Packet capturing using arp poisoning and IP forwarding

Asked Jan 09 '23 at 10:20

Active Jan 11 '23 at 16:58

Viewed 54 times

I made a script in Golang that allows me to perform ARP poisoning attack and with that I enabled IP forwarding to forward the packets to my router. When I use pcap.OpenLive I can only see the packets from the attacked device to the router. For example, if I go to www.example.com I can see the request from the device to the site but not the other case. What can I do to capture those packets?

    handle, err := pcap.OpenLive(iface.Name, 1024, true, pcap.BlockForever)
    if err != nil {
        return err
    }
    defer handle.Close()
    src := gopacket.NewPacketSource(handle, layers.LayerTypeEthernet)
    if err != nil {
        log.Fatal(err)
    }
    for packet := range src.Packets() {
       layer := packet.Layer(layers.LayerTypeIPv4)
        if layer == nil {
            continue
        }
        IPv4Layer, ok := layer.(*layers.IPv4)
        if !ok {
            continue
        }
         ................. more code here
     }

edited Jan 11 '23 at 16:58

Dave M

4,514
22
31
30

asked Jan 09 '23 at 10:20

has van

Packet capturing using arp poisoning and IP forwarding

0 Answers0