Iam trying to redirect port and verify the redirection is working using
Code:
iptables -t nat -D PREROUTING -i enp0s3 -p udp --dport 162 -j REDIRECT --to-port 10162
and then
Quote:
tcpdump -i enp0s3 udp port 10162
|
Sadly this is not capturing anything, at the same time, iam still receiving packets to port 162 seeing via tcpdump.
Also when i start using iptables redirect 162 -> 10162, i stop seeing snmptrapd messages in syslog informing me, that trap was received. After deleting the rule, the syslog is getting the info again.
What iam seeking, is evidence that port 10162 is receiving the redirected trap, which is input for my logstash and so i can investigate my bigger issue with ELK stack further. Basically iam in process of trying to follow the path step by step and see where my issue lies.
At least why snmptrapd stops saying trap is received in syslog (when redirected) and mabye the correct way how to set tcpdump to capture "inner" communication.