RTL8720DN - Is 802.11 frame injection possible?

Hi all,

I need to achieve connectionless, low-latency point-to-point wireless transmission of a video signal. I cannot rely on a traditional wifi infrastructure with Access Point to do this. Therefore I want to directly inject 802.11 frames at the sender, and capture them at the receiver.

I am successfully using the RTL8720DN in wifi promiscuous mode with the Arduino SDK (3.0.8) to receive 802.11 frames. Now I need to be able to transmit those frames as well. Unfortunately in the wifi API I couldn’t find any explicit function to do this.

Hence my simple question: how can I inject 802.11 frames with the RTL8720DN ?

Thanks for help !

Hi frame injection is not supported under Arduino framework, as you can see, there is not API provided for such feature.

If you wanna dive deeper into the WiFi driver, you may wanna take a look of the Ameba D Standard SDK at GitHub - ambiot/ambd_sdk: SDK for AmebaD

Hi Simon,
Thanks for your reply. I have looked throughout the AmebaD SDK, unfortunately I was not able to identify anything that would explicitly allow me to inject frames, nor could I find relevant examples. All examples provided use either Station or Access Point modes, which is not appropriate to what I am willing to do.

However there may be some non-obvious way to inject frames, maybe when the driver is in promiscuous mode. Can you please help me identify how I should proceed?

Thanks !
Xavier

Hi Simon,

I am still willing to inject frames in order to perform a short-range distribution of a low-latency, hi-speed audio-video stream. It will be a downstream-only transfer and there will be no upstream radio communication. So there will be no Access Point and no Station in my infrastructure, therefore I cannot rely on the usual Wifi connection mechanism. This is why I would like to build my own MAC frames and send them transparently.

I am now attempting to use the low-level API and make use of rltk_wlan_send(), which seems appropriate. Unfortunately I don’t know which of the following modes of operation I must use.

wifi_on() can be configured with any one of the following rtw_mode_t modes:

	RTW_MODE_NONE = 0,
	RTW_MODE_STA,
	RTW_MODE_AP,
	RTW_MODE_STA_AP,
	RTW_MODE_PROMISC,
	RTW_MODE_P2P

and wext_set_mode() accepts any one of the following modes:

#define IW_MODE_AUTO	0	/* Let the driver decides */
#define IW_MODE_ADHOC	1	/* Single cell network */
#define IW_MODE_INFRA	2	/* Multi cell network, roaming, ... */
#define IW_MODE_MASTER	3	/* Synchronisation master or Access Point */
#define IW_MODE_REPEAT	4	/* Wireless Repeater (forwarder) */
#define IW_MODE_SECOND	5	/* Secondary master/repeater (backup) */
#define IW_MODE_MONITOR	6	/* Passive monitor (listen only) */

Can you please tell me which mode / mode combination I have to use?
And if rltk_wlan_send() is not the right way to go, can you tell me which other function will do the job?

Thanks for help !
Regards

Hi @xsutter Xavier,

Despite my willingness to help you, I am not informed that such control

is possible even under the standard SDK.

Though, it’s highly possible that such functions exist in the pre-compiled archive library, and you can see their declarations in the header files, but unfortunately I don’t think I am able to point you to the right direction myself, I am more towards using the normal TCPIP stack thus was never bothered to look so deep.

Thank you Simon for your prompt response. I will try to dig deeper into the pre-compiled archive library. For some functions the comments are very sparse, and it is hardly possible to guess their exact behaviour and possible side-effects. Do you know where I can find a user manual of the underlying, pre-compiled firmware and libraries? This would be of great help !

Thank you very much for your support !
Xavier

@xsutter Hi! Did you manage to find any way to accomplish this?

Hi,
Unfortunately I didn’t, which forces me to now consider alternatives to the RTL8720DN. Too bad, as it is otherwise a very well-performing machine.

Im curious if there is something in the SDK that will allow this? I’ve posted a new thread in the forum, just came across this thread which looks to be what I am trying to achive for my project. Something like this GitHub - Jeija/esp32-80211-tx: Send arbitrary IEEE 802.11 frames with Espressif's ESP32 but for the RTL8720dn

Hello There!
I have managed to accomplish raw IEEE 802.11 frame injection on an RTL8720dn. I have documented this experience on my blog Making-raw-802-11-frame-injection-possible-on-an-rtl8720dn. The link for the project on my GitHub is also included there.