I have the following setup works


# Victim
[My Laptop@10.0.0.2] < ---- > [My PC@10.0.0.1 & Gateway@10.0.0.138]

Works fine running sslstrip & bt4 vm on my pc as the attacker on my eth0 interface.

What im finding difficult is this setup, it effectively DoS attacks my router.

# Victim on XP [My Laptop@10.0.0.2]
>>>>>>>>>>>>>>>>>>>>>>> [Gateway@10.0.0.138]
# bt4 VMware [My Laptop@10.0.0.4]


- Victim on XP is connected to the gateway on my 1490 Mini WLAN Card.
- bt4 VMware is using my ALFA'36H to connect to the gateway, so both wireless.

arpspoof between XP@10.0.0.2 & Gateway@10.0.0.138 with interface wlan0 works. But as soon as i do the iptables i effectivly DoS the router and the victim cannot surf the net, so the attack becomes useless.
Code:
 iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
So all im left with is a forum post from remote exploit i found the other day i cannot find again which breifly mentioned not needing sslstrip to do an attack like this because it is only encrypted with wpa/wep not ssl yet and that i can just run airdecap-ng to take off the encryption.

So how can i get this working using either method.

And going back to my original scenario with 1 client. If i reversed roles and used bt4 vmware on the laptop would i be able to do this sslstrip attack on the PC? or is it only limited to being ran from the wired side of the network?