[Snort-users] Unable to add port mirroring iptables commands to Buffalo DD-WRT wireless router

Teo En Ming teo.en.ming at ...11827...
Thu Apr 3 07:25:18 EDT 2014


Dear Bill Parker,

I can't find any dd-wrt mailing list. Could you provide me with the 
URL/link to the dd-wrt mailing list subscription page?

Thank you very much.

-- 
Yours sincerely,

Teo En Ming



On 03/04/2014 01:39, Bill Parker wrote:
> In searching the DD-WRT mailing list as of October 2013:
>
> Different builds have different iptables modules and it appears that 
> your build is missing the ROUTE target module. Try a recent build for 
> your model and see if it has been included, if not then ask for it on 
> trac.
>
> You may need to get updated firmware, and since you now have a DD-WRT 
> router, I'd also suggest subscribing to the DD-WRT mailing list for 
> the latest information.
>
> Bill
>
>
> On Wed, Apr 2, 2014 at 10:17 AM, Bill Parker <wp02855 at ...11827... 
> <mailto:wp02855 at ...11827...>> wrote:
>
>     I'll have to research this, the tee command may have been modified
>     from the version of iptables I have in my firmware.
>
>
>     On Wed, Apr 2, 2014 at 9:09 AM, Teo En Ming <teo.en.ming at ...11827...
>     <mailto:teo.en.ming at ...11827...>> wrote:
>
>         Dear Bill Parker,
>
>         root at ...16768...:~# iptables -V
>         iptables v1.3.7
>
>
>         -- 
>         Yours sincerely,
>
>         Teo En Ming
>
>
>         On 03/04/2014 01:11, Bill Parker wrote:
>>         I will need to do some research on this, what version of
>>         IPtables does the router have in it's firmware?
>>
>>         iptables -V or iptables -v
>>
>>         Bill
>>
>>
>>         On Wed, Apr 2, 2014 at 7:19 AM, Teo En Ming
>>         <teo.en.ming at ...11827... <mailto:teo.en.ming at ...11827...>> wrote:
>>
>>             Dear Bill Parker,
>>
>>             I just bought my Buffalo DD-WRT wireless router today.
>>             The model is WZR-HP-G300NH2.
>>
>>             I flashed the firmware of the Buffalo wireless router to
>>             the latest DD-WRT v24 SP2 29 Mar 2014 Build 23838.
>>
>>             When I tried to execute the 2 iptables commands in your
>>             guide, the iptables rules were not inserted into the
>>             mangle table.
>>
>>             ===DD-WRT console===
>>
>>             teo-en-ming at ...16766...:~$ ssh -l root 192.168.1.1
>>             DD-WRT v24-sp2 std (c) 2014 NewMedia-NET GmbH
>>             Release: 03/29/14 (SVN revision: 23838)
>>             root at ...16767... <mailto:root at ...16767...>'s password:
>>             ==========================================================
>>
>>              ____  ___    __        ______ _____         ____  _  _
>>              | _ \| _ \   \ \      / /  _ \_ _| __   _|___ \| || |
>>              || | || ||____\ \ /\ / /| |_) || |   \ \ / / __) | || |_
>>              ||_| ||_||_____\ V  V / |  _ < | |    \ V / / __/|__   _|
>>              |___/|___/      \_/\_/  |_| \_\|_|     \_/ |_____|  |_|
>>
>>                                    DD-WRT v24-sp2
>>             http://www.dd-wrt.com
>>
>>             ==========================================================
>>
>>
>>             BusyBox v1.22.1 (2014-03-29 04:46:44 CET) built-in shell
>>             (ash)
>>             Enter 'help' for a list of built-in commands.
>>
>>             root at ...16768...:~# iptables -A PREROUTING -t mangle -j ROUTE
>>             --gw 192.168.1.40 --tee
>>             root at ...16768...:~# iptables -A POSTROUTING -t mangle -j ROUTE
>>             --gw 192.168.1.40 --tee
>>             root at ...16768...:~# iptables -t mangle -L
>>             Chain PREROUTING (policy ACCEPT)
>>             target     prot opt source     destination
>>             MARK       0    --  anywhere
>>             227.63.156.175.unknown.m1.com.sg
>>             <http://227.63.156.175.unknown.m1.com.sg>  MARK or 0x80000000
>>             CONNMARK   0    --  anywhere     anywhere CONNMARK save
>>
>>             Chain INPUT (policy ACCEPT)
>>             target     prot opt source     destination
>>
>>             Chain FORWARD (policy ACCEPT)
>>             target     prot opt source     destination
>>
>>             Chain OUTPUT (policy ACCEPT)
>>             target     prot opt source     destination
>>
>>             Chain POSTROUTING (policy ACCEPT)
>>             target     prot opt source     destination
>>             root at ...16768...:~# uname -a
>>             Linux DD-WRT 3.10.35-rc1 #7178 Sat Mar 29 04:45:44 CET
>>             2014 mips GNU/Linux
>>             root at ...16768...:~# which gcc
>>             root at ...16768...:~# which make
>>
>>             ===End of DD-WRT console===
>>
>>             How do I rectify this problem?
>>
>>             Thank you very much.
>>
>>             -- 
>>             Yours sincerely,
>>
>>             Teo En Ming
>>
>>
>
>
>
>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140403/6dcf149f/attachment.html>


More information about the Snort-users mailing list