LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   IPtables PortMirroring Centos 6.4 (https://www.linuxquestions.org/questions/linux-networking-3/iptables-portmirroring-centos-6-4-a-4175470380/)

gdizzle 07-21-2013 07:41 AM

IPtables PortMirroring Centos 6.4
 
Hi All,
I wish to setup Port-Mirroring on a Centos 6.4 router using iptables was was going to use the commands:

Code:

iptables -I PREROUTING 1 -t mangle -j ROUTE --gw 192.168.122.62 --tee
iptables -I POSTROUTING 1 -t mangle -j ROUTE --gw 192.168.122.62 --tee

Until I found out the module wasn't included in the Iptables:

Code:

iptables v1.4.7: unknown option `--gw'
To include this module would I have recompile netfilter aka download and install and build a new Kernel?

Is it possible to use iproute2 tools to SPAN/Port-Mirror?

Thanks

zhjim 07-22-2013 02:24 AM

Don't know if recompile is in need but sure a read of the man page. spell out --gw and you should be set. As for the manpage its --gateway. Also not sure if your jumps are correct. TEE is a target option for -j

gdizzle 07-22-2013 05:58 PM

Here is my refrence: http://blog.goddchen.de/2009/03/port...with-iptables/

Looks like ROUTE is not avaliable, looks like it's missing the modules ....

Code:

iptables -I PREROUTING 1 -t mangle -j ROUTE
iptables v1.4.7: Couldn't load target `ROUTE':/lib64/xtables-1.4.7/libipt_ROUTE.so: cannot open shared object file: No such file or directory


zhjim 07-23-2013 01:43 AM

checking the man pages of various version of iptables I did not found a module called ROUTE once . And as in the comments most people are having trouble with these two lines I doubt they are correct anymore. Check the man pages and search for the TEE target. Something like

Code:

iptables -t mangle -I PREROUTING -j TEE --gatewya 192.162.122.62
should do the trick. iptables version 1.4.14.


All times are GMT -5. The time now is 06:01 AM.