Is WiFi mac spoofing on FreeBSD dead?

I have an internal Atheros WiFi card and an external Realtek USB. Both of them allow mac address change and connect just fine on non-BSD OSes (Win/Lin). I can't connect to the access point if I spoof them under FreeBSD. Without changing the mac address they connect just fine.

I have tried adding hints in loader.conf and declaring the wlan address in rc.conf. Also did the whole dance of disabling, destroying wlan0, adding hints manually, recreating the adapter, unloading-reloading .ko files and much more. Is there a way to make this work or is mac spoofing a thing of the past for WiFi? Is it that only a few specific chipsets are supported now? I remember this working fine in earlier BSD releases (<11).

Has anyone managed to successfully change their WiFi mac address and connect to an access point using FreeBSD 12.1 and above? Please respond with your Wifi adapter/chipset info if possible. Thanks.
 
If I recall correctly, when I last did this on FreeBSD, I had issues changing the MAC address on my WiFi adapter. Instead, I just changed the MAC address on the wired ethernet adapter, and then failover worked perfectly. As for what hardware was being used, I'm pretty sure it was Realtek for wired ethernet and Intel for WiFi, but as for which model I can't remember as this was quite some time ago.
 
Here's how to spoof your Ehter MAC without bringing down the interface to do it, as demonstrated in my other Tutorial:


Just make sure your router allows the new MAC Internet access first.
 
Here's how to spoof your Ehter MAC without bringing down the interface to do it, as demonstrated in my other Tutorial:


Just make sure your router allows the new MAC Internet access first.
Trihexagonal, Please read before responding.
 
Works fine here on 12.2-RELEASE and 13.0-RELEASE with a Ralink 802.11 n (run(4)).
Code:
idVendor = 0x04e8  (Samsung Electronics)
idProduct = 0x2018 (SAMSUNG2 RT2870)
Code:
# dmesg
run0: MAC/BBP RT2872 (rev 0x0202), RF RT2850 (MIMO 2T2R), address e2:7b:c7:74:00:3f
Code:
# ifconfig wlan0 | grep ether
        ether e2:7b:c7:74:00:3f

(192.168.1.1 router address)

# ping -c2 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=64 time=1.983 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=5.668 ms
...

/etc/rc.conf

wlans_run0="wlan0"
create_args_wlan0="wlanaddr c6:8c:f5:86:c3:00"

# service netif restart wlan0

# ifconfig wlan0 | grep ether
        ether c6:8c:f5:86:c3:00

# ping -c2 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=64 time=1.321 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=8.868 ms
...
 
Trihexagonal, Please read before responding.
I did:
Is there a way to make this work or is mac spoofing a thing of the past for WiFi? Is it that only a few specific chipsets are supported now? I remember this working fine in earlier BSD releases (<11).

Has anyone managed to successfully change their WiFi mac address and connect to an access point using FreeBSD 12.1 and above?
It is not a thing of the past as of my writing. Please check your watch to see if it's slow, too.
 
Trihexagonal
If you really read my "entire" post then you would have understood what I am looking for and you wouldn't have spammed me with your response. Just to make it clear, the issue is NOT that the address isn't getting spoofed. The issue is that the wi-fi adapter refuses to connect to the access point if the mac address is spoofed.
Your post regarding changing the mac address without bringing it down on a wired adapter is as helpful as a raincoat on a sunny day. Please check your existence's quantum state assessed in case it has checked out of your Schrödinger litterbox.


T-Daemon
I can see the ether changed but the hwaddr doesn't change on my wlan0. If I do not spoof the mac the WiFi connects just fine. I am observing this on 2 separate laptops. What does your hwaddr display? Spoofed or original mac address? Alsdo does that make a difference when it comes to connecting to an access point?
 
I can see the ether changed but the hwaddr doesn't change on my wlan0.
Does it supposed to change? If I'm not mistaken the hardware MAC address is hard coded on the device's network chip.

If I do not spoof the mac the WiFi connects just fine. I am observing this on 2 separate laptops.
Has the access point some sort of MAC filtering enabled, allowing only registered MAC's, denying all others?

What does your hwaddr display? Spoofed or original mac address?
It shows the original hardware MAC:
Code:
# ifconfig wlan0 link
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether e2:7b:c7:74:00:3f

# ifconfig wlan0 link random
# ifconfig wlan0 link
wlan0: flags=8c43<UP,BROADCAST,RUNNING,OACTIVE,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 7e:8b:0b:53:c4:c3
    hwaddr e2:7b:c7:74:00:3f

Alsdo does that make a difference when it comes to connecting to an access point?
I don't have a only wireless access point harware, I'm running the 192.168.1.1 (ADSL modem) router in "Wireless router mode". It's acting as a AP and is routing a LAN without internet access.
 
