Wednesday, December 14, 2016

Useful Linux commands for troubleshooting WiFi

I find these terminal commands useful when verifying and trouble shooting wifi. Hopefully you will find some of them useful in your trouble shooting.

  • iwlist wlan0 scanning - returns channel, quality, SSID, bit rates
  • sudo iw dev wlan0 scan passive | grep SSID - returns just the SSID
  • nm-tool - display a lot of wifi and eth settings
  • nmcli dev list | grep DHCP - display only DHCP information
  • nmcli con list - list the saved wireless/VPN connections
  • nmcli dev wifi - List available SSIDs, connection state, Frequency, Security type and MAC of the AP.


On Linux Wireshark can do captures in "monitor mode" which allows you to capture the management frames that the wifi driver normally removes. This will allow you to see the beacons from the AP or client and is useful in a lot of situations. There are plenty of youtube videos and web pages that explain how to use the capture.

To enable monitor mode run this command before you start Wireshark. If your wireless adapter is not WLAN0 you will need to change the command to reflect the correct adapter.

mhubbard@1S1K-SYS76:~$ sudo airmon-ng start wlan0
[sudo] password for mhubbard:

Interface Chipset Driver

mon1 Unknown iwlwifi - [phy0]
wlan0 Unknown iwlwifi - [phy0]
(monitor mode enabled on mon2)
mon0 Unknown iwlwifi - [phy0]

In this case the monitor mode interface is mon2. When you start Wireshark select mon2 as the capture interface.

When you are done capturing run the following to stop monitor mode:

airmong-ng stop mon2

Displaying SSID information

You can get a lot of useful information using iwlist.

iwlist wlan0 scanning 

This will return the MAC of the AP's radio, the channel, RSSI, ESSID and Bit Rates.
mhubbard@1S1K-SYS76:~$ iwlist wlan0 scanning
wlan0     Scan completed :
          Cell 01 - Address: 84:B8:02:13:43:BF
                    Frequency:5.18 GHz (Channel 36)
                    Quality=52/70  Signal level=-58 dBm
                    Encryption key:on
                    Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s
                    Extra: Last beacon: 75468ms ago
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (1) : PSK

sudo iw dev wlan0 scan passive | grep SSID

This will return a list of the SSIDs that the radio can see.

mhubbard@1S1K-SYS76:~$ sudo iw dev wlan0 scan passive | grep SSID
SSID: test
SSID: Belkin.5D98_2GEXT
SSID: Guest


This will return the MAC address of the bluetooth radio and wireless adapter along with the connection state, speed, SSID you are connected to and the IPv4 settings.

mhubbard@1S1K-SYS76:~$ nm-tool

NetworkManager Tool

State: connected (global)

- Device: FC:E9:98:57:E9:D5 ----------------------------------------------------
  Type:              Bluetooth
  Driver:            bluez
  State:             disconnected
  Default:           no

- Device: wlan0  [test] --------------------------------------------------------
  Type:              802.11 WiFi
  Driver:            iwlwifi
  State:             connected
  Default:           yes
  HW Address:        E4:B3:18:9F:FD:99

    Speed:           324 Mb/s

  Wireless Properties
    WEP Encryption:  yes
    WPA Encryption:  yes
    WPA2 Encryption: yes

  Wireless Access Points (* = current AP)
    Guest:           Infra, 84:B8:02:13:43:BE, Freq 5180 MHz, Rate 54 Mb/s, Strength 70
    *test:           Infra, 84:B8:02:13:43:BF, Freq 5180 MHz, Rate 54 Mb/s, Strength 73 WPA2
    test:            Infra, 84:B8:02:13:43:B0, Freq 2412 MHz, Rate 54 Mb/s, Strength 100 WPA2

  IPv4 Settings:
    Prefix:          24 (


nmcli dev list | grep DHCP

If you just need your DHCP settings.

mhubbard@1S1K-SYS76:~$ nmcli dev list | grep DHCP

DHCP4.OPTION[1]: host_name = 1S1K-SYS76.default.domain.invalid
DHCP4.OPTION[2]: expiry = 1482463402
DHCP4.OPTION[3]: broadcast_address =
DHCP4.OPTION[4] dhcp_message_type = 5
DHCP4.OPTION[5]: dhcp_lease_time = 691200
DHCP4.OPTION[6]: ip_address =
DHCP4.OPTION[7]: subnet_mask =
DHCP4.OPTION[8]: dhcp_renewal_time = 345600
DHCP4.OPTION[9]: routers =
DHCP4.OPTION[10]: domain_name_servers =
DHCP4.OPTION[11]: dhcp_rebinding_time = 604800
DHCP4.OPTION[12]: network_number =
DHCP4.OPTION[13]: dhcp_server_identifier =

nmcli con list (Note: list has been replaced with show. If list returns an error try show. The output is slightly different)

If you want to see all of the WLANs that you have saved. Notice how much information your laptop has on your connections.

mhubbard@1S1K-SYS76:~$ nmcli con list

YHS d6ace886-c217-4ed8-ac17-bf6e79015c0e 802-11-wireless Wed 30 Nov 2016 08:14:07 AM PST
JUSD-PSK 70b88ce4-6076-4fa8-813e-f2b672e65671 802-11-wireless Fri 02 Sep 2016 09:12:12 PM PDT
1S1K-phone cf206603-2ad1-41c6-a1a6-826d916997e3 802-11-wireless Thu 13 Oct 2016 05:33:48 PM PDT
ITWiFi 4152633c-301b-4686-88b4-f329d95eaddc 802-11-wireless Tue 13 Dec 2016 03:18:39 PM PST
Wired connection 1 a1e63f8e-d28a-4c4f-a1a8-ca8e93e40114 802-3-ethernet Tue 13 Dec 2016 03:16:43 PM PST
RUSD a0bd712e-41b9-484a-95f7-d6098e5fba3b vpn Fri 18 Nov 2016 12:43:19 PM PST
Troy's iPhone Network bd8ca1a1-df3f-4092-96cb-cc22ee6bc868 bluetooth never

This one displays information about the SSIDs that can be seen.

mhubbard@1S1K-SYS76:~$ nmcli dev wifi

'Guest' 84:B8:02:13:43:BE Infrastructure 5180 MHz 54 MB/s 70 -- no
'test' 84:B8:02:13:43:BF Infrastructure 5180 MHz 54 MB/s 73 WPA2 yes
'Belkin.5D98' 20:1C:C8:03:24:35 Infrastructure 2437 MHz 54 MB/s 34 WPA2 no

nmcli — command-line tool for controlling NetworkManager
Scripts: Utilize NetworkManager via nmcli instead of managing network connections manually.
RHCSA-Network Flas cards

No comments:

Post a Comment