Join Log in
Score:0
user3132858 avatar Server

Iptables duplicate/Mirror incoming UDP traffic from HOST1 to an external HOST2

kh flag
user3132858

I need an advice about the following scenario:

  • IoT devices are sending UDP packets to a 18.04 Ubuntu server environment (HOST1) on port 1234.
  • HOST1 processes the UDP packets as per the internal configuration
  • I need to: Duplicate/mirror those incoming UDP packets from HOST1 to another external server (HOST2) after they are processed by HOST1

Is this possible to achieve using iptables?

  1. This command cannot be used because it's not duplicating the UDP packets as per this thread:

iptables -t nat -A PREROUTING -p udp --dport 1234 -j DNAT --to-destination IP_HOST_B:3333

  1. The TEE target cannot be used either because it's duplicating the packets locally (as per the same thread). I need to mirror the UDP packets to an external host.

Note: I don't need to duplicate any outgoing traffic, just the original UDP packets which are received by HOST1.

UPDATE: I don't care if the UDP packets are duplicated/mirrored before or after being processed by HOST1, as long as they are processed, not just forwaded.

Thank you!

52
1 + 0
udp
Score:0
librhnylmz avatar Server
cn flag
librhnylmz

I think your goal and the details of udp mirroring on below link are same. https://zapier.com/engineering/iptables-replication/

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.