I tried again to comment redir_command_off so now it looks like
Code:
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT
Also published in etter.conf part based on a recommendation from someone (Google Search) so it now looks like this:
Code:
ec_uid = 0
ec_gid = 0
Unfortunately, the AP user loses connection after inserting.
Code:
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
I even switched my test subjects (laptop and protectors) of the AP and connect again, but still could not connect to the Internet again.Here is a summary of my setup:
dhcpd.conf
Code:
ddns-update-style ad-hoc;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.2.128 netmask 255.255.255.128 {
option subnet-mask 255.255.255.128;
option broadcast-address 192.168.2.255;
option routers 192.168.2.129;
option domain-name-servers 8.8.8.8;
range 192.168.2.130 192.168.2.140;
}
Code:
root@bt:~# airmon-ng start wlan1
root@bt:~# airbase-ng -e "wifi" -c 9 mon0
10:58:27 Created tap interface at0
10:58:27 Trying to set MTU on at0 to 1500
10:58:27 Trying to set MTU on mon0 to 1800
10:58:27 Access Point with BSSID 00:A0:AA:AA:AA:5A started.[/QUOTE]
root@bt:~# ifconfig at0 up
root@bt:~# ifconfig at0 192.168.2.129 netmask 255.255.255.128
root@bt:~# route add -net 192.168.2.128 netmask 255.255.255.128 gw 192.168.2.129
root@bt:~# dhcpd3 -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcp3-server/dhcpd.pid at0
Internet Systems Consortium DHCP Server V3.1.3
Copyright 2004-2009 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Wrote 2 leases to leases file.
Listening on LPF/at0/00:A0:AA:AA:AA:5A/192.168.2.128/25
Sending on LPF/at0/00:A0:AA:AA:AA:5A/192.168.2.128/25
Sending on Socket/fallback/fallback-net
root@bt:~# iptables --flush && iptables --table nat --flush && iptables --delete-chain &&
iptables --table nat --delete-chain &&
iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE &&
iptables --append FORWARD --in-interface at0 -j ACCEPT && echo 1 > /proc/sys/net
ased on what I found on google I need to add two more lines to get etter and sslstrip working with this setup.
Enter each command separately so I can know what drops the connection. First insert
Code:
iptables -t nat -A PREROUTING -p udp -j DNAT --to 192.168.1.1
(The 192.168.1.1 is my home gateway)
After inserting this command my protectors and laptop can surf the Internet.
Code:
Code:
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
Bookmarks