Hi Gurus,
Sorry to disturb you for netfilter usage question, but I couldn't repied by
the user mailing list. I'm forwarding that mail here.
Thanks for your time and support.
-----Original Message-----
From: Sumit Pandya [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 26, 2002 3:47 PM
To: [EMAIL PROTECTED]
Hi All,
Its really surprised to me, I guess I'm not properly understood MIRROR
target. My ruleset at one Linux-box (192.168.1.1)
/usr/local/sbin/iptables -t filter -A FORWARD -s 192.168.1.10 -j MIRROR
Now I expect, if I do ping from 192.168.1.10 to www.yahoo.com, that packet
must be sent back to 192.168.1.10. But my tcpdump(at 192.168.1.10) shows
only one packet in the output of
tcpdump -n -i eth0 'ip proto \icmp'
21:11:57.329642 eth0 > 192.168.1.10 > Yahoo_IP: icmp: echo request
Apart from that MIRROR, I have only one rule of each SNAT and DNAT, and
everywhere default policy is ACCEPT. Then after that MIRROR rule, why I
cannot see 2 ICMP packets in tcpdump at sender Linux-box? I get pong when i
remove that MIRROR rule.
Thankx for taking time to write in.
-- Sumit
