Hi guys. I want capture LAN<>Gateway traffic using iptables and netfilter-queue. But the iptable rules I tried is not working as what I expected. I want to capture traffic in gray box in picture.

If I can capture traffic in gray box I could see some thilg like these.

1. DNS request from hosts in router before masquerading.
2. DNS reponse from DNS server after masquerading.
3. TCP traffic from hosts in router before masquerading.
4. TCP traffic from hosts in router after masquerading.

I've tried rules below some rules for testing.

iptables -I INPUT -j NFQUEUE
iptables -I OUTPUT -j NFQUEUE
iptables -t nat -I PREROUTING -j NFQUEUE
iptables -t nat -I POSTROUTING -j NFQUEUE
iptables -t nat -I INPUT -j NFQUEUE
iptables -t nat -I OUTPUT -j NFQUEUE

I was not available to capture LAN<>GATEWAY traffic using rules above. I think netfilter-queue is fine because I could capture traffic of ROUTER<>WAN using rules above. I don't think I can capture LAN<>GATEWAY traffic using filter table but I'm wondering why rules in nat table is not working. How can I capture traffic of LAN<>GATEWAY?

• https://openwrt.org/packages/pkgdata/kmod-ipt-nfqueue
• https://openwrt.org/packages/pkgdata/iptables-mod-nfqueue

Yup. I installed all requirements for using iptables and netfilter queue already. Including kmod what u linked. But now I'm wondering what rule do I have to use to redirect LAN<>GATEWAY traffic to NFQUEUE. Thanks though @vgatera.

All requirements is meaning I don't have any issue using netfilter-queue. But, I'm nub in OpenWrt & Linux I don't know how I can make LAN<>GATEWAY traffic redirected to NFQUEUE. I was successful to get traffic of ROUTER<>WAN to NFQUEUE. ROUTER is not hosts in LAN just router itself.

Thanks for helping me out @vgaetera I really appreciate it. I tried given rules I think is working well for incoming connections. But I'm wondering if is working with outgoing connection too. I'll try some things to lookup traffic. Hope I can give you feedback soon.