Port Mirroring using iptables - copy all traffic among nginx on :80 and Apache on :8080

ubuntu iptables apache-httpd nginx port-forwarding
5,280

I am struggling to see how this could work in practice. The usual use of port mirroring is to monitor the packets going via a particular interface without actively taking part in the network protocol.

Passing the TCP packets to applications on port 80 and 8080 requires the there are two target TCP endpoints talking back to a single source TCP endpoint. This can only end in failure. Even if you could arrange that the SYN, ACK and other values were synchronised between tcp stacks on both 80 and 8080 then the applications will still produce output and hence the requestor would get double data back.

If you do want to use port mirroring then you need to use an application that does low level packet analysis. Alternatively you likely need to do some form of web access.log analysis to analyse your traffic being served by nginx.

Share:
5,280

Related videos on Youtube

Rishabh
Author by

Rishabh

Updated on September 18, 2022

Comments

  • Rishabh
    Rishabh over 1 year

    I have nginx running on port 80 and Apache running on port 8080

    I want to transfer all the traffic to both nginx and Apache asynchronously I.e the performance of one server won't be dependent on the others. The reason being nginx will serve my website and Apache will be used to run analytics on the traffic.

    I tried the solution mentioned in the question below

    iptables port-mirroring

    sudo iptables -A PREROUTING -t mangle -p tcp ! -s 127.0.0.1/32 --dport 80 -j TEE --gateway 127.0.0.1

    and 

    sudo iptables -A POSTROUTING -t nat -p tcp -s 127.0.0.1/32 --dport 8080 -j SNAT --to 127.0.0.1:8080

    The solution mentions using DNAT with POSTROUTING on NAT table but it is not allowed to do that. DNAT is only allowed on PREROUTING/OUTPUT.

    I am using iptables v1.4.10 on ubuntu 11.04

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I open Port 80 with Netgear wireless router wnr2000v3
apache listening on 80, but not on any other port
iptables port forwarding (prerouting port 80) and firewall not working together
Apache server not listening on IPv4 but listening on IPv6
What are the correct permissions for my site that is now served by NginX?
Pm2 process stops running
"upstream prematurely closed connection while reading response header from upstream" with nginx, PostgreSQL and Mono on Ubuntu MVC4 app
PHP-FPM + Laravel + Nginx + Ubuntu permission
configure /etc/nginx/nginx.conf to redirect to separate host
Nginx Restrict Access to File