nzyme-tap is not monitoring on Raspberry Pi 4 and 5 - `libpcap error: That device is not up`

[archtur]

nzyme Version: nzyme-tap version 2.0.0 alpha 15

Describe the bug

After a fresh installation of a Raspberry Pi 4 or 5 with Raspberry Pi OS 12 (bookworm, 64-bit, full version with desktop, 2025-01-16), nzyme-tap is not working as intended. nzyme-node is not installed.

The problem is, that the tap is not working correctly and delivering data to the node as intended.

The problem occurs with a Raspberry Pi 4 and with a Raspberry Pi 5

• both systems were setup exactly in the same way - see Installation description.
• both systems use the same ALFA Network AWUS036ACHM network card.

Please take into accout where issue does not occur.

If you need further information, you can contact me. I can also reinstall and do whatever you need to get enough debugging information. The bug is not hard to reproduce. If you have dev-builds and you want to test them, I will do that.

Problem output

`journalctl -xe`

[...]
Jan 16 19:54:46 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:46][dot11::capture] Enabling interface [wlan1] ...
Jan 16 19:54:46 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:46][dot11::capture] Device [wlan1] is now up.
Jan 16 19:54:46 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: entered promiscuous mode
Jan 16 19:54:46 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: left promiscuous mode
Jan 16 19:54:46 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:46][dot11::capture] Could not get PCAP capture handle on [wlan1]: libpcap error: That device is not up
Jan 16 19:54:46 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:46][nzyme_tap] WiFi capture [wlan1] disconnected. Retrying in 5 seconds.
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:51][dot11::capture] Starting WiFi capture on [wlan1]
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:51][dot11::capture] Temporarily disabling interface [wlan1] ...
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:51][dot11::capture] Device [wlan1] is now down.
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:51][dot11::capture] Enabling monitor mode on interface [wlan1] ...
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:51][dot11::capture] Device [wlan1] is now in monitor mode.
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:51][dot11::capture] Enabling interface [wlan1] ...
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:51][dot11::capture] Device [wlan1] is now up.
Jan 16 19:54:51 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: entered promiscuous mode
Jan 16 19:54:51 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: left promiscuous mode
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:51][dot11::capture] Could not get PCAP capture handle on [wlan1]: libpcap error: That device is not up
Jan 16 19:54:51 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:51][nzyme_tap] WiFi capture [wlan1] disconnected. Retrying in 5 seconds.
Jan 16 19:54:53 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:53][bluetooth::tables::bluetooth_table] Could not submit Bluetooth devices report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:54:53 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:53][ethernet::tables::tcp_table] Could not submit TCP sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:54:53 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:53][ethernet::tables::udp_table] Could not submit UDP datagrams report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:54:53 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:53][ethernet::tables::dns_table] Could not submit DNS report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:54:53 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:53][ethernet::tables::ssh_table] Could not submit SSH sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:54:53 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:53][ethernet::tables::socks_table] Could not submit SOCKS tunnels report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:54:56 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:56][dot11::capture] Starting WiFi capture on [wlan1]
Jan 16 19:54:56 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:56][dot11::capture] Temporarily disabling interface [wlan1] ...
Jan 16 19:54:56 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:56][dot11::capture] Device [wlan1] is now down.
Jan 16 19:54:56 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:56][dot11::capture] Enabling monitor mode on interface [wlan1] ...
Jan 16 19:54:56 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:56][dot11::capture] Device [wlan1] is now in monitor mode.
Jan 16 19:54:56 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:56][dot11::capture] Enabling interface [wlan1] ...
Jan 16 19:54:56 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:54:56][dot11::capture] Device [wlan1] is now up.
Jan 16 19:54:56 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: entered promiscuous mode
Jan 16 19:54:56 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: left promiscuous mode
Jan 16 19:54:57 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:57][dot11::capture] Could not get PCAP capture handle on [wlan1]: libpcap error: That device is not up
Jan 16 19:54:57 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:54:57][nzyme_tap] WiFi capture [wlan1] disconnected. Retrying in 5 seconds.
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:02][dot11::capture] Starting WiFi capture on [wlan1]
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:02][dot11::capture] Temporarily disabling interface [wlan1] ...
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:02][dot11::capture] Device [wlan1] is now down.
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:02][dot11::capture] Enabling monitor mode on interface [wlan1] ...
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:02][dot11::capture] Device [wlan1] is now in monitor mode.
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:02][dot11::capture] Enabling interface [wlan1] ...
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:02][dot11::capture] Device [wlan1] is now up.
Jan 16 19:55:02 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: entered promiscuous mode
Jan 16 19:55:02 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: left promiscuous mode
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:02][dot11::capture] Could not get PCAP capture handle on [wlan1]: libpcap error: That device is not up
Jan 16 19:55:02 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:02][nzyme_tap] WiFi capture [wlan1] disconnected. Retrying in 5 seconds.
Jan 16 19:55:05 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:05][bluetooth::tables::bluetooth_table] Could not submit Bluetooth devices report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:55:05 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:05][ethernet::tables::tcp_table] Could not submit TCP sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:55:05 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:05][ethernet::tables::udp_table] Could not submit UDP datagrams report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:55:05 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:05][ethernet::tables::dns_table] Could not submit DNS report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:55:05 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:05][ethernet::tables::ssh_table] Could not submit SSH sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:55:06 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:06][ethernet::tables::socks_table] Could not submit SOCKS tunnels report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:07][dot11::capture] Starting WiFi capture on [wlan1]
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:07][dot11::capture] Temporarily disabling interface [wlan1] ...
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:07][dot11::capture] Device [wlan1] is now down.
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:07][dot11::capture] Enabling monitor mode on interface [wlan1] ...
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:07][dot11::capture] Device [wlan1] is now in monitor mode.
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:07][dot11::capture] Enabling interface [wlan1] ...
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [INFO][2025-01-16 19:55:07][dot11::capture] Device [wlan1] is now up.
Jan 16 19:55:07 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: entered promiscuous mode
Jan 16 19:55:07 Verdandi kernel: mt76x0u 3-2:1.0 wlan1: left promiscuous mode
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:07][dot11::capture] Could not get PCAP capture handle on [wlan1]: libpcap error: That device is not up
Jan 16 19:55:07 Verdandi nzyme-tap[2037]: [ERROR][2025-01-16 19:55:07][nzyme_tap] WiFi capture [wlan1] disconnected. Retrying in 5 seconds.

