Setting Up Computer For The Jasager

[Steed]

Ok, so i was really inspired by the Jasager project. I wanted to build one. But i already had this old Linksys wrt54g that got hit by lightning a couple years ago (the Internet in Ethernet port wont work). Its a version 6 so i wont be able to put open-wrt on it, but i think it can still serve its purpose.

since i don't have the open-wrt i can still set it up with an SSID like "free Internet" or give it the same SSID as the coffee shop, or wherever i demo, and make it enticing for the victim to pick the connection with the stronger signal. Since there is no Internet port, i will have to use the router in router mode and not gateway mode. I have tested this out, if i plug a port from my router with Internet, to my to a port on my "Jasager" router, i get a signal, and Internet flows happily. if i rig Internet to come out of my Ethernet port, it works when i plug a device right in, it gets an IP and all that jazz, but the router does not function.

let me lay out what i am trying to accomplish visually:

[COFFEE SHOP]

{coffee shop Internet} ---)) ((--- {my laptop} ------ {FAKE coffee shop Internet} ---)) ((--- {person happily cruising the web}

I spent hours the past two combing old tutorials and Google and what have you, searching for a way to beam my internet from my wireless card over to my Ethernet port.

In a truly perfect dream scenario, i would like to take the Internet that i get from my wireless card, and pipe that over to the Ethernet port. So if i connect to the Internet and get IP 192.168.1.109 with my wireless card, i want to be able able to run the commands/script and make whatever i plug into the Ethernet have that IP /connection instead.

oh yeah, forgot to mention, I'm running Ubuntu 10.04.

I was thinking, since this seems like a problem i would run into anyway, thought i would ask over here on the Hak5 forums, Darren sure talks them up. :)

cheers.

[digininja]

Set the AP up to act as a bridge so the wifi and the wired are bridged then on your laptop bridge the wired and wifi (assuming you get your real internet from wifi) then setup the DHCP server to give an IP on the right subnet with the gateway and DNS server you get from your real connection. The standard DHCP server you get with a linux distro does this fairly easily.

That will put all the devices on the same subnet and the traffic should just flow from the surfer through the wifi to the AP out the wired, through you and out to the net.

[Steed]

Set the AP up to act as a bridge so the wifi and the wired are bridged then on your laptop bridge the wired and wifi (assuming you get your real internet from wifi) then setup the DHCP server to give an IP on the right subnet with the gateway and DNS server you get from your real connection. The standard DHCP server you get with a linux distro does this fairly easily.

That will put all the devices on the same subnet and the traffic should just flow from the surfer through the wifi to the AP out the wired, through you and out to the net.

ok, this sounds about rights now im going to document what i do, both so you can understand whats going on and so that others can learn from it as well. so here we go:

first i need to set the AP up so that it is a router and not a gateway, since this is a Linksys wrt54g v6, i am going to the settings tab and then hitting the advanced routing button, and changing it from from 'Gateway' to 'Router'. I am also changing the local IP (on the main setup page) to 192.168.1.2 because my router (with internet) in my house is 192.168.1.1. I tested this all out by connecting an ethernet cable to the from one port (not the internet port) to a similar port on the other router. now when i connect to the Victims router (hence forth known as the pineapple) i get an IP and internet and its all dandy. now, i just need to stick myself in the middle.

Ok this step throws me for a loop, now i have done tons of reading on the subject, and from what i understand this is the best i can come up with. Im not sure if i need to take the others down first or not, the following code seems to work only for a few seconds and then my wireless starts to mess stuff up.

brctl addbr br0
brctl addif eth0
brctl addif wlan0
ifconfig br0 up

it seems that when wlan0 is part of a bridge it can never get a signal, and it will repeatedly ask me for my wpa key, but never actually connects.

anyway carrying on with the rest of the advice:

i need to set up a dhcp server to pass out IPs. Im not totally sure why i need to do this, if i am just passing the internet right in the Ethernet and out the wireless, i would think that the victim would get their IP from the pineapple router. But I am not going to second guess Digininja, he is much more versed in network programming than I so here it goes-

i cant find out how to use my standard dhcp server, so im going to go get one:

steed@UBUNTU-BOX:/$ sudo apt-get install dhcp3-server
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Suggested packages:
  dhcp3-server-ldap

...

