> Is there any possibility to intentionally (mis)configure > netfilter to duplicate packets? Marcus, I needed to do something a bit crazy like this recently. I was wanting to get packets to be re-transmitted to multiple interfaces. I have found the ROUTE target module to be really great for this purpose. If you use the --tee option a duplicate of the packet is create and routed in some manner that you select. This would certainly be an option. I was using a Fedora Code 5 box which unfortunately does not have the ROUTE module patched into the kernel, but in this case patch-o-matic is your friend. For more details see: http://www.netfilter.org/projects/patch-o-matic/pom-extra.html#pom-extra -ROUTE for more information. Hope this helps, Kelvin
