Bridging With Linux

[Demo]

Hello, I have posted this question in the backtrack forum, but it was suggested that I bring it up here since it's dealing with a fon.

I have done some research on how to share my wireless connection with the ethernet port on my laptop, but I have ran into some problems and I'm looking for further support.

I installed backtrack on the HDD so it's persistent. I connect to my home router using my wireless card and I want to enable ICS on the ethernet port so I can connect a Fonera router that I have.

1- Once I boot into backtrack and run ifconfig I get the lo interface listed.

2- I run this command which brings up eth0 and wlan0

/etc/init.d/wicd start

3- I connect to the internet and able to access all websites. My wlan0 IP is 192.168.1.X

4- I set a static IP to my eth0 using:

sudo ifconfig eth0 192.168.0.1 subnet 255.255.255.0

4-1 I checked and I verified that the IP address and subnet are set as I requested

5- I plug in the Fonera router to the ethernet port and run the following commands in this exact order:

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
iptables -X
iptables -F
iptables -A FORWARD -i wlan0 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE
route del default
route add default gw 192.168.1.X wlan0

(where 192.168.1.X is the IP from wlan0)

Those are all the steps that I followed so far, and so far no luck.

I noticed that I can't be connected to both the wired and wireless connection at the sametime. So if I need to go online I need to go to the wicd manager and connect to the wireless and if I need to access the fonera router I need to connect to wired connection which then disconnects me from the wireless.

Note: I have gathered this information from different forum posts thanks to google. I am not sure if it applies to BT4 or not

My questions are:

What am I missing?

Am I doing those steps in the right order?

How can I get to connect to both the wlan0 and eth0 at the same time so I can pass the internet connection to the Fonera on the other end?

I think the problem I'm having is not with the fon (at the moment), but with how I'm setting up the bridge between wlan0 (wireless) and eth0 (ethernet).

I can't access the fon while being connected to the internet using wlan0. When I disconnect from the wireless and connect the wired connection through the wicd gui I can access the fon box and I can access webif and Karma, but once I connect to the wireless I lose the connection the ethernet.

I also noticed that I don't have a br0 interface, could that be the problem?

Edited March 17, 2010 by Demo

[misfitsman805]

Well if you are using Backtrack 4 Final then this guide might work fine for you since Backtrack is Ubuntu based now.

Ubuntu ICS

[sandred]

Here .. This might help you. Post back here if you have any problems as I definitely got that working.

[Demo]

Hey, Thanks for the quick replies...I'm still having some problems.

I followed the link http://karmetasploit.com/archives/55

My dhcp and the network files are exactly the same the examples in the link

before doing anything I used this line to enable wicd manager. Then launched the wicd gui and entered my AP's wpa2 key and was able to go online just fine.

/etc/init.d/wicd start

next step I followed is in backtrack I wrote

ifconfig eth0 192.168.0.1 netmask 255.255.255.0
echo '1' > /proc/sys/net/ipv4/ip_forward
iptables -X
iptables -F
iptables -A FORWARD -i wlan0 -o eth0 -s 192.168.0.0/24 -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE
route del default
route add default gw 192.168.1.2 wlan0

and I pinged the fon and got replies back (so that means my eth0 is connected to the fon ok)

I ssh into the fon and tried to ping www.yahoo.com and 8.8.8.8 and the results were 100% packet loss.

I then tried to go online and found out that I was disconnected from the wireless and that's why the fon wasn't pinging the outside world.

Back to the original problem, It seems that I'm unable to maintain both the wlan0 and eth0 at the same time. I only can connect to one of them at a time.

should I set my wlan0 (wireless) to master mode or something? or am I doing something wrong still?

[sandred]

Hey, Thanks for the quick replies...I'm still having some problems.

I followed the link http://karmetasploit.com/archives/55

My dhcp and the network files are exactly the same the examples in the link

before doing anything I used this line to enable wicd manager. Then launched the wicd gui and entered my AP's wpa2 key and was able to go online just fine.

/etc/init.d/wicd start

Back to the original problem, It seems that I'm unable to maintain both the wlan0 and eth0 at the same time. I only can connect to one of them at a time.

should I set my wlan0 (wireless) to master mode or something? or am I doing something wrong still?

Do not use wicd or wicd-client. If I remember it correctly wicd disconnects you from either one of them as soon as you connect to other. So if you want to test it and still want to use wicd, connect to internet as you normally do using wicd then right click on wicd client icon and completly exit it. Then test if you are still connected to internet. After that bring eth0 up using above commands and u should be fine. I believe if you dont exit wicd before bringing eth0 up it will disconnect u from wlan0. I think but I am not sure. try it.