To Reproduce

Steps to reproduce the behavior:

1. Install a fresh Raspberry Pi 5 or 4 with the latest Raspberry Pi OS 12 64-bit
2. Fully upgrade the Raspberry Pi OS
3. Install nzyme-tap
4. Error occurs

Installation description #

In general I followed the nzyme-tap installation instructions.

The Installation instructions were executed via ssh.

1. First I installed a fresh SD card with Raspberry Pi OS 12 and updated the system.

   sudo apt update
   sudo apt full-upgrade
   sudo reboot

2. I connected my ALFA Network AWUS036ACHM - it is visible as wlan1.

3. Then I installed the latest nzyme-tap version 2.0.0 alpha 15.

   mkdir Installation
   cd Installation
   
   wget https://github.com/nzymedefense/nzyme/releases/download/2.0.0-alpha.15/nzyme-tap_rpios-12bookworm-arm64-2.0.0-alpha.15.deb
   sudo dpkg -i nzyme-tap_rpios-12bookworm-arm64-2.0.0-alpha.15.deb

4. I overtook my nzyme-tap.conf configuration file to /etc/nzyme/nzyme-tap.conf.

   nzyme-tap.conf (with faked leader_secret)

   [general]
   leader_secret = "my-secret"
   leader_uri = "https://192.168.2.146:22900/"
   accept_insecure_certs = true
   
