I downloaded the recent version image of kali (64 bit), installed it on a pi 4 and apt upgraded. The aircrack suite told me to kill processes (I did) and then I used it to start a monitor mode interface, which was named wlan0mon.

Using wireshark only showed me beacon mode stuff and spanning tree broadcasts. I set up an unprotected net and generated traffic on it. All I saw were those same packets.

I tried kismet, generated traffic and I an reasonably sure, based on packet counts and patterns, that kismet didn't see it.

The web site only promised support for the 3 and 3b, not the 4. I bought a 3b, installed the kali image on the 3, update and upgrade and... Exactly the save thing.

I would really like to see data and protocol packets... I'm trying to see what some iot stuff actually does.

I asked on the wireshark forum but I think that this is not their problem. I think that they are reporting on the packets that are passed to them on the monitor interface. One source said that if you don't decrypt the packets, some sources may not see them, but don't open nets not encrypt the packets at all?

How can I get the wifi to pass the packets? By the way, the wifi signal is strong, I can attach to the ap and use it to access the internet.

Is there something I must do to install the nexmon drivers for the builtin wifi?