TEE
The TEE target will clone a packet and redirect this clone to another machine on the local network segment. In other words, the nexthop must be the target, or you will have to configure the nexthop to forward it further if so desired.
--gateway ipaddr
Send the cloned packet to the host reachable at the given IP address. Use of 0.0.0.0 (for IPv4 packets) or :: (IPv6) is invalid.
To forward all incoming traffic on eth0 to an Network Layer logging box:
-t mangle -A PREROUTING -i eth0 -j TEE --gateway 2001:db8::1
which means I think your command is set up wrong. I would do more like the example.
but say you are to clone all incoming and outgoing traffic for a pc 192.168.1.15 on your router (say, 192.168.1.1). and redirect to a spying pc 192.168.1.100, use:
Code:
iptables -t mangle -A PREROUTING -d 192.168.1.15 -j TEE --gateway 192.168.1.100
iptables -t mangle -A PREROUTING -s 192.168.1.15 -j TEE --gateway 192.168.1.100
Anyone that has a good write up on getting TEE to work with DD-WRT?
From my understanding there are multiple missing pieces that prevent this:
- iptables is outdated and does not support mirroring
- kernel module for TEE is not built into DD-WRT
The above leads me to believe that even just updating iptables isn't going to work....
Anyone that has done mirroring with a recent version of DD-WRT want to chime in on how he did it? Unfortunately my router (DIR-880L) is not supported by any other open router software
Joined: 16 Nov 2015 Posts: 4113 Location: UK, London, just across the river..
Posted: Fri Mar 02, 2018 21:28 Post subject:
- iptables is outdated and does not support mirroring
- kernel module for TEE is not built into DD-WRT
correct
hmm i dont know i ve seen somewhere around someone made
success installing last version of iptables...via
entware....
sadly entware version of iptables have to be manually updated first... _________________ Atheros
TP-Link WR740Nv1 -----DD-WRT 44538 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 45229 BS AP,NAT,AP Isolation,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 45493 BS AP,NAT,AD Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 45563 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 45563 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913