   #[ethernet_interfaces.enp6s0]
   #active = true
   #networks = [
   #  { cidr = "192.168.0.0/24", dns_servers = [ "192.168.0.1:53" ], injection_interface = "enp6s0" }
   #]
   
   # ALFA Network AWUS036ACHM
   [wifi_interfaces.wlan1]
   active = true
   channel_width_hopping_mode = "full" # Learn more: https://go.nzyme.org/wifi-hopping-channel-width-mode
   channels_2g = [4, 5, 6, 7, 8, 9, 10, 11, 12]
   channels_5g = [36, 40, 44, 48, 52, 56, 60, 64]
   channels_6g = []
   
   # TP-Link TL-WN722N
   #[wifi_interfaces.wlp1s0u1u1]
   #active = true
   #channel_width_hopping_mode = "full" # Learn more: https://go.nzyme.org/wifi-hopping-channel-width-mode
   #channels_2g = [1, 2, 3, 13]
   #channels_5g = [] # [68, 96, 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140, 144, 149, 153, 157, 161, 165, 169, 177]
   #channels_6g = []
   
   #[bluetooth_interfaces.hci0]
   #active = true
   #bt_classic_enabled = true
   #bt_le_enabled = true
   #discovery_period_seconds = 15
   #dbus_method_call_timeout_seconds = 2
   
   [performance]
   ethernet_brokers = 1
   wifi_brokers = 1
   wifi_broker_buffer_capacity = 65535
   ethernet_broker_buffer_capacity = 65535
   bluetooth_devices_pipeline_size = 1024
   
   [protocols.tcp]
   pipeline_size = 16384
   reassembly_buffer_size = 1048576
   session_timeout_seconds = 43200
   
   [protocols.udp]
   pipeline_size = 16384
   
   [protocols.dns]
   pipeline_size = 4096
   entropy_zscore_threshold = 3.0
   
   [protocols.ssh]
   pipeline_size = 1024
   
   [protocols.socks]
   pipeline_size = 1024
   
   [protocols.arp]
   pipeline_size = 1024
   
   [protocols.dhcpv4]
   pipeline_size = 1024
   
   [misc]
   training_period_minutes = 5
   context_mac_ip_retention_hours = 36
   context_mac_hostname_retention_hours = 36
   

5. Then I enabled and started the systemd service.

   sudo systemctl enable nzyme-tap
   sudo systemctl start nzyme-tap

Expected behavior

That the nzyme-tap simply does what it should.

Desktop (please complete the following information):

The problem occurs with nzyme-tap, so it is not related to the web interface.

Additional context

Where the issue does not occur #

I have a second Raspberry Pi 5 (where I started working with) that has an nzyme-node and an nzyme-tap installed and running on one system.

• Same Raspberry Pi 5 hardware.
• Same ALFA Network AWUS036ACHM network card.
• The only difference seems to be the previously setup and running nzyme-node.

Workaround attempts - did not help

• I tried to reboot several times.

• I tried to install nzyme-node package in addtion (without fully configuring and running it)

  sudo apt install -y openjdk-17-jre-headless postgresql-15

[lennartkoopmann]

Hi! Thank for you this complete and well formatted bug report!

A quick first question before I dive deeper: Which RPI OS type or distribution are you using? Is it the lite version or a full version that comes with a desktop environment?

[archtur]

Hi Lennart,

sorry for missing that Detail!

Im using the full version (with desktop). The Installation instructions were executed via ssh.

I will add tjhis detail also in the description.

[lennartkoopmann]

That is likely the issue. The full version will spin up things like NetworkManager and interfere with management of the WiFi cards.

[archtur]

OK, I will try that. But I use also the full version on the working Pi (which also runs the nzyme-node).

Can you send me how we could verify that this is the problem?

[lennartkoopmann]

The behavior can be very unpredictable as the OS decides what to do with the WiFi adapters based on different parameters. I've sometimes seen it work and sometimes break in the way that you describe.

