Hi, I need to test a network application for data integrity on a single computer. I have 2 instance of the program, A listens to 127.0.0.1:xxx0 and B listens to 127.0.0.1:xxx1. When A send a tcp message to B, I want to capture it, modify the payload (changing all 'f' characters to 'b', for examples), and send it back to B. I was thinking about using netsed which needs packets to be redirected to a port that it listens to. Let's say netsed listens to 127.0.0.1:xxx2. What I am afraid of is that if I redirect packets going to 127.0.0.1:xxx1 (B) to 127.0.0.1:xxx2 (netsed), when netsed will send back the packet after modification, it will send the packet to 127.0.0.1:xxx1, which would then be redirected once again to 127.0.0.1:xxx2. That would create an infinite rerouting loop. Is there a way to configure iptables to do what I want ? Maybe by marking packets so that they are rerouted only once (but the netsed modification may break the marking) Thanks, Gurvan PS: is there a better utility than netsed to replace a string by another in the payload of tcp packets? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html