Packet Duplication

[Dinglestains]

I have the latest version (v384.5) of the Merlin firmware running on a ASUS RT-AC5300 router. I want to setup some type of "port mirroring" or iptables rules that copy packets from one device on my network and send them to another. I've tried the two rules below, but it seems those rules are missing some packets or changing something in the packets. Anyone have a suggestion?

iptables -t mangle -I PREROUTING -s 192.168.128.40 -j ROUTE --gw 192.168.128.108 --tee
iptables -t mangle -I POSTROUTING -d 192.168.128.40 -j ROUTE --gw 192.168.128.108 --tee

Thanks in advance.

 

[ColinTaylor]

This is not possible because the traffic never leaves the switch, it is not routed. Therefore the router never "sees" the packets.

I suppose it might be possible (by messing about with ebtables) if the source and destination are on different interfaces, i.e. LAN port #1 and 2.4GHz WiFi, or LAN port#3 and 5GHz WiFi.