On Wednesday 2010-10-20 23:58, Mateus Caruccio wrote: > >Our DEVEL_SRV should receive exactly the same packet PROD_SRV >receives, but with destination address modified >so it can reach our userspace application. >I've tried to "DNAT" it, but without success: Because DNAT is factually wrong, as it does not make a copy. Instead, use -j TEE on the host where the copy is to be made, and use either a packet socket (tcpdump uses such) or local delivery routing (`ip route add local dstaddrinpacket` and so). >tcpdump shows that all requests are being properly mirrored from PORT2 to PORT3. >ifconfig eth0 on DEVEL_SRV does not present any increment on RX >statistics, but if I "ifconfig eth0 promisc", it starts to increment >RX. Forget about ifconfig. People should use modern tools like ip. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
