南通网站开发工作纪律和生活纪律研讨发言材料
Android Wifi连接和断链分析思路。
1.密码错误导致的连接失败
2.关联被拒绝
3.热点未回复AUTH_RSP或者STA未收到 AUTH_RSP
4.热点未回复ASSOC_RSP或者STA未收到ASSOC_RSP
5.DHCP FAILURE
6.发生roaming
7.AP发送了DEAUTH帧导致断开连接
8.被AP踢出,这个原因需要sniffer log分析
下面详细介绍。
1.密码错误导致的连接失败
1.1
其实有时候并不是用户真的输入了错误密码,有可能WIFI底层驱动存在异常。
可以查一下WIFI配置文件中保存的AP密码是否与期望值一致。
wpa_supplicant: wlan0: WPA: 4-Way Handshake failed - pre-shared key may be incorrect
wpa_supplicant: wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="inhub" aut1.2 在4WAY_HANDSHAKE阶段由于密码错误、丢帧或者弱信号丢包导致WRONG_KEY:
密码错误在4WAY_HANDSHAKE阶段中的2/4次握手会显示wrong key。如果已经连接过则显示
I/wpa_supplicant(19043): wlan0: CTRL-EVENT-SSID-TEMP-DISABLED id=1 ssid="inhub" auth_failures=1 duration=5 reason=WRONG_KEY。丢帧导致连接断开:
wlan: [24597:E :PE ] limHandleMissedBeaconInd: 2121: Sending EXIT_BMPS_IND to SME due to Missed beacon from FW信号弱导致断开:
I/wpa_supplicant(31023): wlan0: CTRL-EVENT-DISCONNECTED bssid=c8:3a:35:2b:71:30 reason=0
E/WifiStateMachine( 821): NETWORK_DISCONNECTION_EVENT in connected state BSSID=c8:3a:35:2b:71:30 RSSI=-89 freq=2437 was debouncing=false reason=0 ajst=0reason=0表示因为信号弱而断开。
2.关联被拒绝
2.1
wpa_supplicant: wlan0: CTRL-EVENT-ASSOC-REJECT status_code=1
wpa_supplicant: wlan0: Request to deauthenticate - bssid=00:00:00:00:00:00 pending_bssid=00:00:00:00:00:00 reason=3 state=ASSOCIATING
wpa_supplicant: wpa_driver_nl80211_disconnect(reason_code=3)2.2 在ASSOCIATING阶段由于丢包导致ASSOC REJECT
Line 15551: 03-10 15:42:04.953 884 884 I wpa_supplicant: wlan0: CTRL-EVENT-DISCONNECTED bssid=f4:2a:7d:7c:65:df reason=3 locally_generated=1
Line 15552: 03-10 15:42:04.959 884 884 W wpa_supplicant: nl80211: Was expecting local disconnect but got another disconnect event first
Line 18957: 03-10 15:42:07.363 884 884 I wpa_supplicant: wlan0: Trying to associate with f4:2a:7d:7c:65:df (SSID='inhub' freq=2412 MHz)
Line 18965: 03-10 15:42:08.372 884 884 I wpa_supplicant: wlan0: CTRL-EVENT-ASSOC-REJECT bssid=f4:2a:7d:7c:65:df status_code=1
Line 18991: 03-10 15:42:08.693 884 884 I wpa_supplicant: wlan0: Trying to associate with f4:2a:7d:7c:65:df (SSID='inhub' freq=2412 MHz)上面日志分析
CTRL-EVENT-DISCONNECTED bssid=f4:2a:7d:7c:65:df reason=3 ==>这是系统下断线的
重连后有看到CTRL-EVENT-ASSOC-REJECT==>有可能跟网络有关,
若是当前环境下WiFi 比较多(2.4G环境比较糟,干扰较大,有可能某一方收发不好导致),
若是一直都出现CTRL-EVENT-ASSOC-REJECT导致连线不上,最好找WiFi 方案商帮忙协助确认一下是否是WiFi端的问题?
3.热点未回复AUTH_RSP或者STA未收到 AUTH_RSP
正常情况下,STA发送AUTH request后,会收到一个AUTH_RSP,即正确情况下,内核LOG中会有如下两行打印,异常情况下,仅有第一行。
这种情况下,可以用其他设备接入AP,看是否存在同样的问题,则基本判断出是否为热点问题。
4,20619,2759068545,-;AUTH - Send AUTH request seq#1 (Alg=0)...
