Monitor Mode with Orinoco IEEE 802.11b Cards & Linux

The following is a terse description of how to install the Orinoco wireless PCMCIA drivers on Suse 9.3. In addition to providing some guidance on monitor mode, it also helps solve the problem of iwlist eth1 scanning resulting in the msssage interface doesn't support scanning, by upgrading the drivers to a later revision. Note that 0.13e revision 8 is for kernel 2.6.11: you will need higher revisions if you are using a later kernel.

Install the linux kernel sources package, (and the development tools for C/C++ if you haven't already), using YAST.
Assuming you're running the same version of kernel as the one you downloaded, go into the /usr/src/linux directory, and then run cp /proc/config.gz .; gzip -d config.gz; mv config .config to get the .config file into the correct place.
Confirm that the symbolic link /lib/modules/your versionbuild points to the sources you just downloaded.
Ensure that the directory /lib/modules/kernel-version/kernel/drivers/net/wireless/ exists. If it does not, you need to compile the Orinoco drivers as modules into your kernel (go into /usr/src/kernel-version/ and run make menuconfig and go through Device Drivers, Networking, Wireless, and select the two Hermes modules).
In the /usr/src/linux/ directory, run make prepare-all. This ensures that scripts/genksyms/genksyms exists and works when it's needed later on.
Download the latest Orinoco drivers (I used version 0.15). no longer available: now included in Linux kernel.
Update: Version 0.13e is likely to be better for monitor mode: version 0.15 does not provide the monitor mode ioctl(). See below.
Note: if you are using the updated version of this Howto, ignore the remainder of this bulleted list! The old instructions are for the 0.15 version of the drivers.
Unzip the drivers, and then edit the Makefile to comment out the lines relating to PCI cards (68 to 71). As far as I am aware (i.e. this is a guess!), if you are using a PCMCIA card you do not need the PCI modules. The reason for doing this is that on my installation the make failed on the PCI module.
Download the patch to the v0.15 drivers (scroll down), from the Kismet site to enable signal strength monitoring. Place the diff file in the same directory as the unzipped drivers, and run patch -p1 < orinoco-0.15rc2-dargorn-02.diff (or the relevant filename). The result should be three patched files.
Note: if you use the 0.13e drivers and the relevant patch with a kernel of version 2.6.11 or higher, there will be compilation errors. See the updated version of these notes below.
Run make and then make install.
Run /etc/init.d/pcmcia restart.
Now try iwconfig eth1 mode monitor (with the appropriate interface ID for your machine), and see if it works (you can check by running iwconfig eth1 and checking the mode there. Note that without the patch, running iwpriv eth1 does not list any monitor ioctl(), which precludes the use of iwlist eth1 scanning. With the patch the ioctl() entry still doesn't appear, but scanning and signal strength do work.

Following more in depth testing and investigation, I found that the above procedure does not in fact give true monitor mode (in the sense that the monitor ioctl() does not appear in the list output by iwpriv). The following does appear to work better -- comments welcome!

Download version 0.13e revision 8 of the Patched Orinoco drivers. These are Dave Gibson's drivers already patched for monitor mode, which have the compilation bug under kernel 2.6.11 fixed.
These drivers should enable you to work with the newest Orinoco firmware (8.72), but the above page notes that it appears some users are missing packets... See what you find. To check or upgrade your firmware version, you'll need to put the card into a Windows-based machine, and use the Proxim firmware upgrade utility (Proxim no longer hosts the WSUS utility, so this is an alternative source). For this to work properly you are likely to need to Proxim Orinoco driver (no longer available from Proxim, this is from one of the free driver download sites) installed too.
Having obtained the patched drivers, you should simply unzip them, and run make.
Next, cp *.ko /lib/modules/kernel-version/kernel/drivers/net/wireless/, to install them. For some reason make install puts the modules into the /lib/modules/kernel-version/extra/ directory, so don't use it.
If you now restart PCMCIA services, /etc/init.d/pcmcia restart, the new drivers should be loaded.
Run iwpriv eth1 (or whatever your interface name is) to see whether the monitor mode now appears in the list of ioctl() calls. If you don't have this command, install Jean Tourrilhe's wireless-tools package (under Gentoo this is net-wireless/wireless-tools).
To run tcpdump on the interface, you'll also want to perform channel hopping. You can use Snax's Channel hopper. Compile using gcc -o hopper orinoco_hopper.c. Then you can just ./hopper to start it off. Running tcpdump eth1 should then produce some output (assuming there are one or more active wireless networks around).
Note that the channel hopper will interfere with iwlist. In my case to get iwlist to produce any output again, the channel hopper had to be terminated, and then PCMCIA services restarted. You may have better luck: if you do please let me know! ;-).

Note: Another useful page is Airsnort's Orinoco page.