I had an old Linksys E1200 on hand. Things looked a little bleak as the OpenWrt site seemed to indicate there were some issues . However the router noted there was apparently slightly different than mine (I have the Cisco logo) so I thought I'd give it a try.
At the bottom of the Linksys TechData page I found a link to the OpenWrt firmware: openwrt-15.05-brcm47xx-mips74k-linksys-e1200-v2-squashfs.bin and downloaded it (there are other downloads here in case you don't have a V2, etc). Install was easy from the stock Linksys firmware. I was able to easily telnet to IP 192.168.1.1 - a fixed address when plugging the router into my test network, not via DHCP. This also meant it had no clue as to DNS, default router, etc. Surprisingly LuCI came pre-installed with the bin image. I still edited the config file manually.
You'll probably need to use vi to edit the config files if you don't use LuCI:
i - to insert
[esc] :qw - to same and exit
I added only 2 lines to the /etc/config/network file - the gateway and dns settings:
config interface 'lan'
option ifname 'eth0.1'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option gateway '192.168.1.10'
option dns '8.8.8.8'
option ip6assign '60'
Reload the network settings:
/etc/init.d/network reload
Try to ping google.com (or anything on the internet) from the router. If successful, install a few things:
opkg update
opkg install nano # install nano if you don't know VI/VIM very well
opkg install tcpdump # this is the important part that will be called remotely from you client wireshark
On your local Ubuntu:
sudo apt-get install wireshark
sudo mkfifo /tmp/pipe
sudo chmod 777 /tmp/pipe
Or on Windows WSL (Ubuntu on Windows 10):
sudo apt-get install wireshark
sudo apt-get install x11-apps
export DISPLAY=:0 # you may wish you put in this your ~/.bashrc
sudo pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR wireshark
Then for wireshark:
wireshark -k -i /tmp/pipe & ssh root@192.168.1.1 "tcpdump -i any -s 0 -U -w - not port 22" > /tmp/pipe
It should look something like this. There's initially a failure message, but then a few moments later a password prompt. One you login, all the WiFi router packets should be forwarded to the your local network packet capture!
0 $ wireshark -k -i /tmp/pipe & ssh root@192.168.1.1 "tcpdump -i any -s 0 -U -w - not port 22" > /tmp/pipe
[3] 4709
Failed to connect to generic netlink.
root@192.168.1.1's password:
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
For Windows 10 WSL: I downloaded XMing X-windows client. Be careful,there are a lot of fake download links there. If you know of a better place to download XMing or some other Windows X-windows client, please let me know. Despite being 8 years old - XMing seems to work well on Windows 10:
Pinging google from local router |
viewing local router traffic on remote WSL WireShark w/XMing |
- Monitor OpenWRT Traffic with Wireshark
- superuser.com - Open Ubuntu Bash's GUI applications on Windows 10
-
Copyright (c) gojimmypi all rights reserved. Blogger Image Move Cleaned: 5/3/2021 1:35:53 PM