TL;DR
This guide shows you how to redirect all network traffic from your Wi-Fi connection through your ethernet cable. This is useful for testing, monitoring, or forcing specific connections via a wired link. Warning: This can disrupt network connectivity for other users and may be illegal without permission on networks you don’t own. Use responsibly.
Prerequisites
- A Linux machine (Kali Linux is recommended).
- Root or sudo access.
- Two network interfaces: one connected to Wi-Fi, and one connected to Ethernet. Find these using
ip addr. Note the interface names (e.g., wlan0 for Wi-Fi, eth0 for Ethernet).
- Basic command line knowledge.
Steps
- Enable IP Forwarding: This allows your Linux machine to act as a router.
- Temporarily enable forwarding:
sudo sysctl -w net.ipv4.ip_forward=1 - To make this permanent, edit /etc/sysctl.conf and uncomment or add the line:
net.ipv4.ip_forward=1. Then run
sudo sysctl -p.
- Temporarily enable forwarding:
- Configure Network Interfaces: Set static IP addresses for both interfaces.
- Wi-Fi Interface (e.g., wlan0): Connect to your Wi-Fi network as usual, then set a static IP address. Replace the example values with those appropriate for *your* network:
sudo ip addr flush dev wlan0sudo ip addr add 192.168.1.10/24 dev wlan0sudo ip link set wlan0 up - Ethernet Interface (e.g., eth0): Configure the ethernet interface with an IP address on a different subnet, and set it as the gateway for traffic coming from Wi-Fi.
sudo ip addr flush dev eth0sudo ip addr add 192.168.2.1/24 dev eth0sudo ip link set eth0 up
- Wi-Fi Interface (e.g., wlan0): Connect to your Wi-Fi network as usual, then set a static IP address. Replace the example values with those appropriate for *your* network:
- Enable ARP Spoofing: Redirect traffic from the Wi-Fi network to your ethernet interface.
- Install arpspoof if it’s not already installed (usually pre-installed on Kali Linux).
- Run arpspoof to redirect traffic:
sudo arpspoof -i wlan0 -t eth0 192.168.1.1(Replace wlan0, eth0 and 192.168.1.1 with your actual interface names and the Wi-Fi router’s IP address.)
- Configure NAT (Network Address Translation): Allow traffic to flow through the ethernet connection.
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADEsudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPTsudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT - Verify Traffic Redirection: Check that traffic is flowing through the ethernet interface.
- Use a tool like Wireshark on your Linux machine to capture packets on eth0. You should see traffic from devices on the Wi-Fi network.
- Alternatively, connect a device to the internet via the Ethernet connection and verify it has access.
Important Considerations
- ARP Spoofing Detection: ARP spoofing is easily detectable by network security tools.
- Network Disruption: This process can disrupt network connectivity for other users on the Wi-Fi network.
- Legal Implications: Performing this attack on networks you do not own or have permission to access is illegal in many jurisdictions.
- Reverting Changes: To stop traffic redirection, stop arpspoof (Ctrl+C), remove the iptables rules with
sudo iptables -F, and restore your network interfaces’ original configurations.