[mark985]

Hi,

I just installed DD-WRT v24-sp2 (03/25/13) std (SVN revision 21061) on my TP-WR841N.

I would like to mirror all traffic of a local IP to another IP in the local network using these iptables rules:

iptables -t mangle -A POSTROUTING -d 192.168.1.101 -j ROUTE --tee --gw 192.168.1.100
iptables -t mangle -A PREROUTING -s 192.168.1.101 -j ROUTE --tee --gw 192.168.1.100

However, the rules are not added to the 'mangle' table. The output of iptables -vnL shows no changes after I run the above commands.

Is this broken in the DD WRT build that I'm using or am I missing something else?

Thanks!

[Mile-Lile]

it is not supported by kernel...

[mark985]

[gauss256]

I had the same problem and solved it by installing OpenWrt instead of dd-wrt. The tee command works fine there and in general the TP-Link routers seem well supported.

[Str1der]

Is there a way around this to get it working?

[johnlwebb]

It looks like this guy has the answer.

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=287098&highlight=tee

The current dd-wrt builds have iptables v1.3.7 where tee is not supported. It looks like we need a new version of iptables. I understand v1.4.9 would be required.

I wonder if we could make a request for this. I'm not sure where to do it. There may be good reasons the devs have not already done this. I wish we could get it though.

EDIT/Update--

I was able to achieve my goals by using tcpdump to create a file which can be downloaded through sftp and analyzed using wireshark. It seems that this method works good enough for me. I previously was stuck on the idea that I needed to capture the packets with wireshark in realtime and therefore needed to "tee" the packets to the computer where wireshark runs. I no longer think that's necessary or even desirable as capturing the packets in realtime does not seem to provide any significant advantage when analyzing the traffic.