Skip to content

Instantly share code, notes, and snippets.

@wen-long

wen-long/traffic mirroring(Openwrt).md

Created June 28, 2014 17:21
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save wen-long/f67b3ab445e0335adf58 to your computer and use it in GitHub Desktop.
Save wen-long/f67b3ab445e0335adf58 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
traffic mirroring(Openwrt).md

1.用iptables的TEE模块

iptables -t mangle -A PREROUTING -s 192.168.8.0/24 -j TEE --gateway 192.168.8.161
iptables -t mangle -A POSTROUTING -d 192.168.8.0/24 -j TEE --gateway 192.168.8.161
iptables -t mangle -A PREROUTING  -j TEE --gateway 192.168.8.161

涉及自己的包会重复,可在规则中指定

iptables -t mangle -A PREROUTING  ! -s 192.168.8.161 -j TEE --gateway 192.168.8.161

2.用port mirroring

https://code.google.com/p/port-mirroring/

nano /etc/config/port-mirroring

config 'port-mirroring'
       option "target" '192.168.8.161'
       option 'source_ports' 'eth0'
       option filter 'ether host ! xx-xx-xx-xx-xx-xx'
       option 'protocol' 'TZSP'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment