Jump to content

DigiRD

Active Members
  • Content Count

    8
  • Joined

  • Last visited

About DigiRD

  • Rank
    Hackling

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. After testing I got a working script. I also tested netmode BRIDGE and CLONE, but those didn't work. I chose the eth1 interface, which is the one that is connected to the LAN and not the target (but it doesn't really matter). Choosing br-lan didn't work as an interface. I was just playing around to see if I can control Apple connections to an iPhone. With the script below and a USB-Ethernet adapter for the iPhone, I can visit the internet when the phone is in flight mode, but without connecting to Apple services. It doesn't synchronize Apple mail, cant receive the ping sound for a lost phone, etc. #!/bin/bash # # Title: Hardware-firewall # Description: Block all network traffic from and to Apple servers (17.0.0.0/8) # Set networking to NAT mode and wait five seconds NETMODE NAT sleep 5 # Block network traffic to and from Apple iptables -i eth1 -I FORWARD -s 17.0.0.0/8 -j DROP iptables -i eth1 -I FORWARD -d 17.0.0.0/8 -j DROP # Show when ready LED W DOUBLE Thanks to everyone who replied to my question! Learned a lot and was pointed in the right directions. :)
  2. Thanks, I tried all netmode options, but nothing worked. It looks like it has something to do with the iptables command, but I haven't figured it out yet. Am I missing something in the above shell script (changed it to netmode BRIDGE)? Does the PS even accept such iptables commands? If I look at iptables -L in arming mode after having used the payload, it doesn't seem to save the blocked IP-adresses. So do I need to add some lines to the payload to save and restart iptables? It didn't work with the service command.
  3. Thanks for your reply. I added iptables rules directly on the PS while in arming mode, but that doesn't work. Does the PS only work when using switch 1, 2 and 3 in combination with shell scripts? The following script didn't worked either; #!/bin/bash # # Title: Hardware-firewall # Description: Block all network traffic from and to Apple servers (17.0.0.0/8) # Set networking to TRANSPARENT mode and wait five seconds NETMODE TRANSPARENT sleep 5 # Block network traffic to and from Apple iptables -A INPUT -s 17.0.0.0/8 -j DROP iptables -A OUTPUT -s 17.0.0.0/8 -j DROP # Show when ready LED W DOUBLE I simply want to block all incoming and outgoing traffic to ip addresses starting with 17.*.*.* (17.0.0.0/8), nothing else. In the meantime I'll keep digging to find out what I'm doing wrong. Any feedback is appreciated.
  4. I want to connect a device to a wired ethernet connection, so that I'm able to block specific network traffic with a hardware firewall. At first I was playing with a Raspberry Pi 3 to get the job done, but I think the Packet Squirrel is much easier and better suited for the job. What is the best way to use the Packet Squirrel as a hardware firewall? By just using iptables or does someone has a payload available or any other suggestions? Thanks
  5. Great question! I am also looking for other methods to capture and analyze traffic with the Nano, other then the build-in module tcpdump (which isn't working for me at the moment). I used this method on the previous version PineApple, to analyze network traffic generated by me on mobile phones in my own lab. So it would be great if you can just select the Pineapple as an interface in Wireshark and capture the traffic from there. So I'll be following this thread and I hope someone has been working on this or can offer any help on this topic. Thanks!
×
×
  • Create New...