Hello,
I want to use port mirroring feature on my router to feed a snort IDS server. I'm interessted in ALL traffic that goes between the Internet and my routers WAN port. How do I make this? Anyone has similar experience?
I tried with not working following iptables in Administration/ Commands/ Firewall
iptables -t mangle -A POSTROUTING -j ROUTE --gw 192.168.1.111 --tee
iptables -t mangle -A PREROUTING -j ROUTE --gw 192.168.1.111 --tee
I also executed 'insmod xt_ROUTE' and 'insmod ipt_ROUTE' in WebGUI command shell. No success either.
Router: TP-Link TL-WR1043ND
Firmware: DD-WRT v24-sp2
Kernel: Linux 3.5
This does not work because:
-you are using old iptables syntax for 2.6 kernel for 3.x kernel you have to use target TEE
-BrainSlayer builds don't include xt_TEE
-included iptables version does not know anything about the new target TEE
Thus at the moment it is not possible. In some of my dual arm builds I already include TEE and it is possible to install a new full featured iptables version through opkg
Thus on your unit it is currently not possible.