1. a host
+-----------------------------------------+
|eth0 eth1 |
|128.224.162.180 up |
+-----------------------------------------+
2.
modprobe xt_TEE
iptables -t mangle -I PREROUTING -j TEE --gateway 10.0.0.8
iptables -t mangle -I INPUT -j TEE --gateway 10.0.0.8
iptables -t mangle -I FORWARD -j TEE --gateway 192.168.1.60 -o eth1
iptables -t mangle -I OUTPUT -j TEE --gateway 192.168.1.60 -o eth1
run "ping 128.224.162.1"
run "tcpdump -ni eth1 icmp"
We will find the following messages:
...
15:25:01.016549 IP 128.224.162.1 > 128.224.162.180: ICMP echo reply, id 13292, seq 227, length 64
15:25:02.016158 IP 128.224.162.180 > 128.224.162.1: ICMP echo request, id 13292, seq 228, length 64
15:25:02.016546 IP 128.224.162.1 > 128.224.162.180: ICMP echo reply, id 13292, seq 228, length 64
15:25:03.016160 IP 128.224.162.180 > 128.224.162.1: ICMP echo request, id 13292, seq 229, length 64
15:25:03.016588 IP 128.224.162.1 > 128.224.162.180: ICMP echo reply, id 13292, seq 229, length 64
15:25:04.016151 IP 128.224.162.180 > 128.224.162.1: ICMP echo request, id 13292, seq 230, length 64
...
That means xt_TEE clones the packets and sends them to eth1.