I'm trying to capture WiFi packets between a Windows 10 machine (client) and a Linux controller (AP) using 802.11b/g/n in the 2.4GHz range on channel 1. I'm running an iperf3 test between the client and the AP. I can capture traffic, but the capture doesn't seem to collect nearly as much data as is passing between the client and AP. Do I have something set up wrong?
I've got an Alfa awus036neh USB WiFi adapter on a separate laptop booted into Kali Linux (2019.3). I start the adapter in monitor mode using the following commands, and start netsniff-ng. The details are in the attached text file.
root@kali:~# airmon-ng check kill
root@kali:~# airmon-ng start wlan1
root@kali:~# iw wlan1mon set channel 1 HT20
root@kali:~# netsniff-ng --in wlan1mon --out dump.pcap --silent --bind-cpu 1
iperf3 reports 10's of MB being transferred during the recording (5MBytes per second), but the dump.pcap file is less than 1MB. It doesn't seem that everything is being recorded. Is the data being stripped out? I'm not specifying a filter.