Topic: TP-Link TL-WR841ND set hub mode between two RJ45 ports

Hi All,

I have a TP-Link TL-WR841ND with OpenWRT 15.05.1,
I would like to achieve a hub mode between two RJ45 ports,
I would like to analyze a device traffic on one of the RJ45 port with PC with Wireshark on a different RJ45 port... like on a hub without redirecting/affecting the traffic.
How can I achieve this please ?

Thank you very much

Re: TP-Link TL-WR841ND set hub mode between two RJ45 ports

I have tried mod_tee,

but somehow the packets cloning is not working for me,
installed the tee with :
opkg install iptables-mod-tee

the module is loaded,
but when I try to add rules like :

iptables -A POSTROUTING -t mangle -o br-lan ! -s 192.168.1.120 -j TEE --gateway 192.168.1.150
or
iptables -A PREROUTING -t mangle -i br-lan ! -d 192.168.9.120 -j TEE --gateway 192.168.9.150

nothing happen,
strange is that I cannot list the POSTROUTING nor PREROUTING chain,

Do you know what can be the problem ?

Re: TP-Link TL-WR841ND set hub mode between two RJ45 ports

By default, traffic between ports on the LAN connections goes through a switch external to the CPU, and thus you will not see any traffic in OpenWrt; there is no INPUT, OUTPUT, or ROUTING on that traffic. I would try to set up each port on a different VLAN, then mix them together using a bridge; this way, traffic should flow thorough the CPU.

Have a look at wireshark's wiki for more info: https://wiki.wireshark.org/CaptureSetup/Ethernet

Re: TP-Link TL-WR841ND set hub mode between two RJ45 ports

Thank you for the answer,

one question regarding tee:

does it(LAN) apply for the tee too ?
that means the tee is usable just for WLAN also?

because I am trying to clone the packet from one IP to second one, but somehow not working for me,
managed to see the rule in the firewall, also see in the firewall that some packets are sent there, but did not reach my PC with wireshark:


Chain POSTROUTING (Policy: ACCEPT, Packets: 77914, Traffic: 96.61 MB)

1 67990 96.12 MB TEE all -- * br-lan !192.168.1.158 0.0.0.0/0 TEE gw:192.168.1.134


earlier I have forgot the -t mangle, that's why I did not see it.

Re: TP-Link TL-WR841ND set hub mode between two RJ45 ports

Like eduperez said, first you will have to defeat the hardware switching by making separate VLANs which will force all traffic on each port to go through the CPU, and then use the software bridge in the kernel to connect them back together. 

If you just plug two cables into the ports on the same VLAN the hardware switch will take care of traffic between two external devices, and the CPU will never see any of the packets, so it cannot monitor or redirect them.  In the standard use case that is good, because speed is higher.

Re: TP-Link TL-WR841ND set hub mode between two RJ45 ports

nrbrtbjcs wrote:

Thank you for the answer,

one question regarding tee:

does it(LAN) apply for the tee too ?
that means the tee is usable just for WLAN also?

because I am trying to clone the packet from one IP to second one, but somehow not working for me,
managed to see the rule in the firewall, also see in the firewall that some packets are sent there, but did not reach my PC with wireshark:


Chain POSTROUTING (Policy: ACCEPT, Packets: 77914, Traffic: 96.61 MB)

1 67990 96.12 MB TEE all -- * br-lan !192.168.1.158 0.0.0.0/0 TEE gw:192.168.1.134


earlier I have forgot the -t mangle, that's why I did not see it.

Not user I understand the question... To make things easy: you are only going to see traffic on the CPU when you have more than one interface, and traffic comes on one interface and leaves on the other.

Re: TP-Link TL-WR841ND set hub mode between two RJ45 ports

Thank you for all answer,
I understand the functionality now.