0

I want to setup a wireless infrastructure network wherein the access point has the ability to modify certain packets on the fly. For example, the AP should be able to modify an HTTP request from a client to a webserver on the same network by adding an addition field in the request containing the MAC address of the client. Is there some way to do this?

TripShock
  • 173
  • 1
  • 8
  • What are you trying to do? – David Pashley Oct 22 '09 at 14:13
  • I'm wondering if he's trying to ban a person flooding his wireless IP by MAC address by snooping on the requestor on the fly? Possibly? – Bart Silverstrim Oct 22 '09 at 14:19
  • I'm trying to see if I can somehow setup a network where all the clients have the same IP address. Assume for now the clients don't need to access an external network. – TripShock Oct 22 '09 at 14:44
  • 1
    Why in the world would you WANT to do this? – GregD Oct 22 '09 at 15:16
  • I'm trying to create a system where a client initially gets a default IP address, and then is migrated to a different unique address after he has performed some simple authentication. I want to prevent DHCP starvation on public wifi networks. – TripShock Oct 22 '09 at 16:32
  • DHCP starvation mitigation can occur on most Layer 2 switches. On Cisco switches you would enable DHCP snooping. – GregD Oct 22 '09 at 17:04
  • Isn't that on wired LANs only? What about wireless LANS? – TripShock Oct 22 '09 at 18:00

4 Answers4

3

How to modify packets on the fly?

I'm trying to create a system where a client initially gets a default IP address, and then is migrated to a different unique address after he has performed some simple authentication

Your questions are becoming more and more bizarre. You seem to want to fix a basic problem by doing something that is extremely obscure and probably breaks many of the networking standards.

I suspect if you really want to do something like what you seem to want to do you are going to have to a) get a Linux AP, b) download the source and start doing some serious hacking of the networking code, and c) have a very in-depth understanding of networking/wifi.

I almost think your questions may be getting to the point that they belong on stackoverflow. I believe that you are going to have to start actually writing code to accomplish this.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • That's what it looks like to me also. That the OP is wanting to hack together his (or her) own networking protocols. – GregD Oct 22 '09 at 20:41
2

Well the address thing can be done simply with NAT but only for machines OUTSIDE of the NAT'd subnet.

To make every machine have the same IP on the same subnet, just set them all to the same IP. Won't work, of course, but what do you expect? They all have the same IP.

Satanicpuppy
  • 5,946
  • 1
  • 17
  • 18
1

Airpwn lets you modify and inject wireless traffic on the fly. According to the documentation you can certainly inject HTTP content, but I'm not sure about MAC addresses.

Having a bunch of wireless clients with the same IP address would be a bit of a challenge.

Gerald Combs
  • 6,441
  • 25
  • 35
  • This requires two network interfaces though. – TripShock Oct 22 '09 at 16:33
  • Most wireless infrastructure equipment has both wireless and wired interfaces. Equipment that modifies packets on the fly (firewalls, routers, load balancers, VPN hardware, etc.) typically has more than one interface. It's kind of a requirement. What kind of equipment are you working with here? – Gerald Combs Oct 22 '09 at 19:46
1

If you only want to modify HTTP packets, then install software that redirects all HTTP traffic to an HTTP proxy like HoTTProxy or Squid and use the proxy to modify the requests.

The redirect function has to be done on a router or possibly on the wireless AP itself depending on what software is installed.

Michael Dillon
  • 1,819
  • 13
  • 16