I recently had a need to do this at work, and was told by various forum posts and ##pfsense on freenode that it wasn’t a good idea and wasn’t possible. Well, we needed it anyway, so time to do some hacking 😀
Here’s the script I came up with. It employs tcpdump and tcpreplay to gobble up packets on one interface and spit them out on another.
16 Comments
Hi,
any idea how to fix the following error?
[root@pfSense ~]# ./udp_relay hn1:192.168.3.0/24 ovpnc1:192.168.2.0/24
Relaying…
Failed: Error opening pcap file: truncated dump file; tried to read 4 file header bytes, only got 0
Thanks!
The error seems to be:
tcpdump: not a broadcast link
0 packets captured
0 packets received by filter
0 packets dropped by kernel
Are you able to successfully run tcpdump on the interfaces hn1 and ovpnc1?
I’m looking for a solution to get printer discovery working inter vlans.
WAN (IF1)
LAN (IF2)
VLAN100 (IF3-OPT1)
VLAN101 (IF3-OPT2)
Clients in VLAN100 and VLAN101 wants to find printers over SNMP-Broadcast in LAN, the printers won’t answer.
SMB connected printers can print and I get status of the devices….discovery is my problem.
I searched and studied many article by now – is your script useful for me?
Could be. Give it a shot and let me know how it goes.
I will…but do you have any examples for the option switches you built in?
Check the usage samples at the bottom of the commented section in the script header.
./udp_relay -m -l igb1:192.168.1.0/24 igb2:192.168.2.0/24 igb3:192.168.3.0/24
Something like that, perhaps? Correct your interface names and IP address ranges.
Yes, the syntax is clear.
But these options I meant.
# options
listen=false
vlan=false
filter=”broadcast”
pidfile=””
ttl=false
ttl10=false
pnat=false
ports=()
OPTIND=1
Especially:
vlan=false
ports=()
How to use?
As I mentioned I use VLAN100 and VLAN101 and the LAN is untagged with 1.
Ports are 161 SNMP for printer discovery in use.
That’s just the defaults for the part of the code that parses command line parameters. There’s no need to worry about them. They parse the command line.
I even can’t install bash or tcprelay…what a crap!
The script clearly tells you how to do so. It’s impossible to assist you, however, if you don’t provide the commands you’ve entered and their result. My crystal ball isn’t operational at the moment.
I suggest reading the documentation, to which there’s also a link in the script.
root@FW1:~ # sudo pkg install tcprelay
Updating OPNsense repository catalogue…
OPNsense repository is up-to-date.
All repositories are up-to-date.
pkg: No packages available to install matching ‘tcprelay’ have been found in the repositories
Did you actually run “pkg” and “pkg update -f”, as the script specifies, before attempting to install it?
EDIT: ehh.. OPNsense? You’re not even running pfSense, are you?
While OPNsense is a fork of pfSense, it’s a fork because they wanted to change things. When things are changed, they’re not working the same way anymore. OPNsense does not support third party packages, unlike pfSense. You’ll have to ask their forums/irc/whatever for support on how to install the required software.
Yes I’ve already updated the repository, and yes I need to use this DORK-FORK!
Then I’m afraid you are on your own. I can not provide any help with a distribution I do not use, and that happens to differ from mine in critical areas such as package management. Sorry.
no problem…
i think with mdns responder and a floating rule it’s manageable…