I'm looking for a way to replicate UDP traffic received by one host to another host in a different subnet.
The TEE target in iptables only works with gateways in the same subnet, i.e.:
On the receiving box, 10.88.0.200
iptables -t mangle -A PREROUTING -p udp -d 10.88.0.200 --dport 8125 -j TEE --gateway 10.88.50.119
Does not result in packets arriving at 10.88.50.119 due to the subnet difference.
What I would like to do is something like:
iptables -t nat -A PREROUTING -p udp -s 10.88.0.200 --dport 8125 -j DNAT --to 10.88.50.119:8125
However that doesn't appear to have the desired effect, in fact I haven't yet found a way to further modify the packets created by TEE at all.
Is this possible? Do the duplicate packets created by TEE pass through the rest of the iptables chains or do they just fly directly to the interface?
Best Answer
The question is completely vague in context, are you confident this isn't the XY Problem?
Unless you really are in need of an application proxy, maybe samplicator is your ticket?