[Snort-users] Unable to add port mirroring iptables commands to Buffalo DD-WRT wireless router

Teo En Ming teo.en.ming at ...11827...
Wed Apr 2 10:19:13 EDT 2014


Dear Bill Parker,

I just bought my Buffalo DD-WRT wireless router today. The model is 
WZR-HP-G300NH2.

I flashed the firmware of the Buffalo wireless router to the latest 
DD-WRT v24 SP2 29 Mar 2014 Build 23838.

When I tried to execute the 2 iptables commands in your guide, the 
iptables rules were not inserted into the mangle table.

===DD-WRT console===

teo-en-ming at ...16766...:~$ ssh -l root 192.168.1.1
DD-WRT v24-sp2 std (c) 2014 NewMedia-NET GmbH
Release: 03/29/14 (SVN revision: 23838)
root at ...16767...'s password:
==========================================================

  ____  ___    __        ______ _____         ____  _  _
  | _ \| _ \   \ \      / /  _ \_   _| __   _|___ \| || |
  || | || ||____\ \ /\ / /| |_) || |   \ \ / / __) | || |_
  ||_| ||_||_____\ V  V / |  _ < | |    \ V / / __/|__   _|
  |___/|___/      \_/\_/  |_| \_\|_|     \_/ |_____|  |_|

                        DD-WRT v24-sp2
                    http://www.dd-wrt.com

==========================================================


BusyBox v1.22.1 (2014-03-29 04:46:44 CET) built-in shell (ash)
Enter 'help' for a list of built-in commands.

root at ...16768...:~# iptables -A PREROUTING -t mangle -j ROUTE --gw 
192.168.1.40 --tee
root at ...16768...:~# iptables -A POSTROUTING -t mangle -j ROUTE --gw 
192.168.1.40 --tee
root at ...16768...:~# iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
MARK       0    --  anywhere 227.63.156.175.unknown.m1.com.sg  MARK or 
0x80000000
CONNMARK   0    --  anywhere             anywhere CONNMARK save

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
root at ...16768...:~# uname -a
Linux DD-WRT 3.10.35-rc1 #7178 Sat Mar 29 04:45:44 CET 2014 mips GNU/Linux
root at ...16768...:~# which gcc
root at ...16768...:~# which make

===End of DD-WRT console===

How do I rectify this problem?

Thank you very much.

-- 
Yours sincerely,

Teo En Ming





More information about the Snort-users mailing list