[drspringfield]

I'm having trouble setting up an iptables ROUTE tee on my DD-WRT v24-sp2 (10/10/09) micro (SVN revision 13064), on WRT54g v5.

The router is currently set up in client bridge mode (followed http://www.dd-wrt.com/wiki/index.php/Client_Bridged exactly). The network setup is:

<system A> --- <dd-wrt> - - - <wifi router> --- <system B>

I'd like to monitor the traffic between system A and system B, and system A and the internet. My monitoring system is also connected to the dd-wrt by wired or wireless connection. I've been running, e.g.:

iptables -t mangle -A POSTROUTING -d 192.168.1.66 -j ROUTE --tee --gw 192.168.1.77

(192.168.1.66 is system A, 192.168.1.77 is my monitoring system)

However, subsequently running "iptables -t mangle -L" shows nothing. I'm able to ping 192.168.1.66 and 192.168.1.77 from the router.

I'd install tcpdump if I could, but I can only use micro on my v5, so that's a no-go.

Any ideas? I think it probably has something to do with operating in client bridge mode.

[phuzi0n]

1 - Read the forum announcements, that's a bad build to be using.
2 - Micro builds don't have the ROUTE target among many many other things. 2MB flash is just way to restrictive for most features.
3 - I don't think it would work on a CB anyways. For starters, iptables only sees routed traffic by default, not bridged. You can get iptables to see bridged traffic by loading ebtables but CB/RB are hacky modes and I think that the wireless driver itself does the ARPNAT hacks on Broadcom hardware so even with ebtables loaded I don't don't if it would actually work.

You should try to find a hub or maybe a wireless adapter capable of monitor mode.