I would like to clone incoming UDP packets onto a different host, I found a way to do it Here but I could not build xtables-addons on centos 5.3 .
Is there any other way to tee upd packets?
1
-
1I'm not clear. Do you want to actually "tee" them or do you just redirect them to another host?– Evan AndersonCommented Sep 10, 2010 at 17:59
Add a comment
|
3 Answers
http://www.bjou.de/blog/2008/05/howto-copyteeclone-network-traffic-using-iptables/
or http://www.netfilter.org/projects/patch-o-matic/pom-external.html
iptables -A PREROUTING -t mangle -p udp --dport 7 -j ROUTE --gw 1.2.3.4 --tee
iptables -A POSTROUTING -t mangle -p udp --sport 7 -j ROUTE --gw 1.2.3.4 --tee
We're using a 3.2.0 kernel on an Ubuntu 12.04, and this iptables rule did the trick (no need to patch!):
sudo iptables -t mangle -A PREROUTING -p udp --dport 60000 -j TEE --gateway 172.16.3.12
This will copy the incoming packets to UDP port 60000 to the IP set in --gateway. Take in account that the gateway should be in the same network, if don't , the rule won't work unless you do something similar in the router between networks.
I wonder if there's a way to traverse this network flow to another network, maybe NATing, but we haven't tested it yet.
I just found samplicator which also seems to do this.
-
Careful with posting this link multiple times, it is setting off the spam filter alerts. Commented Jun 26, 2015 at 4:27