I'm curringly using nincehelser's technique: bridge->usb ethernet dongle->pi->network and using tcpflow to scrape the data as it flows through the bridge. But I'd really like to get this work better. I'd like to redirect the bridge web posts to a local server and eliminate any outside traffic.
From what I can find, I think the best technique would be to use the firewall rules to redirect traffic from the bridge to a local web server (small python script). Basically, a man-in-the-middle redirect attach. I followed the instructions here squid proxy but I can't seem to get ebtables to work on my pi (running ubuntu). The basic idea is to use these two commands:
Every time I try that, ebtables hangs. The ebtables command looks like it's doing a modprobe on ebtables and ebtable_broute which never return and I have to hard reboot the pi to get it back.
My fallback approach is less elegant. I installed dnsmasq and followed these instructions to try and have the bridge use the pi as a nameserver. Then I would return the pi's IP address to the bridge and use some kind of iptables rule to redirect traffic from the bridge IP to a different port. I turned on dnsmasq logging and added these lines to my networking interfaces file (192.168.1.7 is the pi's IP):
I can see some dsn requests in syslog but I never see a request for www.acu-link.com (or any acurite address). After taking down eth1 and br0 and bringing them back up, I tried powering off the bridge and holding the reset button down for 5 seconds as well but I'm not getting any DSN requests from the bridge that I can see.
Any thoughts?
From what I can find, I think the best technique would be to use the firewall rules to redirect traffic from the bridge to a local web server (small python script). Basically, a man-in-the-middle redirect attach. I followed the instructions here squid proxy but I can't seem to get ebtables to work on my pi (running ubuntu). The basic idea is to use these two commands:
Code: [Select]
ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 80 -j redirect --redirect-target ACCEPT
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 8000Every time I try that, ebtables hangs. The ebtables command looks like it's doing a modprobe on ebtables and ebtable_broute which never return and I have to hard reboot the pi to get it back.
My fallback approach is less elegant. I installed dnsmasq and followed these instructions to try and have the bridge use the pi as a nameserver. Then I would return the pi's IP address to the bridge and use some kind of iptables rule to redirect traffic from the bridge IP to a different port. I turned on dnsmasq logging and added these lines to my networking interfaces file (192.168.1.7 is the pi's IP):
Code: [Select]
auto eth1
iface eth1 inet manual
dns-nameservers 192.168.1.7
auto br0
iface br0 inet dhcp
bridge_ports eth0 eth1
dns-nameservers 192.168.1.7I can see some dsn requests in syslog but I never see a request for www.acu-link.com (or any acurite address). After taking down eth1 and br0 and bringing them back up, I tried powering off the bridge and holding the reset button down for 5 seconds as well but I'm not getting any DSN requests from the bridge that I can see.
Any thoughts?