I would like to clone incoming UDP packets onto a different host, I found a way to do it Here but I could not build xtables-addons on centos 5.3 .
Is there any other way to tee upd packets?
Asked
Active
Viewed 1.1k times
3 Answers
5
http://www.bjou.de/blog/2008/05/howto-copyteeclone-network-traffic-using-iptables/
or http://www.netfilter.org/projects/patch-o-matic/pom-external.html
iptables -A PREROUTING -t mangle -p udp --dport 7 -j ROUTE --gw 1.2.3.4 --tee
iptables -A POSTROUTING -t mangle -p udp --sport 7 -j ROUTE --gw 1.2.3.4 --tee
chx
- 1,665
- 1
- 16
- 25
4
We're using a 3.2.0 kernel on an Ubuntu 12.04, and this iptables rule did the trick (no need to patch!):
sudo iptables -t mangle -A PREROUTING -p udp --dport 60000 -j TEE --gateway 172.16.3.12
This will copy the incoming packets to UDP port 60000 to the IP set in --gateway. Take in account that the gateway should be in the same network, if don't , the rule won't work unless you do something similar in the router between networks.
I wonder if there's a way to traverse this network flow to another network, maybe NATing, but we haven't tested it yet.
charli
- 226
- 1
- 6
1
I just found samplicator which also seems to do this.
Peter V. Mørch
- 812
- 7
- 15
-
Careful with posting this link multiple times, it is setting off the spam filter alerts. – Mark Henderson Jun 26 '15 at 04:27