4,20620,2759170874,-;AUTH - Receive AUTH_RSP seq#2 to me (Alg=0, Status=0)4.热点未回复ASSOC_RSP或者STA未收到ASSOC_RSP
异常情况下,STA端不会有下面的第二行日志打印。
[ 2854.218696] ASSOC - Send ASSOC request...
[ 2854.238083] PeerAssocRspAction():ASSOC - receive ASSOC_RSP to me (status=0)5.DHCP FAILURE
四次握手成功但是获取IP地址失败:
WifiConfigStore: message=DHCP FAILURE正常情况下的流程如下:
DhcpClient: Broadcasting DHCPDISCOVER
DhcpClient: Received packet: 10:c7:53:71:ae:7c OFFER, ip /192.168.236.146, mask /255.255.255.0, DNS servers: /192.168.236.1 , gateways [/192.168.236.1] lease time 86400, domain null
DhcpClient: Got pending lease: IP address 192.168.236.146/24 Gateway 192.168.236.1 DNS servers: [ 192.168.236.1 ] Domains DHCP server /192.168.236.1 Vendor info null lease 86400seconds
DhcpClient: Broadcasting DHCPREQUEST ciaddr=0.0.0.0 request=192.168.236.146 serverid=192.168.236.1
DhcpClient: Received packet: 10:c7:53:71:ae:7c ACK: your new IP /192.168.236.146, netmask /255.255.255.0, gateways [/192.168.236.1] DNS servers: /192.168.236.1 , lease time 86400
DhcpClient: Confirmed lease: IP address 192.168.236.146/24 Gateway 192.168.236.1 DNS servers: [ 192.168.236.1 ] Domains DHCP server /192.168.236.1 Vendor info null lease 86400 seconds6.发生roaming
当前连接AP1信号太弱,此时又扫描到了已连接过的AP2,AP2的信号强度更好,则会断开AP1,连接AP2,这一系列动作就叫roaming。
如下列中,断开了与10:0e:0e:20:66:15热点的连接,连接到了10:0e:0e:20:5e:6d热点。
wpa_supplicant: nl80211: Associated on 2422 MHz
wpa_supplicant: nl80211: Associated with 10:0e:0e:20:66:15
wpa_supplicant: nl80211: Drv Event 47 (NL80211_CMD_ROAM) received for wlan0
wpa_supplicant: nl80211: Roam event
wpa_supplicant: nl80211: Associated on 2472 MHz
wpa_supplicant: nl80211: Associated with 10:0e:0e:20:5e:6d日志2
I/WifiHAL (28360): event received NL80211_CMD_ROAM, vendor_id = 0x0
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-CONNECTED - Connection to c4:14:3c:29:47:25 completed [id=0 id_str=]
I/WifiHAL (28360): event received NL80211_CMD_ROAM, vendor_id = 0x0
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-CONNECTED - Connection to c4:14:3c:29:47:05 completed [id=0 id_str=]
I/WifiHAL (28360): event received NL80211_CMD_ROAM, vendor_id = 0x0
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-CONNECTED - Connection to 1c:1d:86:e9:e2:85 completed [id=0 id_str=]7.AP发送了DEAUTH帧导致断开连接
此时可以连接其他AP测试一下,进而判断是否是刚才这个AP的问题
[ 1555.321037] (1)[3319:tx_thread][wlan] Rx Deauth frame from BSSID=[aa:63:df:4c:db:c2]
[ 1555.321093] (1)[3319:tx_thread][wlan] Reason code = 78.被AP踢出,这个原因需要sniffer log分析
reason=2,reason=7,reason=15代表被AP踢出,在kernel log中可以找到对应的deauth信息。
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-DISCONNECTED bssid=c4:14:3c:29:47:05 reason=7
wlan: [28055:E :PE ] limProcessDeauthFrame: 144: Received Deauth frame for Addr: 44:a4:2d:52:bc:a5 (mlm state = eLIM_MLM_LINK_ESTABLISHED_STATE, sme state = 12 systemrole = 3) with reason code 7 from c4:14:3c:29:47:05
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-DISCONNECTED bssid=1c:1d:86:e9:e2:85 reason=15
wlan: [28055:E :PE ] limProcessDeauthFrame: 144: Received Deauth frame for Addr: 44:a4:2d:52:bc:a5 (mlm state = eLIM_MLM_LINK_ESTABLISHED_STATE, sme state = 12 systemrole = 3) with reason code 15 from 1c:1d:86:e9:e2:85
I/wpa_supplicant(28064): wlan0: CTRL-EVENT-DISCONNECTED bssid=c4:14:3c:29:47:25 reason=2
wlan: [28055:E :PE ] limProcessDeauthFrame: 144: Received Deauth frame for Addr: 44:a4:2d:52:bc:a5 (mlm state = eLIM_MLM_LINK_ESTABLISHED_STATE, sme state = 12 systemrole = 3) with reason code 2 from c4:14:3c:29:47:25
其他情况后续补充。
附录:
802.11 Association Status, 802.11 Deauth Reason codes
802.11 Association Status, 802.11 Deauth Reason codes - Cisco Community
802.11 Association Status Codes
| Code | 802.11 definition | Explanation |
| 0 | Successful | |
| 1 | Unspecified failure | For example : when there is no ssid specified in an association request |
| 10 | Cannot support all requested capabilities in the Capability Information field | Example Test: Reject when privacy bit is set for WLAN not requiring security |
| 11 | Reassociation denied due to inability to confirm that association exists | NOT SUPPORTED |
