Earlier today I needed to find the quickest and easiest way to monitor all traffic to and from a specific device on my network. The goal was to see how much bandwidth based on a specific amount of time that the device was using. My initial hope was that I could configure port monitoring on my WRT54G running DD-WRT firmware however I quickly found out this is not an option. I eventually settled on adding a couple iptables commands that would send all traffic destined for or sourced from a specific IP address to another IP address. Follow the directions below to add the iptables commands to a router running DD-WRT firmware and then to capture the traffic on a computer running Wireshark.
I have a Linksys WRT54G wireless router running DD-WRT open source firmware. A lot of the work I do requires providing access to clients or coworkers to various devices on my local network. I also view the DD-WRT web interface regularly on the Linksys WRT54G to see what devices it can see on the network via ARP or IP. A lot of the time when I attempt to connect to the web server which is only running HTTPS on port 443 the connection via my browser will just hang or simply won’t make a connection at all. During the times when I am unable to open the DD-WRT web interface I am always still able to connect to the Linksys device via SSH meaning that for some reason the web interface is failing.
If you have one of the larger builds of dd-wrt then you probably have PPTP support built into the firmware. This will allow you to move VPN connections to the router instead of having to connect from each desktop which will securely make the remote network seem like part of the local network.
I have configured a Linksys WRT600N to connect using PPTP to my company’s VPN server in the past as noted in this previous article. I have since swapped out the Linksys WRT600N with a Linksys WRT54GS because I wanted to replace the antennas with larger antennas to work on getting better wireless coverage in my workshop in the basement and with the primary wireless router being located on the second floor of my house I needed to do numerous things to squeeze as much signal as possible. I also noticed numerous other issues with the WRT600N including the router locking up on a regular basis as well as dropping connections.
Its very easy to move your work PPTP VPN from your Windows XP computer to a wireless router running the dd-wrt firmware. DD-WRT firmware runs on most wired and wireless routers on the market today including the ever popular Linksys wrt54g.
Once your router has the dd-wrt firmware installed make note if the configuration settings you use for your PPTP VPN including username, password, VPN server IP, remote IP subnet mask, and remote IP subnet.