I tried with the config but seems to have some issues with TCP retransmission. The config is as follow
config redirect
option dest 'lan'
option target 'DNAT'
option name 'test'
option src 'lan'
option src_dport '1883'
option dest_port '1883'
option reflection '0'
option dest_ip '192.168.10.254'
The first image is from Wireshark sshdump to the router
The second image is from my local machine running my hack mqtt server
I made sure 1883 is open to 0.0.0.0 and I used a local client to confirm the mqtt server is running
╰─$ sudo netstat -apn|grep 1883
tcp 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN 237905/mosquitto
tcp 0 0 127.0.0.1:55220 127.0.0.1:1883 ESTABLISHED 235316/mqtt-explore
tcp 0 0 127.0.0.1:1883 127.0.0.1:55220 ESTABLISHED 237905/mosquitto
Any clue on how this happening? I saw from the first image the 173 (IoT MQTT pusher) tried to send packets to both 254 (my local MQTT server also my desktop) and 119.29.42.117 (remote server MQTT to be intercepted). Thanks.