I have an ASUS RT N53 router, running the default firmware (Linux 2.6.22 with busybox and uclibc). I need to capture data packets from some Wi-Fi devices I have connected to that router (iPad and some smartphones), but the router is not forwarding any package coming from Wi-Fi devices to the Ethernet Ports. Any idea how can I proceed? Available tools in the router are iptables (no tee option, though), ebtables, brctl…
Currently the ethernet and Wifi devices are forming a bridge:
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.50465dc06be2 no vlan0
eth1
No ebtables rules:
# ebtables -L
Bridge table: filter
Bridge chain: INPUT, entries: 0, policy: ACCEPT
Bridge chain: FORWARD, entries: 0, policy: ACCEPT
Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
Best Answer
You cannot simply do that with those tools. If the traffic is between the Asus box & a wifi device, that traffic will never get bridged to the Ethernet interface.
What you can do:
Capture the traffic on the Asus box (running tcpdump there), and copy the resulting dump file to your workstation,
Use one device as the wifi - Ethernet bridge (an Access Point), and another as the default router for the wifi devices. So you either turn off the routing in the Asus box and put another router to the Ethernet LAN, or you turn off the wifi radio in the Asus box and put a bridge-mode AP without any routing functionality.