From: Tiaan Wessels <tiaan@netsys.co.za>
To: Netfilter list <netfilter@vger.kernel.org>
Subject: Re: Packet duplication
Date: Fri, 19 Oct 2007 09:42:06 +0000 [thread overview]
Message-ID: <47187BEE.4010808@netsys.co.za> (raw)
In-Reply-To: <47187817.4070005@whb.hu>
Gáspár Lajos wrote:
> Tiaan Wessels írta:
>> Hi,
>> Not sure there is any life on this list but in case someone picks me
>> up on netfilter user SETI here goes:
> There is life !!! :D
>> How do I go about duplicating a UDP packet arriving at a machine.
>> Essentially I want to have it go to its original recipient but to
>> another new one also.
>> -j ROUTE --tee seems not to be supported anymore.
> False... It is supported but you need the patch-o-matic(-ng) stuff...
>
> --tee Make a copy of the packet, and route that copy to the
> given destination. For the original, uncopied packet, behave like a
> non-terminating tar-
> get and continue traversing the rules. Not valid in
> combination with `--iif' or `--continue'
>
Getting this to work for a novice like me seems to be impossible.
Doing a man on my FC5 system shows --tee to be there under the ROUTE
extension and I quote from the man page
'iptables can use extended target modules: the following are included in
the standard distribution'
however using iptables results in
[root@nst2 ~]# /sbin/iptables -A PREROUTING -t mangle -p udp -d
192.168.3.77 --dport 9090 -j ROUTE --tee
iptables v1.3.5: Unknown arg `--tee'
locate libipt_ROUTE.so yields nothing which makes me believe the man
page was talking bollocks when claiming the extensions to be part of the
'standard distribution'
After further reading I also came to the conclusion patch-o-matic needed
to be used to install the ROUTE module. going to netfilter extensions
HOWTO I see I have to get the latest update from CVS like in so
cvs -d :pserver:cvs@pserver.netfilter.org:/cvspublic login
but when I do this with password cvs I get
[root@nst2 ~]# cvs -d :pserver:cvs@pserver.netfilter.org:/cvspublic login
Logging in to :pserver:cvs@pserver.netfilter.org:2401/cvspublic
CVS password:
cvs [login aborted]: connect to
pserver.netfilter.org(213.95.27.115):2401 failed: Connection refused
any ideas ?
next prev parent reply other threads:[~2007-10-19 9:42 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-19 6:19 Packet duplication Tiaan Wessels
2007-10-19 9:25 ` Gáspár Lajos
2007-10-19 9:42 ` Tiaan Wessels [this message]
[not found] ` <47186FC3.6030402@freemail.hu>
[not found] ` <471875A4.8010000@netsys.co.za>
2007-10-19 10:11 ` Gáspár Lajos
2007-10-19 10:44 ` Tiaan Wessels
2007-10-19 11:25 ` Rob Sterenborg
2007-10-24 8:20 ` Tiaan Wessels
2007-10-24 9:31 ` Rob Sterenborg
2007-10-24 10:00 ` Tiaan Wessels
2007-10-24 10:36 ` Rob Sterenborg
2007-10-24 10:43 ` Tiaan Wessels
2007-10-24 12:45 ` Rob Sterenborg
2007-10-24 15:02 ` Tiaan Wessels
2007-10-24 15:43 ` Rob Sterenborg
2007-10-25 6:14 ` Tiaan Wessels
2007-10-25 7:24 ` Rob Sterenborg
2007-10-25 7:35 ` Tiaan Wessels
2007-10-25 8:34 ` Rob Sterenborg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47187BEE.4010808@netsys.co.za \
--to=tiaan@netsys.co.za \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.