Hello everyone,
I'm new in pen-testing and I have troubles to perform a MITM attack in my own network.
I used the following commands :
sysctl -w net.ipv4.ip_forward=1
arpspoof -i wlan0 -t 192.168.1.17 -r 192.168.1.1
where 192.168.1.17 is the target ip and 192.168.1.1 is the router ip.

When I tried those commands with my phone as the target, I got a message saying that there is a suspicious activity in the network, so I supposed it was working.

When I do that, the target still have access to the internet, but when I sniff the traffic with wireshark and I visit a web page with the target, I don't see any HTTP request coming from it and I don't understand why. However, I can see all the fake ARP packets.

I also tried to deactivate the ip forwarding with this command sysctl -w net.ipv4.ip_forward=0.
If my understanding is correct, the target machine should not have access to the internet anymore, but in fact, it has. I can visit any website without any problem.

If anyone is able to help me understand what I missed, it would be really helpful.
Thank you in advance.

PS : I'm sorry if my english is bad.

Yep same by me. Idk why it happens. When I checked the arp -a on the windows I was trying to MITM as target, it had changed it's records to point to me, but I wasn't getting any traffic still.