CFW Router Packet Capture

What you need


How to

In your router's DHCP settings, set static IP addresses for both the computer and the DS/Wii you want to capture.

Fire up your Telnet/SSH client and connect to your router by it's IP address. By default the username should be "root" and the password should be your router's admin panel password. DD-WRT routers can configure a password used to connect from the web interface.

Run the following commands, replacing parts when specified. This sets up a filter so all packets going to and from your DS/Wii get copied and sent to your computer:

modprobe ipt_ROUTE # DD-WRT routers should use `insmod ipt_ROUTE` instead. If you use a newer firmware, `modprobe ipt_TEE`, `insmod ipt_TEE`, `modprobe xt_TEE`, or `insmod xt_TEE` might work as well
iptables -t mangle -A PREROUTING -s <DEVICE_IP> -j ROUTE --tee --gw <CAPTURE_PC_IP>
iptables -t mangle -A POSTROUTING -d <DEVICE_IP> -j ROUTE --tee --gw <CAPTURE_PC_IP>

Replace <DEVICE_IP> with the LAN IP address of the DS or Wii you're capturing from and <CAPTURE_PC_IP> with your computer's LAN IP address. Note that this filter stays in place until the router is reset. If you want to disable it without rebooting your router, run the iptables commands again only replacing -A with -D:

iptables -t mangle -D PREROUTING -s <DEVICE_IP> -j ROUTE --tee --gw <CAPTURE_PC_IP>
iptables -t mangle -D POSTROUTING -d <DEVICE_IP> -j ROUTE --tee --gw <CAPTURE_PC_IP>

You can now capture DS/Wii packets on your computer. Fire up Wireshark and start capturing on your ethernet/wireless device and filter in only traffic from your DS/Wii. In the filter text box, input "ip.addr == <DEVICE_IP>" and apply it. You should now be ready to go!

To export your capture, go to File -> Export Specified Packets and in the save dialog, make sure the packet range is set to Displayed.


Back