Iptables duplicate/Mirror incoming UDP traffic from HOST1 to an external HOST2

Question

I need an advice about the following scenario:

IoT devices are sending UDP packets to a 18.04 Ubuntu server environment (HOST1) on port 1234.
HOST1 processes the UDP packets as per the internal configuration
I need to: Duplicate/mirror those incoming UDP packets from HOST1 to another external server (HOST2) after they are processed by HOST1

Is this possible to achieve using iptables?

This command cannot be used because it's not duplicating the UDP packets as per this thread:

iptables -t nat -A PREROUTING -p udp --dport 1234 -j DNAT --to-destination IP_HOST_B:3333

The TEE target cannot be used either because it's duplicating the packets locally (as per the same thread). I need to mirror the UDP packets to an external host.

Note: I don't need to duplicate any outgoing traffic, just the original UDP packets which are received by HOST1.

UPDATE: I don't care if the UDP packets are duplicated/mirrored before or after being processed by HOST1, as long as they are processed, not just forwaded.

Thank you!

score 0 · Answer 1 · answered Aug 13 '23 at 21:19

0

I think your goal and the details of udp mirroring on below link are same. https://zapier.com/engineering/iptables-replication/

answered Aug 13 '23 at 21:19

librhnylmz

91
3

Iptables duplicate/Mirror incoming UDP traffic from HOST1 to an external HOST2

1 Answers1