There is a way to exclude WiFi adapters from management of NetworkManager but you should re-install using the Lite version, because other things can easily break further down the road. For example, you'd run into similar issues with Bluetooth.

[archtur]

Ok, I will try that. Then I have also to migrate my nzyme-node with the included nzyme-tap to a new installation.

Is it enough to do the following steps for backup?

1. Stop nzyme

   sudo systemctl stop nzyme-tap
   sudo systemctl stop nzyme

2. Dump database

   sudo -u postgres pg_dumpall | tee ./dumpall.sql

3. Copy files (directories are configured like in nzyme.conf.example)

   sudo cp /etc/nzyme/ ./ -R --parents
   sudo cp /usr/share/nzyme/ ./ -R --parents
   sudo cp /var/log/nzyme/ ./ -R --parents

I did this in the past, but forgot to backup my pgp keys and the result was that after a long time, where I found some workarounds here and there, I installed it freshly in the end.

[lennartkoopmann]

I can't test this right now but it looks good. Keep the SD in the RPI to make sure.

[archtur]

I reinstalled both, the Raspberry Pi 4 and 5 which run the standalone nzyme-taps (without nzyme-node).

The reinstallation of the Pi 5 which has a node and tap I will do as soon as all other things are clear for me. Thank you for you confirmation about the steps to backup/restore the nzyme-node, I will try that. But I will not be on the safe part, becasue I have to reuse the harddisk (I have only one, and a binary image will be very big). So if something comes to your mind what I could have forgotton, please let me know. Afterwards you could reuse the instructions for your documentation page.

I used Raspberry Pi OS 12 bookworm 64-bit, Lite this time. I followed exactly my description above. The only thing I did in addition is to activate predictable network interface names in the raspi-config. (I did it in this way because for Raspberry Pi 5 your description in the tip to "delete the symlink at /etc/systemd/network/99-default.link" does not work any more)

I have two different results on the Pis:

On the Raspberry Pi 5

It seems to work fine now, the only error outputs in journalctl -xe are bluetooth and ethernet related and I deactivated those subsystems in the node. I expect this is ok.

I can see the tap online now in the nzyme-node web interface.

`journalctl -xe`

Jan 18 09:02:34 Verdandi nzyme-tap[857]: [ERROR][2025-01-18 09:02:34][bluetooth::tables::bluetooth_table] Could not submit Bluetooth devices report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:02:34 Verdandi nzyme-tap[857]: [ERROR][2025-01-18 09:02:34][ethernet::tables::tcp_table] Could not submit TCP sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:02:34 Verdandi nzyme-tap[857]: [ERROR][2025-01-18 09:02:34][ethernet::tables::udp_table] Could not submit UDP datagrams report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:02:34 Verdandi nzyme-tap[857]: [ERROR][2025-01-18 09:02:34][ethernet::tables::dns_table] Could not submit DNS report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:02:34 Verdandi nzyme-tap[857]: [ERROR][2025-01-18 09:02:34][ethernet::tables::ssh_table] Could not submit SSH sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:02:34 Verdandi nzyme-tap[857]: [ERROR][2025-01-18 09:02:34][ethernet::tables::socks_table] Could not submit SOCKS tunnels report: Could not send report. Received response code [HTTP 401 Unauthorized].

On the Raspberry Pi 4

On this Pi I did exactly the same. Unfortunatelly it seems that I have the same problem again.
After getting that problem again I repeated it a second time, and went into the exact same situation.