[Demo]

Well I'm not emotionally attached to to wicd, so if I have to eliminate it from my use I will, just give me an alternative to connect to the wireless with WPA2

If I remember it correctly wicd disconnects you from either one of them as soon as you connect to other

and you remember correctly, that's the problem I'm having now. Once I connect to one the other one disconnects. Now I don't know if I'm using wicd or wicd-client. All I do is type

/etc/init.d/wicd start

then go to internet menu and click on wicd manager which launches the gui.

I will try it now and report back in 10 minutes.

[Demo]

Ok, so I started with enabling wicd. Next I connect to my home AP. I started pinging yahoo.com and all looks ok. I then closed the wicd gui and the ping test running just fine. Next I brought up eth0 and for the first time I can see that I'm still connected to the internet after running the command ( I saw it before in the gui where when I ran eth0 command and i was disconnected from the wireless.

Well all the steps ran smooth until I reached the one to add the default gw 192.168.0.2.. I saw the pings stopping so I cleared the route and changed the gw to 192.168.1.1 and the pings restored!!!

I'm finally able to access the fon and the internet at the same time, and I'm able to ping yahoo.com and 8.8.8.8 from the fon while maintaining my connection to the internet. Who knew that leaving a gui window open can cause all this problem.

Thanks a lot sandyreddy for sticking around and helping me.

one last question, I got Karma enabled and I can see a mac address in the connected clients box, however no ip address. From my understanding the fon needs to be the dhcp server to handout the ip addresses. well how can I achieve that?

I read about this command

usr/sbin/dnsmasq -K -d -F 192.168.0.100,192.168.0.200

but when I ran it I got a msg saying

dnsmasq: can't open or create lease file /var/lib/misc/dnsmasq.leases: No such file or directory

Do I have to install something inside the fon? and will it mess up the ics I got setup today??

[echoblack]

You can use the script I wrote to do this. You can also read thought the script to see how it is done.

Best HowTo - Setup Internet Connection Forwarding on "Linux" & Jasager

http://forums.hak5.org/index.php?showtopic=15200

[Demo]

echoblack,

I was actually thinking about using this script, but I was keeping it last. I guess I wanted to do the manual work myself and figure out what each command does. I noticed you always update it (it jumped from 0.4 to 0.6 in two days) so great job man .

My last obstacle is running the dhcp on the fon. and hopefully I will get feedback soon.

[echoblack]

Owe, also you should have no problem connecting to the fon. You should not be switching to the eth0 interface. You can connect to a different subnet just fine. Set the iptables rules, set the route, and plug in the fon.

with the fon configured like this.

10.110.0.1 is the eth0 on laptop

10.110.0.2 is the fon

----------------------------------------------------

To get the DHCP working from the fon you need to edit the /etc/config/dhcp Configuration file. So, it looks like this.

config 'dnsmasq'
    option 'domainneeded' '1'
    option 'boguspriv' '1'
    option 'filterwin2k' '0'
    option 'localise_queries' '1'
    option 'local' '/lan/'
    option 'domain' 'lan'
    option 'expandhosts' '1'
    option 'nonegcache' '0'
    option 'authoritative' '1'
    option 'readethers' '1'
    option 'leasefile' '/tmp/dhcp.leases'
    option 'resolvfile' '/tmp/resolv.conf.auto'

config 'dhcp' 'lan'
    option 'interface' 'lan'
    option 'start' '100'
    option 'limit' '150'
    option 'leasetime' '720m'
    option 'ignore' '0'
    list 'dhcp_option' '3,10.110.0.1' # This is the IP address of . .
     #.  . The Host Laptop's Net-Interface acting as GW
    list 'dhcp_option' '6,10.110.0.2,8.8.8.8' # This is Option 6 define the DNS server, . .
     # .  . Then IP of Pineapple, Then Googles DNS IP

config 'dhcp' 'wan'
    option 'interface' 'wan'
    option 'ignore' '1'
    option 'start' '100'
    option 'limit' '150'
    option 'leasetime' '720m'

Then Navigate to the Webif Admin Web Page of Network/Networks i.e.

http://<IP ADDRESS OF YOUR PINEAPPLE AT THIS TIME>/cgi-bin/webif/network.sh

OK Now, Fill in the input fields with this information. . .

CODE

Connection Type = Static IP

Type = Bridged

IP Address = 10.110.0.2

Netmask = 255.255.255.0

Default Gateway = 10.110.0.1

Lan DNS servers = Leave Blank Or Set To 10.110.0.2

NOTE: Make sure there is not 10.110.0.1 in the DNS box or Anything ells It will mess things up.

Now, hit the "Save Changes" Button then Apply Changes at the bottom.

