Bug 217465

Running monitor mode with active monitor mode flag (NL80211_FEATURE_ACTIVE_MONITOR), only frames addressed to BROADCAST MAC (ff:ff:ff:ff:ff:ff:ff) or addressed to the device MAC are received.

tested mt7601u devices (both showing the same behavior):
ID 7392:7710 Edimax Technology Co., Ltd Edimax Wi-Fi
ID 148f:7601 Ralink Technology, Corp. MT7601U Wireless Adapter

tested kernels:
5.15 (Raspbian)
6.1 (Raspbian)
6.3 (Arch Linux)

To reproduce:
run latest git head hcxdumptool (https://github.com/ZerBea/hcxdumptool)
run Wireshark in parallel
Wireshark only show frames addressed to the device MAC
on transmission branch, only frames coming from the device MAC are transmitted

deactivate active monitor mode by option -p
run latest git head hcxdumptool -p
run Wireshark in parallel
Wireshark show all frames regardless if they addressed to the device MAC or not

The behavior of mt7601u is more like a device running in AP mode than a device running in monitor mode.


Please also notice my last commit (as a workaround) to disable active monitor mode on mt7601u devices:
ZerBea/hcxdumptool@afd0073https://github.com/ZerBea/hcxdumptool/commit/afd007347eeabfd2f1ccfa4f0564ab8e6acdd5df
and the changelog:
https://github.com/ZerBea/hcxdumptool/blob/master/changelog

At the moment, I'm not sure if the problem is related to the driver or to the firmware, because mt76x0u devices, e.g.:
ID 0b05:17d1 ASUSTek Computer, Inc. AC51 802.11a/b/g/n/ac Wireless Adapter [Mediatek MT7610U]
ID 148f:761a Ralink Technology, Corp. MT7610U ("Archer T2U" 2.4G+5G WLAN Adapter
and mt76x2u devices e.g.:
ID 0e8d:7612 MediaTek Inc. MT7612U 802.11a/b/g/n/ac Wireless Adapter
are not affected.

Active monitor mode is working as expected (confirmed by Wireshark running in parallel on the same device).