Processing triggers for man-db ...
Processing triggers for ureadahead ...
ureadahead will be reprofiled on next reboot
Setting up dhcp3-server (3.1.3-2ubuntu3) ...
Generating /etc/default/dhcp3-server...
 * Starting DHCP server dhcpd3                                                   * check syslog for diagnostics.
                                                                         [fail]
invoke-rc.d: initscript dhcp3-server, action "start" failed.

steed@UBUNTU-BOX:/$ sudo nano /etc/default/dhcp3-server

i just put eth0 (my ethernet connection) in quotes

now i will make a backup of the configuration:

cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf_orig
sudo nano /etc/dhcp3/htcpd.conf

in nano i added:

ddns-update-style none;

option domain-name-servers 208.67.222.222, 208.67.220.220;

default-lease-time 86400;
max-lease-time 604800;

authoritative;

subnet 192.168.1.0 netmask 255.255.255.0 {
        range 192.168.1.200 192.168.1.229;
        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.1.255;
        option routers 192.168.1.1;
}

and finally

/etc/init.d/dhcp3-server restart

Ok that takes care of the DCHP server.

now all that remains is for somebody to please explain to me how a bridge works, i can not get it working for the life of me. :-(

Edited August 27, 2010 by Steed

[Steed]

UPDATE:

ok, so i got fed up with not understanding how bridges work, and moved on to my hardware. My linksys wrt54g v6 is now running DD-WRT, i would want to put OpenWRT to get the Jasager running, without having to re-write it for ddwrt.

thing is, my device was able to be flashed to ddwrt, but not openwrt, i dont know too much about the architure of routers, but i would think with both of them being open source, that once one cracked it the other would follow.

anyway, would it be possible to flash from dd-wrt to openwrt? i have seen it be possible, but im not going to chance it without seeing why it is capable.

[digininja]

Flashing is flashing, it should be if you can get one firmware on you can ge any on. Did you check the list of supported devices on the OpenWrt site? Quite a lot of the Linksys devices aren't supported.

You won't get Jasager on the Linksys, the wifi drivers are for a different chipset and the website relies on the drivers being in place.

[Steed]

Flashing is flashing, it should be if you can get one firmware on you can ge any on. Did you check the list of supported devices on the OpenWrt site? Quite a lot of the Linksys devices aren't supported.

You won't get Jasager on the Linksys, the wifi drivers are for a different chipset and the website relies on the drivers being in place.

well thats fine, none the less, i am having one hell of a time trying to set up a transparent bridge, seems like nothing i do works.

if anybody has any information or suggested further reading on this very simple task it would be awesome.

[digininja]

Assuming on your laptop you have

wlan0 your internet connection

eth0 your wired connection

and on AP

wlan0 connection you are sharing

eth0 wired connection to laptop

on laptop

brctl addbr br0

brctl addif br0 eth0

brctl addif br0 wlan0

on AP

brctl addbr br0

brctl addif br0 eth0

brctl addif br0 wlan0

And you might need to do

echo 1 > /proc/sys/net/ipv4/ip_forward

on each device but probably not as that is for NATing and not bridging

[Steed]

aye, this was my thinking when i started this. this is the code i ran:

eth0 is my ethernet and wlan0 is my wireless. 192.168.1.1 is the router in my house with the internet. 192.168.1.153 is just a sample IP i grabbed. now i cant think of a reason why this would not work, and it seems nobody else is having any problems with this.

ifconfig wlan0 down

ifconfig eth0 down

ifconfig eth0 promisc 0.0.0.0 up

ifconfig wlan0 promisc 0.0.0.0 up

brctl addbr br0

brctl addif br0 eth0

brctl addif br0 wlan0

ifconfig br0 192.168.1.153 netmask 255.255.255.0 up

route add default gw 192.168.1.1

as for the access point, it works fine. when i run an ethernet cable from my ninja AP, to the the rounter in the house, connect to the ninja with the laptop, i get internet. now i just want to pipe Internet out my ethernet port so i can supply internet to ninja AP. i dont need to be able to access the internet while bridging.

im going to keep researching.

[digininja]

I wouldn't put the promisc in the ifconfig lines, the rest of it looks ok though.

Fire up tcpdump on each interface of the trail and see where traffic is getting to.

[Steed]

ok followed my steps above, with no promisc, and connected to the router, and tried to access the internet, obviously i failed. here is the tcpdump of eth0:

http://pastebin.com/erRUJZL8

and here is wlan0:

http://pastebin.com/V3b07xwx

im not sure how to read them, or diagnose my problem.