mangle – Dan Vasile https://pentest.ro InfoSec Adventures Thu, 10 Dec 2020 11:11:22 +0000 en-US hourly 1 https://wordpress.org/?v=6.2.2 Traffic mirroring in Linux https://pentest.ro/2013/07/31/traffic-mirroring-in-linux/ Wed, 31 Jul 2013 13:59:14 +0000 http://www.pentest.ro/?p=327 Continue reading Traffic mirroring in Linux]]> It comes in hand when analyzing traffic to forward a copy of the traffic to a specific IP where a machine is listening and running Wireshark & stuff. It’s very useful for routers that don’t have the capabilities to run network analysis tools (like DD-WRT).

Just run the following commands replacing the xxx.xxx.xxx.xxx field with the IP of your listening machine:

# iptables -t mangle -A POSTROUTING -d 0.0.0.0/0 -j ROUTE --tee --gw xxx.xxx.xxx.xxx
# iptables -t mangle -A PREROUTING -s 0.0.0.0/0 -j ROUTE --tee --gw xxx.xxx.xxx.xxx
]]>