[Shorewall-users] Not really 100% Shorewall but sanity check needed

Holger Brückner lists at net-labs.de
Tue Dec 9 10:05:20 PST 2003


On Tue, 2003-12-09 at 11:14, phil wrote:
> 
> Tom, et al
> 
> I have been asked wether it is possible to use iptables to forward a packet to
> two destination addresses.  The packets are SNMP packets so ACK is not needed
> (IIRC) If I am wrong, then I could always block the packets returning from box
> C so only ACK comes from box B, see below.  This is only for a testing system
> (we need to see if the packets are coming from the customer in the right order
> or if our software is messing things up!)
> 
> BOX A (SNMP sender) ------------|Firewall|------->Box B (running NetCool Omnibus)
>                                           \_______>Box C (Temp box for check
> order of packets)

i don't know if iptables could do it, but normaly you would use a
switch/router with monitoring port.

A -- FW -- SW -- B
            \----C



More information about the Shorewall-users mailing list