Using iptables as a firewall/gateway/router machine for my stub network. Using snat and dnat to translate internal ip's to public and vice versa. Want to setup a machine inside the network to packet sniff. I was hoping iptables could do this. What I'd like is if iptables would route each incoming packet to the correct machine, but also direct it to the packet sniffer (in other words duplicate the packet and send to 2 destinations). Just wondering if this is possible and if it is how can I set this up? I've also tried doing all my packet sniffing off the firewall, but I've been unsuccessful, can't seem to get ethereal to look at the forwarded packets. If someone knows a way to successfully do setup either solutions please let me know. Thanks, Patrick
