I want to sniff UDP packages targeted at port 4500 flowing from machine A -> B with a physical TAP device and receive the sniffed packages on machine C on a local port (see image).
About the TAP Device: This is a physical device which is placed in between A and B. The traffic between A and B is not modified at all but the packages are also sent to the TAP output interface to machine C (packages received on C are still addressed to B because the TAP is not doing modifications)
My goal is to receive all data which are targeted at port 4500 on machine C in client programs like netcat.
The problem obviously is, that packages received at the NIC of C are not targeted for C and therefore the packages are dropped before coming anywhere close to the applications layers of the OSi model.
What I've already tried is using nftables to redirect packages, but somehow my netcat still doesn't get messages. Can someone help me out what I'm doing wrong or suggest what the best way is to solve this?
nft 'add chain nat udpredirect { type nat hook prerouting priority -101 ; policy accept ; }'
nft 'add rule ip nat PREROUTING udp dport 4500 redirect'