| 12 | Association denied due to reason outside the scope of this standard | Example : When controller receives assoc from an unknown or disabled SSID |
| 13 | Responding station does not support the specified authentication algorithm | For example, MFP is disabled but was requested by the client. |
| 14 | Received an Authentication frame with authentication transaction sequence number | If the authentication sequence number is not correct. |
| 15 | Authentication rejected because of challenge failure | |
| 16 | Authentication rejected due to timeout waiting for next frame in sequence | |
| 17 | Association denied because AP is unable to handle additional associated stations | Will happen if you run out of AIDs on the AP; so try associating a large number of stations. |
| 18 | Association denied due to requesting station not supporting all of the data rates in the | Will happen if the rates in the assoc request are not in the BasicRateSet in the beacon. |
| 19 | Association denied due to requesting station not supporting the short preamble | NOT SUPPORTED |
| 20 | Association denied due to requesting station not supporting the PBCC modulation | NOT SUPPORTED |
| 21 | Association denied due to requesting station not supporting the Channel Agility | NOT SUPPORTED |
| 22 | Association request rejected because Spectrum Management capability is required | NOT SUPPORTED |
| 23 | Association request rejected because the information in the Power Capability | NOT SUPPORTED |
| 24 | Association request rejected because the information in the Supported Channels | NOT SUPPORTED |
| 25 | Association denied due to requesting station not supporting the Short Slot Time | NOT SUPPORTED |
| 26 | Association denied due to requesting station not supporting the DSSS-OFDM option | NOT SUPPORTED |
| 27-31 | Reserved | NOT SUPPORTED |
| 32 | Unspecified, QoS-related failure | NOT SUPPORTED |
| 33 | Association denied because QAP has insufficient bandwidth to handle another | NOT SUPPORTED |
| 34 | Association denied due to excessive frame loss rates and/or poor conditions on current | NOT SUPPORTED |
| 35 | Association (with QBSS) denied because the requesting STA does not support the | If the WMM is required by the WLAN and the client is not capable of it, the association will get rejected. |
| 36 | Reserved in 802.11 | This is used in our code ! There is no blackbox test for this status code. |
| 37 | The request has been declined | This is not used in assoc response; ignore |
| 38 | The request has not been successful as one or more parameters have invalid values | NOT SUPPORTED |
| 39 | The TS has not been created because the request cannot be honored; however, a suggested | NOT SUPPORTED |
| 40 | Invalid information element, i.e., an information element defined in this standard for | Sent when Aironet IE is not present for a CKIP WLAN |
| 41 | Invalid group cipher | Used when received unsupported Multicast 802.11i OUI Code |
| 42 | Invalid pairwise cipher | |
| 43 | Invalid AKMP | |
| 44 | Unsupported RSN information element version | If you put anything but version value of 1, you will see this code. |
| 45 | Invalid RSN information element capabilities | If WPA/RSN IE is malformed, such as incorrect length etc, you will see this code. |
| 46 | Cipher suite rejected because of security policy | NOT SUPPORTED |
| 47 | The TS has not been created; however, the HC may be capable of creating a TS, in | NOT SUPPORTED |
| 48 | Direct link is not allowed in the BSS by policy | NOT SUPPORTED |
| 49 | Destination STA is not present within this QBSS | NOT SUPPORTED |
| 50 | The Destination STA is not a QSTA | NOT SUPPORTED |
| 51 | Association denied because the ListenInterval is too large | NOT SUPPORTED |
| 200 | Unspecified, QoS-related failure. | Unspecified QoS Failure. This will happen if the Assoc request contains more than one TSPEC for the same AC. |
