On Fri, Oct 22, 2010 at 9:24 PM, Changli Gao <xiaosuo@xxxxxxxxx> wrote: > On Fri, Oct 22, 2010 at 8:31 PM, Stephen Clark <sclark46@xxxxxxxxxxxxx> wrote: >> Hello, >> >> Problem: >> I have a two monitoring servers behind a a linux firewall, one is primary >> and one is backup. >> In the field we have units sending udp informational packet to the primary >> server. On the >> linux firewall I would like to copy this packet and change the destination >> address of the copied >> packet to point to the backup server. Is there a way to do this without >> writing any code? >> >> NOTE: >> Currently the firewall is FreeBSD and we accomplish this rather easily using >> ipfw along with natd, but we want to move to linux for our firewall. >> > > I think you can use tc action mirred to mirror the packets to a fake > NIC device ifb, and use tc action nat to dnat the packets received > from ifb. > Oh, iptables can also do it. Please see iptables target TEE and RAWNAT in xtables-addons. http://xtables-addons.sourceforge.net/ -- Regards, Changli Gao(xiaosuo@xxxxxxxxx) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
