LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Duplicate TCP traffic on a port to another
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-24-2013, 06:32 AM   #1
sidsgr88
LQ Newbie
 
Registered: May 2013
Posts: 1

Rep: Reputation: Disabled
Unhappy Duplicate TCP traffic on a port to another

I have a program that connects using TCP to a server and communicates with it. I would now want to duplicate the packets sent by the server to me and redirect them to another port for processing. Thus I have a two-fold problem :

1.) Do port-mirroring on the client so that any traffic on the client port gets copied to another port say X.

I have tried iptables for the same. Since I want my application to continue communicating and port X to simply be a passive sniffer I resorted to the -j TEE to duplicate the packets. The problem here being that TEE only has a --gateway flag that only allows to route the duplicate packet to another host (Note I cannot route the duplicate to the localhost this way because I already have the original packet to the localhost at that port). -j REDIRECTwas also tried but it spoils the original TCP connection. So is it possible that I can duplicate packets to a port to another port on the same machine ?

2.) Read raw TCP packets from port X and process them.

Now on port X I would want to simply read the raw TCP packets in a C++ program (Not send SYN/ACK etc). I am using tcpdump until now. I have a vague knowledge that raw sockets might be useful for the same. So is it possible that I can read the traffic on port X and then process the TCP packets ?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can I "tee" traffic on a TCP port? bigearsbilly Linux - Networking 6 03-05-2012 03:31 AM
LXer: How TCP Offload Engines scale up the TCP traffic bandwidth by up to 8x on existing Ethernet Ne LXer Syndicated Linux News 0 02-16-2012 10:01 PM
Snort/Base reporting no traffic, Ntop not showing any TCP traffic. a2brute Linux - Security 1 08-10-2009 12:21 PM
Traffic shaping (limiting outgoing bandwidth of all TCP-traffic except FTP/HTTP) ffkodd Linux - Networking 3 10-25-2008 12:09 AM
unwanted network traffic on tcp port 135 debasish_5849 Linux - Security 4 04-20-2006 10:33 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:36 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration