[SOLVED] [PACKAGE] TEE - any plans to include?

Are there any plans to build the TEE packages for iptables on this router, I am trying to debug why one of my devices on the network is failing but I am unable to pipe the traffic to wireshark…

kmod-ipt-tee/iptables-mod-tee

The packages are available for the OpenWRT routers, I am getting a little tired of tcpdump then winscp to analyse data :slight_smile:

Any plans?

Does this help?

tcpdump -w - | nc WIN 1234

And remember to filter out the netcat (nc) traffic from tcpdump output.

1 Like

Thanks - Maybe,

I can get the windows machine to fire up wireshark in a capture but its not seeing any packets.
On the Win10 machine, 192.168.1.8:
nc -l 9999 | “C:\Program Files\Wireshark\Wireshark.exe” -k -S -i -

On the router I’ve got the following:
tcpdump -n -i br-lan -s 65535 -w - not port 9999 | nc 192.168.1.8 9999

I’ll take another look tomorrow when I am a bit more awake :slight_smile:

When you are running tcpdump on br-lan I don’t think you can see packets that are switched by the internal hardware switch. But if there are packets that are software bridged by Linux kernel or that are routed by Linux kernel then tcpdump should show them.

And if you have a firewall on Windows host check that it allows traffic in for port 9999.

Bingo - got it to work! I think it was syntax for the windows compiled version of netcat

On the wireshark PC:

nc64 -l -p 1234 | “C:\Program Files\Wireshark\Wireshark.exe” -k -S -i -

On the Turris:
tcpdump -n -i br-lan -vvv -w - not port 1234 | nc Win.PC.IP 1234

I initially disabled the Windows 10 firewall, then later added a rule for the port from my router

Wile I will still need to log on to the router and initiate the command, that will make the workflow I was using a little easier! :slight_smile: Thanks!