Hi Jan, How should the debugging process began? In wireshark I see no traffic between the two hosts ... On Host A (That accept the duplicate, IP: 192.168.56.178): iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.56.178:80 On Host B (The duplicate & forward the connection, IP 192.168.56.39): iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 80 -j TEE --gateway 192.168.56.178 And I start nc on both machine, nc -l 80 Then finally on my machine, I connect to Host B and type come text, it works on Host B, but no traffic between A & B (vboxnet0 interface), and direct connection from Host B to Host A works On Sun, Dec 30, 2012 at 8:19 PM, Jan Engelhardt <jengelh@xxxxxxx> wrote: > > On Sunday 2012-12-30 13:13, Aaron Lewis wrote: > > >Hi Jan > >I tried to duplicate UDP packets and that works! > > > >So I guess you can't mirror TCP traffics, since it's connection oriented, > > am > >I right? > > Mirroring does not discriminate against protocol. People successfully > use it for logging, and I am sure they have TCP as well. -- Best Regards, Aaron Lewis - PGP: 0xDFE6C29E ( http://keyserver.veridis.com ) Finger Print: 9482 448F C7C3 896C 1DFE 7DD3 2492 A7D0 DFE6 C29E -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
