I needed to spy on the network traffic a wireless device was sending through my DD-WRT router, but didn't want to setup a proxy server or a Linux router, or anything really complicated.
What I really wanted was to run wireshark on my DD-WRT router.
Well I got probably the next best thing: the ability to mirror all of the traffic to another PC where I could capture it with wireshark!
Basically it is two commands (one for traffic sourced from the target and one destined for the target):
iptables -t mangle -A POSTROUTING \ -d [IP to spy on] \ -j ROUTE –tee –gw [IP of wireshark] iptables -t mangle -A PREROUTING \ -s [IP to spy on] \ -j ROUTE –tee –gw [IP of wireshark]
Check out this link for the source:
http://thatexplainsalot.com/blog/2010/11/use-wireshark-and-dd-wrt-router-firmware-to-imitate-port-monitoring-on-a-router-switch-port/
No comments:
Post a Comment