WireShark

The Network Manager want to Manage Everyting

It is easy to put a wireless interface into monitor mode; however, the Network Manager will immediately change it back to managed mode. To prevent this from occurring, we need to exclude the wireless interface from being managed by the Network Manager, and manage it with Systemd-Networkd:

1. Exclude the Interface from the Network Manager
    
   
   • sudo vi /etc/NetworkManager/config.d/99-unmanged-devices.conf
      
     
   • and place the following in the file:
     

     
     [device-mac80cc9c81f291-unmanaged]
     match-device=mac:80:cc:9c:81:f2:91
     mananged=0
                                

   • sudo reboot
      
     
   • Check that the Network Manager is not managing the interface:
      
     nmcli dev status
2. Setup the Interface with Systemd-Networkd
    
   
   • sudo vi /etc/systemd/network/31-wlan1.network
      
     
   • Place the following in the file:
      
     

     
     [Match]
     Name=wlan1
     Type=wlan
     
     [Network]
     DHCP=ipv4
                                 

3. Setup Wpa_Supplicant
    
   
   • sudo vi /etc/wpa_supplicant/
      
     
   • Place he following in the file:
      
     

     
     ctrl_interface=/run/wpa_supplicant
     ctrl_interface_group=root
     update_config=1
     country=US
     
     network={
         ssid="network-name"
         psk="secret-password"
         priority=1
     }
                                    

Monitor Mode

To put a wireless interface in monitor mode:

sudo ip link set wlan0 down
sudo iw dev wlan0 set type monitor
sudo ip link set wlan0 up

To check the interface is in monitor mode:

iw wlan0 info

References:

1. How to configure a WiFi interface in monitor mode