cloning traffic with iptables

[dninja at gmail.com (Robin Wood)]

2008/12/30 Nick Baronian <nbaronian at gmail.com>:
> I am a pretty sure Daemonlogger is much more efficient and less buggy but
> there is a tee add-on available in the xtables add-on that will copy the
> traffic within iptables to another nic.  I have not used this version but I
> got decent results from the old patch-o-matic iptables add-on.
> http://jengelh.medozas.de/projects/xtables/
> -Nick

Both of those seem like they will do what I want, the only potential
problem is that this app has to run on a mips processor. Looks like
I'll have to brush up on my cross compiler skills.

If anyone has any processor independent way of doing this feel free to shout up.

Robin

> On Mon, Dec 29, 2008 at 8:17 PM, <byte.bucket at 4a44.com> wrote:
> > Have a look at Daemonlogger.  I believe it will do exactly what you want.
> > http://www.snort.org/users/roesch/Site/Daemonlogger/Daemonlogger.html
> >
> > --
> > byte_bucket
> >
> > > Hi
> > > Is there a way to use ip tables to copy all traffic on an interface to
> > > a second interface?
> > >
> > > The setup I have is I have a machine with two NICs, I want to copy all
> > > traffic to or from eth0 to eth1 so another machine connected to eth1
> > > can then use tcpdump to capture and monitor traffic.
> > >
> > > Robin
> > > _______________________________________________
> > > Pauldotcom mailing list
> > > Pauldotcom at mail.pauldotcom.com
> > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > Main Web Site: http://pauldotcom.com
> >
> >
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com