Wednesday, November 6, 2013

DD-WRT Port Sniffing

I needed to spy on the network traffic a wireless device was sending through my DD-WRT router, but didn't want to setup a proxy server or a Linux router, or anything really complicated.

What I really wanted was to run wireshark on my DD-WRT router.

Well I got probably the next best thing: the ability to mirror all of the traffic to another PC where I could capture it with wireshark!

Basically it is two commands (one for traffic sourced from the target and one destined for the target):


iptables -t mangle -A POSTROUTING \
    -d [IP to spy on] \
    -j ROUTE –tee –gw [IP of wireshark]
iptables -t mangle -A PREROUTING \
    -s [IP to spy on] \
    -j ROUTE –tee –gw [IP of wireshark]

Check out this link for the source:
http://thatexplainsalot.com/blog/2010/11/use-wireshark-and-dd-wrt-router-firmware-to-imitate-port-monitoring-on-a-router-switch-port/

No comments: