The content of this topic has been archived on 25 Mar 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Hi community!
Need some assistance in configuring OpenWRT and WRT54GL for legitimate traffic mirroring!
I work for enterprise, and we installed couple of WRT's to cover HQ, but managements needs security policy compliance and needs to get all traffic from AP!
Any ideas, tutorials on configuration????
Thanks in advance
You can use TEE from iptables.
Something like this, to monitor all traffic from and to the WAN:
# incoming packets (ignore packets from local subnet)
iptables -A POSTROUTING -t mangle -o br-lan ! -s 10.10.0.0/16 -j TEE --gateway 10.10.0.1
# outgoing packets (ignore packets to local subnet)
iptables -A PREROUTING -t mangle -i br-lan ! -d 10.10.0.0/16 -j TEE --gateway 10.10.0.1Thereby, all packets gets forwarded to 10.10.0.1
You can also use a seperate vlan to create the mirror-port.
(Last edited by cybe on 1 Mar 2011, 22:08)
thanks cybe, will try your recipe!
any alternative ideas?
Maybe if you provide some more information on what exactly you want to do.
Exactly, i want to dump all the wireless clients traffic
Then cybe already answered your question.
The discussion might have continued from here.