The NanoPi R2S is a small SBC with two ethernet ports running FriendlyWrt (adapted from openwrt). I would like to use it as a switch (or bridge) with the same network addres ranges at both sides (10.0.0.0/24). Mind you, not as a router. I would like to grab (and analyze) the traffic through the device with TCPDUMP.
Is this possible?
Yes. Place both ports into the same bridge (the default lan bridge would work) then run tcpdump on one of them.
Thank you for your reply mk24.
I must say that I have no idea how to "place both ports into the same bridge". Can you give me a few hints or point me to some text explaining bridges (br-lan). I have some experience with the Asus wl500g but the interfaces (ifconfig) were a complete mystery to me. I simply don't understand what the relation between a device br-lan or br-wan and eth0, eth1 is. An extra complication is that I must experiment with one interface of the device over the other interface. (I understand that if something goes wrong I can simply restart with a fresh image. Is this correct?)
Thanks in advance!
Go to network--interfaces and edit the LAN. Click Physical Settings and note that the Bridge box is checked and add both eth0 and eth1 as the interfaces. eth0 and eth1 are the physical ports. br-lan is traffic from one of the ports to the OS. If you're monitoring traffic between the ports you'd attach tcpdump to eth0 or eth1. Since you only have two ports you'll need to stay logged into the box via br-lan and one of the ports. So you should monitor the port that only has the device you're interested in, not the one that you are also logged in through.
About 4 fresh dd's to the SD card later I got it working! I have now two interfaces:
The LAN shows my set IPV4 adress but I can only connect with the device via the WAN port. Why is that?
First you should be logging in on the lan network using the lan network's IP (for regular OpenWrt, the default is 192.168.1.1)
Take eth0 out of the wan network (leaving it empty), or even delete the wan network.
There isn't a "WAN port" there are two Ethernet ports which can be connected to different networks.
So, in the end, it is possible with one interface containing a bridge br-lan containing two interface adapters eth0 and eth1.
on the R2S I installed tcpdump and on a (linux) PC wireshark. I can thus monitor traffic through the R2S going between a wifi router to the internet. The object was to see the traffic from a wifi wakeuplight over the netwerk to the internet. It is going to an Amazon cloud server (in Germany; I live in Holland). The outbound traffic is limited (in volume) but I would like to see what happens if I block this traffic. (I hate devices that setup outbound connections for no good reason). Still a lot to discover..
Thanks very much for your help, mk24!