On Sunday 2012-12-30 13:54, Aaron Lewis wrote: >Hi Jan, > >How should the debugging process began? > >In wireshark I see no traffic between the two hosts ... That would mean that there is a problem with the duplication, but which seems unlikely because UDP is transmitted. I do this iptables -A OUTPUT -o eth0 -j TEE --gateway 10.10.7.128 and the '128 machine gets all the packets, including TCP. I can verify that with both tcpdump on the emitter as well as the receiver side. >On Host A (That accept the duplicate, IP: 192.168.56.178): >iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT >--to-destination 192.168.56.178:80 Ugh-ly. Also pretty much pointless because, as you noticed, there is not a whole lot to do with half a TCP stream. >> >So I guess you can't mirror TCP traffics, since it's connection oriented, >> > am >> >I right? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