`journalctl -xe`

Jan 18 09:10:27 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:27][dot11::capture] Starting WiFi capture on [wlx00c0cab51193]
Jan 18 09:10:27 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:27][dot11::capture] Temporarily disabling interface [wlx00c0cab51193] ...
Jan 18 09:10:27 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:27][dot11::capture] Device [wlx00c0cab51193] is now down.
Jan 18 09:10:27 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:27][dot11::capture] Enabling monitor mode on interface [wlx00c0cab51193] ...
Jan 18 09:10:27 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:27][dot11::capture] Device [wlx00c0cab51193] is now in monitor mode.
Jan 18 09:10:27 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:27][dot11::capture] Enabling interface [wlx00c0cab51193] ...
Jan 18 09:10:27 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:27][dot11::capture] Device [wlx00c0cab51193] is now up.
Jan 18 09:10:27 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: entered promiscuous mode
Jan 18 09:10:27 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: left promiscuous mode
Jan 18 09:10:27 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:27][dot11::capture] Could not get PCAP capture handle on [wlx00c0cab51193]: libpcap error: That device is not up
Jan 18 09:10:27 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:27][nzyme_tap] WiFi capture [wlx00c0cab51193] disconnected. Retrying in 5 seconds.
Jan 18 09:10:30 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:30][bluetooth::tables::bluetooth_table] Could not submit Bluetooth devices report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:10:30 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:30][ethernet::tables::tcp_table] Could not submit TCP sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:10:31 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:31][ethernet::tables::udp_table] Could not submit UDP datagrams report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:10:31 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:31][ethernet::tables::dns_table] Could not submit DNS report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:10:31 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:31][ethernet::tables::ssh_table] Could not submit SSH sessions report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:10:31 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:31][ethernet::tables::socks_table] Could not submit SOCKS tunnels report: Could not send report. Received response code [HTTP 401 Unauthorized].
Jan 18 09:10:32 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:32][dot11::capture] Starting WiFi capture on [wlx00c0cab51193]
Jan 18 09:10:32 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:32][dot11::capture] Temporarily disabling interface [wlx00c0cab51193] ...
Jan 18 09:10:32 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:32][dot11::capture] Device [wlx00c0cab51193] is now down.
Jan 18 09:10:32 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:32][dot11::capture] Enabling monitor mode on interface [wlx00c0cab51193] ...
Jan 18 09:10:32 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:32][dot11::capture] Device [wlx00c0cab51193] is now in monitor mode.
Jan 18 09:10:32 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:32][dot11::capture] Enabling interface [wlx00c0cab51193] ...
Jan 18 09:10:32 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:32][dot11::capture] Device [wlx00c0cab51193] is now up.
Jan 18 09:10:32 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: entered promiscuous mode
Jan 18 09:10:32 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: left promiscuous mode
Jan 18 09:10:32 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:32][dot11::capture] Could not get PCAP capture handle on [wlx00c0cab51193]: libpcap error: That device is not up
Jan 18 09:10:32 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:32][nzyme_tap] WiFi capture [wlx00c0cab51193] disconnected. Retrying in 5 seconds.
Jan 18 09:10:37 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:37][dot11::capture] Starting WiFi capture on [wlx00c0cab51193]
Jan 18 09:10:37 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:37][dot11::capture] Temporarily disabling interface [wlx00c0cab51193] ...
Jan 18 09:10:37 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:37][dot11::capture] Device [wlx00c0cab51193] is now down.
Jan 18 09:10:37 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:37][dot11::capture] Enabling monitor mode on interface [wlx00c0cab51193] ...
Jan 18 09:10:37 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:37][dot11::capture] Device [wlx00c0cab51193] is now in monitor mode.
Jan 18 09:10:37 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:37][dot11::capture] Enabling interface [wlx00c0cab51193] ...
Jan 18 09:10:37 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:37][dot11::capture] Device [wlx00c0cab51193] is now up.
Jan 18 09:10:37 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: entered promiscuous mode
Jan 18 09:10:37 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: left promiscuous mode
Jan 18 09:10:37 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:37][dot11::capture] Could not get PCAP capture handle on [wlx00c0cab51193]: libpcap error: That device is not up
Jan 18 09:10:37 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:37][nzyme_tap] WiFi capture [wlx00c0cab51193] disconnected. Retrying in 5 seconds.
Jan 18 09:10:42 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:42][dot11::capture] Starting WiFi capture on [wlx00c0cab51193]
Jan 18 09:10:42 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:42][dot11::capture] Temporarily disabling interface [wlx00c0cab51193] ...
Jan 18 09:10:42 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:42][dot11::capture] Device [wlx00c0cab51193] is now down.
Jan 18 09:10:42 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:42][dot11::capture] Enabling monitor mode on interface [wlx00c0cab51193] ...
Jan 18 09:10:42 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:42][dot11::capture] Device [wlx00c0cab51193] is now in monitor mode.
Jan 18 09:10:42 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:42][dot11::capture] Enabling interface [wlx00c0cab51193] ...
Jan 18 09:10:42 Skuld nzyme-tap[784]: [INFO][2025-01-18 09:10:42][dot11::capture] Device [wlx00c0cab51193] is now up.
Jan 18 09:10:42 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: entered promiscuous mode
Jan 18 09:10:42 Skuld kernel: mt76x0u 1-1.4:1.0 wlx00c0cab51193: left promiscuous mode
Jan 18 09:10:42 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:42][dot11::capture] Could not get PCAP capture handle on [wlx00c0cab51193]: libpcap error: That device is not up
Jan 18 09:10:42 Skuld nzyme-tap[784]: [ERROR][2025-01-18 09:10:42][nzyme_tap] WiFi capture [wlx00c0cab51193] disconnected. Retrying in 5 seconds.

