So, I imagined that the following command could help: arptables -t filter -A INPUT --h-length 6 --destination-mac aa:aa:aa:aa:aa:aa -i eth0 -j mangle --mangle-mac-d bb:bb:bb:bb:bb:bb It seems to be the same as iptables, as the first destination is not the one of the monitoring machine, the packet is not processed HHHelp!! HerC. ---------------------------------------- > From: hercule18@xxxxxxxxxxx > To: netfilter@xxxxxxxxxxxxxxx > Subject: RE: Iptables DNAT and redirect on interface in promiscuous mode > Date: Wed, 25 Jan 2012 16:39:34 +0100 > > > Hi, > I'm back on this thing, so I found that's not ntop that prevent iptables from working but thefact that the packets are not destinated to the mac address of the PC running iptables. > I did mac spoofing on the monitoring machine and it seems to work, but it did also a nice mess.So is there another way to manage the traffic that is not directly destinated to the PC running iptables? > Cheers > HerC. > > ---------------------------------------- > > From: hercule18@xxxxxxxxxxx > > To: netfilter@xxxxxxxxxxxxxxx > > Subject: Iptables DNAT and redirect on interface in promiscuous mode > > Date: Thu, 12 Jan 2012 10:14:15 +0100 > > > > > > Hi, > > I have a PC which is connected to a mirroring port with an interface in promiscuous mode.I would like to catch traffic on this interface, and redirect it to port 3128 (squid app). > > The promiscuous mode by another app running on this interface (ntop) > > But it seems the promiscuous mode prevent iptable from working. > > is there any trick to make it works? > > ps: sorry for my english. > > > > HerC. > > > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
