[Pauldotcom] cloning traffic with iptables

[Robin Wood]

2008/12/30 Nick Baronian <nbaronian at gmail.com>:
> I am a pretty sure Daemonlogger is much more efficient and less buggy but
> there is a tee add-on available in the xtables add-on that will copy the
> traffic within iptables to another nic.  I have not used this version but I
> got decent results from the old patch-o-matic iptables add-on.
> http://jengelh.medozas.de/projects/xtables/
> -Nick

Both of those seem like they will do what I want, the only potential
problem is that this app has to run on a mips processor. Looks like
I'll have to brush up on my cross compiler skills.

If anyone has any processor independent way of doing this feel free to shout up.

Robin

>
> On Mon, Dec 29, 2008 at 8:17 PM, <byte.bucket at 4a44.com> wrote:
>>
>> Have a look at Daemonlogger.  I believe it will do exactly what you want.
>> http://www.snort.org/users/roesch/Site/Daemonlogger/Daemonlogger.html
>>
>> --
>> byte_bucket
>>
>> > Hi
>> > Is there a way to use ip tables to copy all traffic on an interface to
>> > a second interface?
>> >
>> > The setup I have is I have a machine with two NICs, I want to copy all
>> > traffic to or from eth0 to eth1 so another machine connected to eth1
>> > can then use tcpdump to capture and monitor traffic.
>> >
>> > Robin
>> > _______________________________________________
>> > Pauldotcom mailing list
>> > Pauldotcom at mail.pauldotcom.com
>> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>> > Main Web Site: http://pauldotcom.com
>> >
>>
>>
>> _______________________________________________
>> Pauldotcom mailing list
>> Pauldotcom at mail.pauldotcom.com
>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>> Main Web Site: http://pauldotcom.com
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>