hello i usually use iptables tee to do port mirroring
but with the firewall4 we no longer have the option to add the customs rules
how to perform port mirroring in fw4
the usual command is this
iptables -A POSTROUTING -t mangle -o br-lan! -s ipconsolegame -j TEE --gateway ippcmirror
iptables -A PREROUTING -t mangle -i br-lan! -d ipconsolegame -j TEE --gateway ippcmirror
thanks
jow
2
The nftables solution would be https://wiki.nftables.org/wiki-nftables/index.php/Duplicating_packets
A file like the following in /etc/nftables.d/01-dup.nft
should do the job:
chain post_dup {
type filter hook postrouting priority 250; policy accept;
oifname br-lan ip saddr != ipconsolegame counter dup to ippcmirror
}
chain pre_dup {
type filter hook prerouting priority 250; policy accept;
iifname br-lan ip daddr != ipconsolegame counter dup to ippcmirror
}
2 Likes
ok thanks i will test now and put on solution if has worked
hmmm error i have same lost connexion to internet
the error is here dup to ippcmirror
^^^^^^^^^^^^^^^^
ok i has just add this rules
and download packages of dlakelan suggere in build nftables kmod-nft-nat
and now seems good
this is the rules
nft add rule mangle prerouting dup to ipconsole ip saddr map { ippcmirror : }
but my console appair only on source not destination