [108 - 108] @ 24 dBm Channels [112 - 112] @ 24 dBm … BSS 88:96:4e:e1:46:60(on wlan0) TSF: 858900650709 usec (9d, 22:35:00) freq: 2412 beacon interval: 100 TUs capability: ESS Privacy ShortSlotTime RadioMeasure (0x1411) signal: -48.00 dBm last seen: 0 ms ago SSID: D0ntsteamywifi Supported rates: 1.0* 2.0* 5.5* 11.0* 18.0 24.0 36.0 54.0 DS Parameter set: channel 1 ERP: <no flags> Extended supported rates: 6.0 9.0 12.0 48.0 RSN: * Version: 1 * Group cipher: CCMP * Pairwise ciphers: CCMP * Authentication suites: PSK * Capabilities: 16-PTKSA-RC 1-GTKSA-RC (0x000c) BSS Load: * station count: 0 * channel utilisation: 157/255 * available admission capacity: 0 [*32us] HT capabilities: Capabilities: 0x9ad RX LDPC HT20 SM Power Save disabled RX HT20 SGI TX STBC RX STBC 1-stream Max AMSDU length: 7935 bytes No DSSS/CCK HT40
Again, iw gives much more information about the available SSIDs and their access point compared to iwlist.
If you are new to using these commands, I’d suggest to start using iw which is newer and gives much more information than the wireless-tools commands. It’s also actively maintained and supports newer drivers compared to the deprecated wireless-tools.