It probably will not reconnect so just let it sit for like 5min's then Power Cycle

Edited March 18, 2010 by echoblack

[Demo]

config dnsmasq
option domainneeded     1
option boguspriv        1
option filterwin2k      '0'  #enable for dial on demand
option localise_queries 1
option local    'lan'
option domain   'lan'
option expandhosts      1
option nonegcache       0
option authoritative    1
option readethers       1
option leasefile        '/tmp/dhcp.leases'
option resolvfile       '/tmp/resolv.conf.auto'

config dhcp lan
option interface        lan
option start    100
option limit    150
option leasetime        12h
option ignore 0
list dhcp_option 3,192.168.0.1
list dhcp_option 6,192.168.0.2,208.67.222.222
list dhcp_option 6,192.168.0.2,8.8.8.8

config dhcp wan
option interface        wan
option start 100
option limit 150
option leasetime 12h
option ignore 1
list dhcp_option 3,192.168.0.1
list dhcp_option 6,192.168.0.2,208.67.222.222
list dhcp_option 6,192.168.0.2,8.8.8.8

This is what I have inside my dhcp file, which is similar to your except for the ip adresses, but how can I tell backtrack to not act as a dhcp server and just be a client and the fon will deal with dhcp?

Also I'm curious about this

usr/sbin/dnsmasq -K -d -F 192.168.0.100,192.168.0.200

is this the command to start the dhcp on the fon? or it's not needed?

Out of curiosity, those commands beneath, are they needed? or can by turning karma on the wireless activates?

uci set wireless.wifi0.disabled=0 && and uci commit wireless && wifi

[echoblack]

Hum, I'd put all the options in quotes just to make sure it is accepting everything.

don't have your ISP DNS server in there... i.e. take out this line...

list dhcp_option 6,192.168.0.2,208.67.222.222

Make sure this is the IP of the Internet connected wireless router your wlan0 interface is connected to.

route add default gw 192.168.1.2 wlan0 __"You sure it is not 192.168.1.1?"

get rid of this stuff in /etc/config/dhcp under WAN

list dhcp_option 3,192.168.0.1

list dhcp_option 6,192.168.0.2,208.67.222.222

list dhcp_option 6,192.168.0.2,8.8.8.8

don't run ether of these commads... on anything

uci set wireless.wifi0.disabled=0 && and uci commit wireless && wifi

usr/sbin/dnsmasq -K -d -F 192.168.0.100,192.168.0.200

Go to the WebIf config page and make sure it is set to static IP and go ahead and put 8.8.8.8 in the DNS servers but nothing ells should be in there.

Make sure you are not running any DHCP server on your laptop. If dnsmasq is running then kill it.

sudo /etc/init.d/dnsmasq stop

OR

sudo killall dnsmasq

---------------------------------------------

Owe also, the reason I am using 10.110.0.0/24 as my IP address range is because if your out on the town and your getting your Internet from a Free wireless network.... If that network is on 192.168.0.0/24... the same address block that your Fon is on then it will mess things up.

There is far less of a chance that you will be getting your Internet form a freeWiFi with an IP range in 10.110.0.0/24

Edited March 18, 2010 by echoblack

[Netshroud]

http://forums.hak5.org/index.php?showtopic...mp;#entry149506 is how I got it all working nicely.

[Demo]

route add default gw 192.168.1.2 wlan0 __"You sure it is not 192.168.1.1?"

You're right.. once I put "route add default gw 192.168.1.2 wlan0" I lost pinging, but once I changed it to 192.168.1.1 it all worked fine.

I see you updated your reply since yesterday, and thanks for doing that, it answered all the questions I had in mind.

It makes sense now to use 10.110.0.0/24 as ip range, I will update my settings... thanks for the extra info, i will put it in use on my next day off.

[echoblack]

You're right.. once I put "route add default gw 192.168.1.2 wlan0" I lost pinging, but once I changed it to 192.168.1.1 it all worked fine.

I see you updated your reply since yesterday, and thanks for doing that, it answered all the questions I had in mind.

It makes sense now to use 10.110.0.0/24 as ip range, I will update my settings... thanks for the extra info, i will put it in use on my next day off.

Ya, that IP was the only thing that I thought looked wrong about your setup. I am glad I could help and you got things worked out.

Edited March 19, 2010 by echoblack

[Demo]

Ok, Still running in some problems after using the updated setup.

Here is the updated setup that I use

For the dhcp file inside the fon

config 'dnsmasq'
    option 'domainneeded' '1'
    option 'boguspriv' '1'
    option 'filterwin2k' '0'
    option 'localise_queries' '1'
    option 'local' '/lan/'
    option 'domain' 'lan'
    option 'expandhosts' '1'
    option 'nonegcache' '0'
    option 'authoritative' '1'
    option 'readethers' '1'
    option 'leasefile' '/tmp/dhcp.leases'
    option 'resolvfile' '/tmp/resolv.conf.auto'

config 'dhcp' 'lan'
    option 'interface' 'lan'
    option 'start' '100'
    option 'limit' '150'
    option 'leasetime' '720m'
    option 'ignore' '0'
    list 'dhcp_option' '3,10.110.0.1'
    list 'dhcp_option' '6,10.110.0.2,8.8.8.8' 

config 'dhcp' 'wan'
    option 'interface' 'wan'
    option 'ignore' '1'
    option 'start' '100'
    option 'limit' '150'
    option 'leasetime' '720m'

