Putting A Pineapple Between Router And Modem

[Ploxors]

Hey guys, this looks like it will probably be an iptables question.

How can I set up my pineapple to work if I want to put it inline between a home wifi router, and the cable modem it plugs into. Note that this is completely ignoring the wifi.

Basically I just want to inspect the traffic going across the line. I'll do my own scripting with that later,

Should I be plugging the modem into WAN, then the routers wan port into LAN on the pineapple?

Or should I be plugging the routers wan port into the LAN port of the pineapple, then the cable mode into the WAN port?

I've tried both, but neither will work out of the box, so now I'm guessing I will have to edit some iptables.... Which I have never done before.... So basically im just looking for advice here

Thanks everyone :)

[sober]

you want it going into the poe lan of the pineapple and wan port out assuming only reason your not using a normal box is the fact you want to monitor your traffic going across the network? you will see alot of well junk coming in as well btw

in any case try the network manager module from the pineapple bar, also you may need to change settings on the router, the pineapple trys to send data to a 172. address and the router is probably a 192 or a 10

check these settings and if you are still having problems i will go troubleshoot it on my home network and post my findings :)

[condor]

issue these commands:

iptables -A FORWARD -i eth1 -o wlan0 -s 172.16.42.0 -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
[/CODE]

THEN plug modem into WAN/wifi router into LAN

should work, if not, post your routing table from the pineapple webgui

[PineDominator]

this should be easy once the interceptor is in the firmware, my thoughts are is all networking settings on the poe/lan and wan/lan need to be disabled/removed leaving the wifi as a way to log into and administrator the pineapple then both ethernet ports need to be bridged between each other.

don\t ask me how to do this I am not an iptable/networking expert.

Warning this may require serial connection to fix.

Edited August 10, 2012 by petertfm

[digininja]

Plug either into either then simply bridge the two interfaces, something like

brctl addbr br0

brctl addif br0 eth0

brctl addif br0 eth1

You can then sniff on br0 and that will show you all the traffic.

[telot]

hehe sniff the br0 dude

though most bro's I know don't like being sniffed by nerds like I us.

telot

[condor]

though most bro's I know don't like being sniffed by nerds like I us.

telot

***looks over shoulder***

Plug either into either then simply bridge the two interfaces, something like

brctl addbr br0

brctl addif br0 eth0

brctl addif br0 eth1

You can then sniff on br0 and that will show you all the traffic.

wouldn't one of those need to use dhclient? how does brctl know which interface should accept an ip, and which interface should hand one out? (in this case eth0/1)

Forgive me if this is a crazy (stupid question?) as I just fart my way into most of this knowledge.....

[PineDominator]

the bridge interface is just passing along the data between eth0 and eth1.

the router will ask the modem for an ip

[digininja]

The bridge basically hardwires the two interfaces together. It doesn't need an IP itself it is just passing data back and forth.

[governor]

Something similar I played with my AP121-U last weekend. I love my Pineapple and don't want to spoil it, therefore got a spare AP121U to play with :). The inline sniffer works like a charm. Performance up to ~9-9.5mbit so far. will try to tweak up if technically possible. let's see.

http://blog.kadiralt...etwork-sniffer/

Edited August 15, 2012 by governor

[digininja]

Condor, this is the way I implemented it as part of the Interceptor - http://www.digininja.org/interceptor/

[potato]

When I run brctl addif br0 eth0 it complains that the device or resource is busy even after bringing it down and back up

[digininja]

it will do if br0 is up, don't bring it up till you are ready to use it

[PineDominator]

When I run brctl addif br0 eth0 it complains that the device or resource is busy even after bringing it down and back up

have you tried running those commands with eth0 down?

[potato]

have you tried running those commands with eth0 down?

yes, it still complains

[PineDominator]

yes, it still complains

sorry, did you see digininjas reply?

[digininja]

it doesn't matter the state of eth0, here my eth0 is up

# brctl addbr br0

# brctl addif br0 eth0

It is br0 that you can't modify if it is up

[potato]

I rebooted the pineapple and now it works

[PineDominator]

I rebooted the pineapple and now it works

"Have you tried turning it off and on again?" Love IT Crowd

[potato]

Has anyone actually got this working? I got the bridge to work but when I plug the modem into WAN and the router into LAN the pineapple isn't forwarding anything. I will look into thisand see if it works.

EDIT : I ran the commands above to set iptables to do the forwarding and it works this way Then If you sniff on eth1, when you analyse the pcap later everything shows up as coming to or from your public ip.

Edited August 16, 2012 by cscash241