On 10/16/2012 12:02 PM, Florian Piekert wrote: > Am 16.10.2012 20:54, schrieb [email protected]: >> >> Wouldn't it be possible to REDIRect the traffic onto your firewall >> machine to some other port just in order to record its contents? So you >> don't really open up the port to the other machine again. >> >> >> Not sure how to REDIRECT. If I have a second IP on my interface with IP >> 192.168.11.1 would I: >> REDIRECT $FW 192.168.11.1 tcp * - 97.107.134.150 >> >> ... and then listen on 192.168.11.1 with Wireshark? Would it actually see >> any traffic? >> >> -- >> http://www.fastmail.fm - Faster than the air-speed velocity of an >> unladen european swallow >> > > I would try the following > > in your shorewall/rules > > -----8<--------- > > DNAT net loc:192.168.11.1:3333 tcp 3333 > DNAT net loc:192.168.11.1:3333 udp 3333
The OP is seeing *outgoing* packets, not incoming. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
