How to Tee udp packets onto a different host

linux iptables centos

Solution 1:

http://www.bjou.de/blog/2008/05/howto-copyteeclone-network-traffic-using-iptables/

or http://www.netfilter.org/projects/patch-o-matic/pom-external.html

iptables -A PREROUTING -t mangle -p udp --dport 7 -j ROUTE --gw 1.2.3.4 --tee
iptables -A POSTROUTING -t mangle -p udp --sport 7 -j ROUTE --gw 1.2.3.4 --tee

Solution 2:

We're using a 3.2.0 kernel on an Ubuntu 12.04, and this iptables rule did the trick (no need to patch!):

sudo iptables -t mangle -A PREROUTING  -p udp --dport 60000 -j TEE --gateway 172.16.3.12

This will copy the incoming packets to UDP port 60000 to the IP set in --gateway. Take in account that the gateway should be in the same network, if don't , the rule won't work unless you do something similar in the router between networks.

I wonder if there's a way to traverse this network flow to another network, maybe NATing, but we haven't tested it yet.

Related

How to prevent hot linking ("image theft" / "bandwidth theft") of ressources on my site?
mysqldump prompting for password in shellscript
FTP v/s SFTP v/s FTPS
What counts as a 'large' raid 5 array?
High load average, low cpu
Wildcard DNS and subdomains
How should I securely wipe data from a hard drive?
Nginx. How do I reject request to unlisted ssl virtual server?
Server-to-Switch Trunking in Procurve switch, what does this mean?
postfix multiple IP SMTP banner
Ubuntu: Resize the root LVM(2?) partition
Debian - Port 80 is blocked, but I don't know by what