Here is my network interface name from ip addr:

[...]
5: wlx00c0cab51193: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ieee802.11/radiotap 00:c0:ca:b5:11:93 brd ff:ff:ff:ff:ff:ff
[...]

[lennartkoopmann]

What does iw dev on the machine that does not work show?

[archtur]

Moin Lennart,

iw dev shows the following output:

phy#1
        Interface wlx00c0cab51193
                ifindex 4
                wdev 0x100000001
                addr 00:c0:ca:b5:11:93
                type monitor
                txpower 0.00 dBm
                multicast TXQ:
                        qsz-byt qsz-pkt flows   drops   marks   overlmt hashcol tx-bytes        tx-packets
                        0       0       0       0       0       0       0       0               0
phy#0
        Interface wlan0
                ifindex 3
                wdev 0x1
                addr dc:a6:32:a5:3e:9f
                type managed
                channel 34 (5170 MHz), width: 20 MHz, center1: 5170 MHz

[archtur]

Ok, I think I solved the issue, but I do not know how it came to this state.

Whle the Raspberry Pi 4 was in the error state, I had a look at rfkill list and found out that the device 2: phy1 is soft blocked, while it is not soft blocked on the other Raspberry Pi 5. Here is the output on the not working Raspberry Pi 4:

0: hci0: Bluetooth
        Soft blocked: no
        Hard blocked: no
1: phy0: Wireless LAN
        Soft blocked: yes
        Hard blocked: no
2: phy1: Wireless LAN
        Soft blocked: yes
        Hard blocked: no

Then I unblocked it manually with sudo rfkill unblock 2 and rebootet. Afterwards the Softblock indicator was still no, exactly like it is shown on the Raspberry Pi 5:

0: hci0: Bluetooth
        Soft blocked: no
        Hard blocked: no
1: phy0: Wireless LAN
        Soft blocked: yes
        Hard blocked: no
2: phy1: Wireless LAN
        Soft blocked: no
        Hard blocked: no

And the nzyme-tap now runs fine. But why the hell was the network card softblocked on this device? Do you have an idea why I had this difference between my tap systems? Does nzyme configure such a soft lock on the network cards?

[lennartkoopmann]

Interesting. Thank you for the update!

Is there a chance that you did not set country information on one of the RPIs? As far as I know, RPI OS will use rfkill to block all WiFi until it knows what region it is in to make sure it is using the correct channels.

Maybe there is a difference in how a RPI 5 handles this compared to a RPI 4?

[lennartkoopmann]

I am going to keep this issue open and move it into a milestone because I want to build a nzyme-tap troubleshoot command that could check for rfkill amongs other things. Thank you already.