Hi you can use the route target on iptables.
I have writen post on my blog about mirroring traffic with iptables
If you can read french, you can go on this link. If not you use google translate :p
http://www.stealthisblog.fr/2008/06/05/mirroring-de-traffic-via-iptables-debian-etch/Regards.
2008/8/22 Volkan YAZICI
<yazicivo@ttmail.com>
Hi,
For debugging purposes I'd like to mirror/duplicate network traffic of a
server to a second sandbox server. Current network topology is
structured like below:
VPN Router (192.168.2.1)
|
Unmanaged Switch
||
|+-> PRODUCTION (192.168.2.23)
|
+--> LINUXSRV eth1: 192.168.2.200
eth2: 192.168.1.9 <--+
|
SANDBOX eth0: 192.168.1.70 <-+|
||
||
Switch (192.168.1.1)
In the planned structure, I'd like to
1. Change IP address of PRODUCTION from 2.23 to 2.230.
2. Change eth1 interface of LINUXSRV from 2.200 to 2.23.
3. Make LINUXSRV to mirror incoming eth1 (2.23) traffic to both 2.230
and 1.70. (Pay attention that SANDBOX is located in a different
subnet.)
How can I make such a configuration in the LINUXSRV?
Furthermore, if we'd forget the mirroring for a second, I even couldn't
manage to forward 2.200 traffic to 1.70 via DNAT/SNAT.
Any helps will be really really appreciated.
Regards.
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--
Cordialement
HAUTOT Vincent