For the network file:

config 'interface' 'loopback'
	option 'ifname' 'lo'
	option 'proto' 'static'
	option 'ipaddr' '127.0.0.1'
	option 'netmask' '255.0.0.0'

config 'interface' 'lan'
	option 'ifname' 'eth0'
	option 'type' 'bridge'
	option 'proto' 'static'
	option 'netmask' '255.255.255.0'
	option 'macaddr' ''
	option 'ipaddr' '10.110.0.2'
	option 'ip6addr' ''
	option 'gateway' '10.110.0.1'
	option 'ip6gw' ''
	option 'dns' ' 8.8.8.8'

In Webif my settings are:

Connection Type = Static IP
Type = Bridged
IP Address = 10.110.0.2
Netmask = 255.255.255.0
Default Gateway = 10.110.0.1

Lan DNS servers = 8.8.8.8

I'm running backtrack livecd, so in case I mess something up it wouldn't mess a persistent partition. I connect my fon to the NIC

I start wicd

/etc/init.d/wicd start

Connect to my wireless access point then close the wicd gui. I can ping google.

next I run these commands in the exact order

ifconfig eth0 10.110.0.1 netmask 255.255.255.0
echo '1' > /proc/sys/net/ipv4/ip_forward
iptables -X
iptables -F
iptables -A FORWARD -i wlan0 -o eth0 -s 10.110.0.0/24 -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE
route del default
route add default gw 192.168.1.1 wlan0

Still pinging google using my wireless connection. So I SSH to the fon and ping google.com & 8.8.8.8 and getting all the replies back.

To this point I believe all my ICS setup is working correctly and the fon is set up correctly too.

Next step I ran this command to stop any DHCP server running on the backtrack.

sudo killall dnsmasq

(all pings to the wireless connection and from fon still run ok after that last step.

I logged in to Karma (10.110.0.2:1471) and was greeted by a message that

interface ath0 not found

I know that's usual, So i pressed the button to create it and that directs me to the next page where I can see Karma is off.

Here where the problems start, when I turn Karma on nothing happen and the log is clear, well I know that's normal because Karma is not going to kick out people out of their connection so I have to wait for someone to try to connect.

This is the target PC's wireless network connection menu before doing any changes

Instead of waiting for someone to try to connect I went ahead and disconnected from the current AP that the target was connected too and then I refreshed the wireless network connection window (out of curiosity) and I got this

and another refresh and I got this

So my question is why do I get boxes instead of the actual AP name and if you look at the third picture you will see there is even an AP with no name! Actually it's a mix of boxes and actual AP names. It's like the pineapple created a duplicate AP for each AP around me but instead of giving names it gave them boxes.

I would like to note that when the target PC was connected to the AP originally and I did a refresh to see if any AP pop up after turning Karma on, nothing new appeared.

I tried to connect to different networks with boxes as names, and it just says acquiring network address and after a while it changes to limited or no connectivity.

My target PC is running windows XP Pro SP3.

Next I waned to try this on a different OS maybe the problem with the target PC that has XP..

I disconnected the new target PC from the AP and then refreshed the page and I got something different this time; I had another network that has a duplicate name as my home AP and the only difference is it's not secured. I tried to connect to that network manually and this is what I got

&

and when I click diagnose I get this

So this new target has Vista SP2 on it. I doubt this is an OS issue.

Also when I connect to any AP that shows on the connection manager whether in XP or Vista I don't see an IP address in the Karma page. So this is another issue i'm having. I ran all the setup that echoblack advised me to do to have the fon as a dhcp server, but something is missing still (i'm pretty sure it's some mistake of mine)

Sorry for the lengthy post, but I wanted to include as much info as possible. Did anyone had a problem like this before??

______________________________________________________

EDIT:

Instead of digging through the paragraphs to find my questions I will post them here..

1- How can I get the IP addresses to show on the Karma page? Could that cause the clients to not be able to connect and browse (like I showed in the pictures)?

2- Why Does XP show boxes or I will call them characters instead of the actual AP names? and why does it show on the connection manager to start with? Based on my readings through the forums, the pineapple doesn't broadcast SSIDs, so why is it doing so with my example?

4- In Vista I find that I have a duplicate SSID like my AP and difference is it's not secure, so why I'm unable to browse the internet when I connect manually to it?

__________________________________________________

Edit 2:

The issue with the IP address not showing in Karma.. could be caused by my network file inside the fon missing a 'wan' options?

Edited March 21, 2010 by Demo