Hello, I am trying to make layer 7 userspace filter to see the traffic in a pcap file. To do so I need to create an iptables rule that will direct the traffic to QUEUE which layer 7 listens to. My problem is that iptables seem to be empty when I replay the traffic with tcpreplay. I am using 2 computers , one is sending the data and the other is receiving it using mirroring. The traffic can be seen on the receiving computer with tcpdump, but iptables is still empty. Could someone tell me how to fix this? I am not sure if the problem is with tcpreplay or iptables or something else.
Regards, Andrey ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Tcpreplay-users mailing list Tcpreplay-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
