I have a proprietary system which transmit a udp video stream from unit #1 (192.168.1.1) to unit #2 (.1.2). I can't make changes to this system, and I'm trying to clone this udp stream so I can access it in a different program. This program will do stuff with the video and send it out again as a multicast stream.
I'm hoping to do this using a Linux machine (running Ubuntu Server 12.04 now) with three network cards. By connecting unit #1 and #2 to two of the network cards (eth0 and eth1) in the Linux machine and using bridge, I've got them communicating. My /etc/network/interfaces looks like:
# The loopback network interface
auto lo
iface lo inet loopback
# The external interface
auto eth3
iface eth3 inet static
address 192.168.10.2
netmask 255.255.255.0
# The bridge interface
auto br0
iface br0 inet manual
bridge_ports eth0 eth1
This works, and by using tcpdump I've confirmed that the udp packets are arriving from #1 and are heading towards #2 at port 6000.
The next step I hope will work is to use iptables to clone all udp packets comming from 192.168.1.1 going to port 6000 at #2. I'm not very familiar with iptables, but after reading on line and the manual I thought this would work:
iptables -A PREROUTING -t mangle -p udp -s 192.168.1.1/32 --dport 6000 -j TEE --gateway 192.168.10.2
The rule is applied successfully, but it doesn't work. If I use tcpdump to monitor eth3 I don't see the packets there.
I'd like to grab this stream, work on it and send it out as a multicast on the .10.2 interface.
What am I doing wrong? Is there something I've misunderstood?
Best Answer
The packets never reach eth3 as 192.168.10.2 is the machine itself. Also the duplicated packets still have the destincation ip-address 192.168.1.2. You need to TEE them to a machine in 192.168.10.0/24 for example 192.168.10.254 so that the duplicates actually get routed over eth3.
Then you also need to DNAT them to 192.168.10.254, so you can read the stream on 192.168.10.254 and send it out via multicasting.
Either on 192.168.10.254 itself:
Or still on 192.168.10.2 before the packets are leaving eth3: