1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how to setup port-mirroring with IPTables?

Discussion in 'Tomato Firmware' started by caesargdi, Sep 18, 2010.

  1. caesargdi

    caesargdi Networkin' Nut Member

    I need to sniff all packets coming through the router. I think I can do it with iptables but I get this error

    Code:
    No chain/target/match by that name
    Here is the table I am trying to add


    Code:
    iptables -A PREROUTING -t mangle -j ROUTE --gw 192.168.1.254 --tee 
    
    iptables -A POSTROUTING -t mangle -j ROUTE --gw 192.168.1.254 --tee 

    I am running tomato 1.25
     
  2. rhester72

    rhester72 Network Guru Member

    The ROUTE target was not available in 1.25 (which is positively ancient, BTW). You'll need to upgrade to something more modern (1.27+).

    Rodney
     
  3. caesargdi

    caesargdi Networkin' Nut Member

    I upgraded to 1.28 but I still get the same error. How can I check or add the ROUTE target
     
  4. caesargdi

    caesargdi Networkin' Nut Member

    Here is a list of my tables

    Code:
    # iptables -L
    Chain INPUT (policy DROP)
    target     prot opt source               destination
    DROP       0    --  anywhere             anywhere            state INVALID
    ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB                                                                   LISHED
    ACCEPT     0    --  anywhere             anywhere
    ACCEPT     0    --  anywhere             anywhere
    ACCEPT     tcp  --  anywhere             10.10.12.1          tcp dpt:www
    ACCEPT     tcp  --  anywhere             10.10.12.1          tcp dpt:ssh
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    ACCEPT     0    --  anywhere             anywhere
    DROP       0    --  anywhere             anywhere            state INVALID
    TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/S                                                                   YN tcpmss match 1461:65535 TCPMSS set 1460
    ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB                                                                   LISHED
    wanin      0    --  anywhere             anywhere
    wanout     0    --  anywhere             anywhere
    ACCEPT     0    --  anywhere             anywhere
    upnp       0    --  anywhere             anywhere
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    
    Chain upnp (1 references)
    target     prot opt source               destination
    
    Chain wanin (1 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  anywhere             office              tcp dpt:3389
    ACCEPT     tcp  --  anywhere             office              tcp dpt:1709
    ACCEPT     tcp  --  anywhere             10.10.12.25         tcp dpt:www
    ACCEPT     tcp  --  anywhere             office              tcp dpt:6113
    ACCEPT     tcp  --  anywhere             10.10.12.25         tcp dpt:ssh
    ACCEPT     tcp  --  anywhere             Abit                tcp dpt:3389
    
    Chain wanout (1 references)
    target     prot opt source               destination
    # iptables -A PREROUTING -t mangle -j ROUTE --gw 10.10.12.12 --tee
    
    iptables: No chain/target/match by that name
     
  5. rhester72

    rhester72 Network Guru Member

    modprobe ipt_ROUTE

    Rodney
     
  6. caesargdi

    caesargdi Networkin' Nut Member

    sorry guys I am really new to this. That command worked but I do not see the new rules when I run iptables -L. should I use another command. I have searched but somehow I must be missing it. also I assume that this command will remove the rule?

    Code:
    iptables -D PREROUTING -t mangle -j ROUTE --gw 10.10.12.12 --tee
    correct?

    Thanks again for you help.
     
  7. teddy_bear

    teddy_bear Network Guru Member

    iptables -t mangle -L
     
  8. caesargdi

    caesargdi Networkin' Nut Member

    thanks again guys that did.
     

Share This Page