Even if we have a second network interface, though, we need to do a couple of other
things. To start, we need to tell the Linux kernel that it’s okay to pass traffic from one
interface to another. Unless we set that kernel parameter, the operating system will
not allow the traffic to go anywhere after it has entered the system. We can do that by
running
sysctl -w net.ipv4.ip_forward
. To make this change permanent, the file
/etc/
sysctl.conf
needs to be edited to set that parameter. That will allow Linux to accept the
packets in and forward them out another interface, based on the routing table the
operating system has.
With all this in place, you can have your very own AP for whatever purpose you
would like. This can include just keeping track of the clients that attempt to connect
to you. This may give you a sense of potentially malicious users. To do more compli‐
cated and potentially malicious things of our own, we should get a little extra help.