Hi, I'm back on this thing, so I found that's not ntop that prevent iptables from working but thefact that the packets are not destinated to the mac address of the PC running iptables. I did mac spoofing on the monitoring machine and it seems to work, but it did also a nice mess.So is there another way to manage the traffic that is not directly destinated to the PC running iptables? Cheers HerC. ---------------------------------------- > From: hercule18@xxxxxxxxxxx > To: netfilter@xxxxxxxxxxxxxxx > Subject: Iptables DNAT and redirect on interface in promiscuous mode > Date: Thu, 12 Jan 2012 10:14:15 +0100 > > > Hi, > I have a PC which is connected to a mirroring port with an interface in promiscuous mode.I would like to catch traffic on this interface, and redirect it to port 3128 (squid app). > The promiscuous mode by another app running on this interface (ntop) > But it seems the promiscuous mode prevent iptable from working. > is there any trick to make it works? > ps: sorry for my english. > > HerC. > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
