random_dude
-
Posts
5 -
Joined
-
Last visited
Posts posted by random_dude
-
-
Ok I got the solution. I go to bed. Ping me here if you're interested by this config
-
BTW, I tried to add the following try to create a second routing table for my tun0 interfaces:
echo "1 vpna" >> /etc/iproute2/rt_tables echo "2 vpnb" >> /etc/iproute2/rt_tables ip rule add from 10.8.0.0/24 dev tun0 table vpna ip rule add from 10.9.0.0/24 dev tun1 table vpnb ip route add default via 10.8.0.5 dev tun0 table vpna ip route add default via 10.9.0.5 dev tun1 table vpnb -
I am maybe a little crazy but I am trying to forward network traffic from two differents SSID to two different vps running openvpn.
Why ? Because I have two VPS and I woud like to able to browse the Internet from all my device just selecting a WiFi network.Sorry for this dirty hack ; the pineapple is a cool offensive device that I love use but I am trying to configure it as something like a smart defensive device :)
Well, my setup is working well with only one wifi / tun interface. It seems impossible to work that with the two VPN at the same time (openvpn client).
I don't understand why :/ I think it's not a very complicate setup I hope somebody could help me here since you're network experts.I think it's a routing issue but I am not sure. So my question is the following :
- How can I forward correctly forward the network traffic from my two wifi subnets to each tun / vpn interface at the same time ?
Anyone can help me to fix this please ? Below few details about my setup :To simplify this, my setup looks like :
eth0 (internet link) <===== tun0 <==== wifi-A
eth0 (internet link) <===== tun1 <==== wifi-BNote the following statements :
1. My openwrt device get the Internet link with the eth0 interface using DHCP2. I created a bridge on my wlan0 interface to be able to broadcast two SSID : (wifi-a & wifi-b)
3. On wifi-a : a DHCP server is running pool 172.17.42.100-200 gw 172.18.42.1
4. On wifi-b : a DHCP server is running pool 172.18.42.100-200 gw 172.18.42.1
5. I have two VPS where I installed openvpn : PublicIP-1 & PublicIP-2
6. I run on my device two openvpn client to public-IP-1 (tun0) and to public-IP-2 (tun1)
7. Finally I nated wifi-a subnet to tun0 and wifi-b subnet to tun1 with the following iptables rules :
iptables -t nat -A POSTROUTING -s 172.17.42.0/24 -o tun0 -j MASQUERADE iptables -A FORWARD -s 172.17.42.0/24 -o tun0 -j ACCEPT iptables -A FORWARD -d 172.17.42.0/24 -m state --state ESTABLISHED,RELATED -i tun0 -j ACCEPT iptables -t nat -A POSTROUTING -s 172.18.42.0/24 -o tun1 -j MASQUERADE iptables -A FORWARD -s 172.18.42.0/24 -o tun1 -j ACCEPT iptables -A FORWARD -d 172.18.42.0/24 -m state --state ESTABLISHED,RELATED -i tun1 -j ACCEPT
Below my interface details :eth0 inet addr:192.168.0.10 Bcast:192.168.0.255 Mask:255.255.255.0 br-wifi-a inet addr:172.17.42.1 Bcast:172.17.42.255 Mask:255.255.255.0 br-wifi-b inet addr:172.18.42.1 Bcast:172.18.42.255 Mask:255.255.255.0 tun0 inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255 tun1 inet addr:10.9.0.6 P-t-P:10.9.0.5 Mask:255.255.255.255
My route table :Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 10.8.0.1 10.8.0.5 255.255.255.255 UGH 0 0 0 tun0 10.8.0.5 * 255.255.255.255 UH 0 0 0 tun0 10.9.0.1 10.9.0.5 255.255.255.255 UGH 0 0 0 tun1 10.9.0.5 * 255.255.255.255 UH 0 0 0 tun1 [PublicIP-VPS-1] 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 [PublicIP-VPS-2] 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 172.17.42.0 * 255.255.255.0 U 0 0 0 br-wifiA 172.17.42.0 * 255.255.255.0 U 0 0 0 br-wifiB 172.22.42.0 * 255.255.255.0 U 0 0 0 br-lan 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
**Quick debug :**ping google.com -I tun1 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=43 time=29.665 ms ping google.com -I tun0 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=43 time=30.277 ms ping google.com -I eth0 PING google.fr (108.177.119.94): 56 data bytes 64 bytes from 108.177.119.94: seq=0 ttl=42 time=17.860 ms ^CAgain, I think it's routing issue but I am maybe to much tired to see my mistake. Can you help me to debug this ?
Thanks for your help guys, -
Hey Guys,
I need to install the packages mwan3 and luci-app-mwan3 to be able to manage a multi WAN configuration with my pineapple.
Do you know how I can fix / bypass this opkg error ?Quote# opkg install mwan3
Installing mwan3 (1.6-2) to root...
Downloading http://downloads.openwrt.org/chaos_calmer/15.05/ar71xx/generic/packages/packages/mwan3_1.6-2_all.ipk.
Multiple packages (kmod-ipt-core and kmod-ipt-core) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (kmod-ipt-core and kmod-ipt-core) providing same name marked HOLD or PREFER. Using latest.
Multiple packages (kmod-ipt-conntrack and kmod-ipt-conntrack) providing same name marked HOLD or PREFER. Using latest.
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies for mwan3:
* kernel (= 3.18.20-1-7bed08fa9c06eb8089e82c200340ec66) * kernel (= 3.18.20-1-7bed08fa9c06eb8089e82c200340ec66) * kernel (= 3.18.20-1-7bed08fa9c06eb8089e82c200340ec66) *
* opkg_install_cmd: Cannot install package mwan3.
of course I did a opkg update before to try to install this package
Any idea / suggestions ?
Routing issue - Multi AP to Multi VPN
in WiFi Pineapple TETRA
Posted
Well to fix the setup you will need to implement a "routing policy"
It's something you can do using ip route
If there's interested people, I will try to take the time make an article/post about the full details of this setup
But I need time to fix some stuff, I don't like share stuff until it's not perfect (for me) :)
Oh I have two additionally questions :
- I am not an openwrt expert. Is there a way or anybody already try to patch the latest firmware of openwrt on the pineapple ? Is it working ? Is an "hak5' official procedure" exists ?
- Finally, I have a question about the nano basic : Exist it a way to get an _ethernet_ link using the pineapple nano ?
Have nice day