Hi all, I want to copy all incoming packets of eth0 and send over eth1, I wrote rule like that: 1. iptables -t mangle -A PREROUTING -i eth0 -j TEE --gateway 10.10.10.1 then I added another rule: 2. iptables -t mangle -A POSTROUTING -o eth1 -j DROP to capture copied packets. >From iptables's count information, I saw packets are copied by rule1, but did not match rule2. But I have checked by tcpdump, copied packets indeed sent out by eth1. My problem is that packets copied by TEE do not go through POSTROUTING? or is my understanding wrong? thanks. -Jiang -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
