Random:
  • CoRT - Comprehensive Requirements Traceability 2009 A project managem... Read More
  • Flying Before this year I'd never been on an aeroplane or outside o... Read More
  • PHP WebMailer 2007 Bespoke tool allowing centralised email contact wi... Read More
  • HNC2 Customer Support Management System 2006 A Call Logging syste... Read More
  • HNC2 Webstore 2006 Fully functional store with catalogue, basket, a... Read More
Also find me on: LinkedIn Anthony Chellew on Linked In
     
It’s kittens for you! PDF Print
Wednesday, 16 May 2007 00:00

Its that time again when I post what everyone in the house owes me for paying for the internet/tv/phone services, and as usual no one bats an eyelid. So like last time I have to ensure I get paid back before everyone goes home, I’m not good at threats but my latest is that they have 7 days to pay up else it’s kittens for them, yes kittens…

Being exam time I guess I should revise but when I’m bored I tend to break things this being no exception.
My latest adventure into the world of linux, was to see if I could get back at a certain housemate (evaD) for putting my laptop on dodgy web sites, using my little Linux know how and the new OpenWRT firmware I put on our Linksys WRT54G router I set about finding how.

I figured the firewall would be a good place to start and searched for iptables guides. My first go at adding a firewall rule to the router went completely wrong, not only was one computer being redirected, all where including SSH requests so I couldn’t get back into the router to disable the rule.

Basically I then had to “unbrick” our router for the tenth time, after the process was complete of course I was then a bit bored again so I figured out how to use Iptables properly without just trying a command which I didn’t understand. After a few hours I was successfully able to redirect specific machines and specific addresses to other web sites, not bad for a linux newbie.

A few sample rules (ignore any line breaks)

iptables -t nat -A PREROUTING -s 192.168.1.100 -d 72.14.253.99 -p tcp --dport 80 -j DNAT --to-destination 64.111.96.38

This is a very specific rule, -s source is the lan IP for redirecting requests from, -d is the destination ip in this case google, -p specifies the protocol is tcp and destination port 80 this was so if I block everyone again accidentally I should be able to SSH into the router still, –to-destination is the IP to send the packet to, in this case kittenwar.com In a nutshell this rule redirects a single machine requesting google to get kittenwar.com instead :)

iptables -t nat -A PREROUTING -s 192.168.1.100 -p tcp --dport 80 -j DNAT --to-destination 64.111.96.38

This is a less specific than before now all requests not just google will return kittenwar, hence “it’s kittens for you”

Disclaimer!: I have “bricked” our router which serves internet to 5 of us many times, all firmware upgrades involve risk of bricking a router, of all the bricking methods the tftp firmware recovery is best.

Credits:

  • Pete Stevens: For the basis of my firewall rules, and for bringing kittenwar.com to my attention, what a brilliant web site.
  • OpenWRT: Firmware for Linksys routers which far more features than normal
  • iOWEYOU: Brilliant web service for keeping tabs on bills and splitting them in a shared house
  • Previously mentioned housemate for inspiring me to learn how to get my own back on him a bit more about linux
  • My other housemates for not getting mad when I bricked our router, and spent an entire day trying to fix it.
  • The devil for “making work for idle thumbs”, because I tend to learn a lot when I’m bored.
 

Contact Me







chellew.info Anthony Chellew portfolio homepage