T-Daemon, Thanks for your reply. No there isn't any mac address filtering enabled and non-BSD OSes (Win/Lin) are allowing me to connect to the access point with spoofed addresses (as mentioned in the original post). Also older releases of BSD work well with spoofed wlan mac addresses. I have read about this bug on the FreeBSD mailing list as well. Anyways thanks. We really need external WiFi adapters whose physical address can be reprogrammed - like an EEPROM, or with some logic baked in to randomize the hwaddr every time the IC is powered on.
 
Generally speaking, if the wi-fi card works under FreeBSD, as in you can get to the Internet, and ping google.com, you can easily use /bin/ifconfig and other utilities (including the driver) provided by FreeBSD to spoof the MAC.

Reading through the thread, one possibility that comes to my mind would be a buggy driver for the card. OP mentions that MAC spoofing worked under older versions of FreeBSD - it may be worth a try to revert to an older version of the driver.

If OP wants an external wi-fi adapter whose MAC can be re-programmed - Good luck finding that. A faster way to do that would be to have an AP with DD-WRT flashed on it. Connect your machine to that AP via ethernet, and change the MAC on the AP, not the machine. Awkward and kludgy, I know, but accomplishes the same goal.
 
Apologies for beating a dead horse but this issue still prevails.

I am using the default iwlwifi wlandev on an internal wifi card and it connects fine if the mac address is not spoofed. If I spoof the mac then it says timed out under wpa_supplicant log and fails to connect to the access point. Linux and Windows have no issues spoofing the mac address. Can anyone using iwlwifi try to spoof the mac address and try to connect to any WiFi access point using FreeBSD v13.1 ?
 
Why bother? Intel Wireless is inferior. You are beating a dead horse.
These are features only .00001% of people use.
You might have to use different hardware if you want to do something off the beaten path.
Thanks to Adrian Chadd we have one wireless driver that is better than the others.

Code:
wlans_ath0="wlan0"
create_args_wlan0="wlanaddr d4:be:d9:1c:1e:d4"
 
Why bother? Intel Wireless is inferior. You are beating a dead horse.
These are features only .00001% of people use.
You might have to use different hardware if you want to do something off the beaten path.
Thanks to Adrian Chadd we have one wireless driver that is better than the others.

Code:
wlans_ath0="wlan0"
create_args_wlan0="wlanaddr d4:be:d9:1c:1e:d4"
Uhhh... If you look at the laptop wiki for FreeBSD, Intel Wifi is the only one working reliably... other brands require a bit of tinkering to get going.
 
Well I don't see anything on that wiki that alters my opinion.

Much like Ford versus Chevy or Coke versus Pepsi.
Everybody has a personal preference.

What is interesting is that I just figured out why my Wireless sucks so bad.
The module is only running on one channel.
I have disconnected an antenna connector to discover that MIMO does not work.

I have know this for a while but ignore my 802.11g single channel speeds.
It says 802.11N but the speed doesn't match that. Even right on top of the WAP.

vermaden blog post made do some soul searching

In the hackernews feed a commenter mentioned OpenBSD had AC support.
Wowee, start to read about it and I get some good dope.

Atheros also is a company that existed and made 802.11n cards. Single-band 802.11n works on them.
So even on OpenBSD Atheros is in single channel N mode.

Another relevant comment from OpenBSD's wifi guy:
That said, OpenBSD does currently support 802.11ac and even 802.11ax (iwx) hardware, but only in 802.11a/b/g/n modes.
So not much better..
 
Sorry to hear about the state of your card being unable to use all channels and features. Hope future releases sort this out.

Just wanted to update you all that I was grossly uninformed. All these years I have been trying to use with ifconfig "ether xxxxxxxxxxxx" like we do for wired adapters onto for wireless cards. The correct parameter is "wlanaddr xx:xx:xx:xx:xx:xx" as you all knew (except for me). I tried this just now for the first time and it works. In my defense the ether parameter used to work earlier for older BSDs on older wi-fi cards. Apologies for the thread but now it is all good. Thanks again to everyone on this thread.
 
One of those gotchas that arise out of paying better attention to the manpages... it's really part of the deal when somebody is told to RTFM. One can read the manual all they want, and still not find the tidbit that makes a difference - until someone else points it out. I've been tripped up by that countless times, and learned to expect it. 😁
 
Back
Top