Am 16.10.2012 20:54, schrieb [email protected]: > > Wouldn't it be possible to REDIRect the traffic onto your firewall > machine to some other port just in order to record its contents? So you > don't really open up the port to the other machine again. > > > Not sure how to REDIRECT. If I have a second IP on my interface with IP > 192.168.11.1 would I: > REDIRECT $FW 192.168.11.1 tcp * - 97.107.134.150 > > ... and then listen on 192.168.11.1 with Wireshark? Would it actually see any > traffic? > > -- > http://www.fastmail.fm - Faster than the air-speed velocity of an > unladen european swallow >
I would try the following in your shorewall/rules -----8<--------- DNAT net loc:192.168.11.1:3333 tcp 3333 DNAT net loc:192.168.11.1:3333 udp 3333 ------8<--------- And then try tcpdump port 3333 -i <your_dsl_if> -vv -A
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