| 201 | TSPEC request refused due to AP’s policy configuration (e.g., AP is configured to deny all TSPEC requests on this SSID). A TSPEC will not be suggested by the AP for this reason code. | This will happen if a TSPEC comes to a WLAN which has lower priority than the WLAN priority settings. For example a Voice TSPEC coming to a Silver WLAN. Only applies to CCXv4 clients. |
| 202 | Association Denied due to AP having insufficient bandwidth to handle a new TS. This cause code will be useful while roaming only. | |
| 203 | Invalid Parameters. The request has not been successful as one or more TSPEC parameters in the request have invalid values. A TSPEC SHALL be present in the response as a suggestion. Not defined in IEEE, defined in CCXv4 | This happens in cases such as PHY rate mismatch. If the TSRS IE contains a phy rate not supported by the controller, for example. Other examples include sending a TSPEC with bad parameters, such as sending a date rate of 85K for a narrowband TSPEC. |
802.11 Deauth Reason Codes
| Code | 802.11 definition | Explanation |
| 0 | Reserved | NOT SUPPORTED |
| 1 | Unspecified reason | TBD |
| 2 | Previous authentication no longer valid | NOT SUPPORTED |
| 3 | station is leaving (or has left) IBSS or ESS | NOT SUPPORTED |
| 4 | Disassociated due to inactivity | Do not send any data after association; |
| 5 | Disassociated because AP is unable to handle all currently associated stations | TBD |
| 6 | Class 2 frame received from nonauthenticated station | NOT SUPPORTED |
| 7 | Class 3 frame received from nonassociated station | NOT SUPPORTED |
| 8 | Disassociated because sending station is leaving (or has left) BSS | TBD |
| 9 | Station requesting (re)association is not authenticated with responding station | NOT SUPPORTED |
| 10 | Disassociated because the information in the Power Capability element is unacceptable | NOT SUPPORTED |
| 11 | Disassociated because the information in the Supported Channels element is unacceptable | NOT SUPPORTED |
| 12 | Reserved | NOT SUPPORTED |
| 13 | Invalid information element, i.e., an information element defined in this standard for which the content does not meet the specifications in Clause 7 | NOT SUPPORTED |
| 14 | Message integrity code (MIC) failure | NOT SUPPORTED |
| 15 | 4-Way Handshake timeout | NOT SUPPORTED |
| 16 | Group Key Handshake timeout | NOT SUPPORTED |
| 17 | Information element in 4-Way Handshake different from (Re)Association Request/Probe Response/Beacon frame | NOT SUPPORTED |
| 18 | Invalid group cipher | NOT SUPPORTED |
| 19 | Invalid pairwise cipher | NOT SUPPORTED |
| 20 | Invalid AKMP | NOT SUPPORTED |
| 21 | Unsupported RSN information element version | NOT SUPPORTED |
| 22 | Invalid RSN information element capabilities | NOT SUPPORTED |
| 23 | IEEE 802.1X authentication failed | NOT SUPPORTED |
| 24 | Cipher suite rejected because of the security policy | NOT SUPPORTED |
| 25-31 | Reserved | NOT SUPPORTED |
| 32 | Disassociated for unspecified, QoS-related reason | NOT SUPPORTED |
| 33 | Disassociated because QAP lacks sufficient bandwidth for this QSTA | NOT SUPPORTED |
| 34 | Disassociated because excessive number of frames need to be acknowledged, but are not acknowledged due to AP transmissions and/or poor channel conditions | NOT SUPPORTED |
| 35 | Disassociated because QSTA is transmitting outside the limits of its TXOPs | NOT SUPPORTED |
| 36 | Requested from peer QSTA as the QSTA is leaving the QBSS (or resetting) | NOT SUPPORTED |
| 37 | Requested from peer QSTA as it does not want to use the mechanism | NOT SUPPORTED |
| 38 | Requested from peer QSTA as the QSTA received frames using the mechanism for which a setup is required | NOT SUPPORTED |
| 39 | Requested from peer QSTA due to timeout | NOT SUPPORTED |
| 40 | Peer QSTA does not support the requested cipher suite | NOT SUPPORTED |
| 46-65535 | 46--65 535 Reserved | NOT SUPPORTED |
| 98 | Cisco defined | TBD |
| 99 | Cisco defined Used when the reason code sent in a deassoc req or deauth by the client is invalid – invalid length, invalid value etc | Example: Send a Deauth to the AP with the reason code to be invalid, say zero |