Skip to main content

Posts

Showing posts from June, 2017

IPTables Magic

Blog Post after a long long time. Will be trying to write most of the crazy stuffs done in the past 1.5 years at the sad server This post is going to cover a bunch of hacks done with iptables to improve / make the most out of linux systems' network performance IPTables Tee We are building a packet analysis team which does deep inspection of packets and determine anomalies in the system and determine the slowest performing component in the pipeline. Now sending the raw packets to centralized packet analysis system without affecting the performance of the production system is one of our requirements. We decided to use the iptables tee feature which takes a copy of the packet matching the rule and pass it on to the requested gateway in the same network by just changing the mac address on the cloned packet. The original packet follows the normal process So lets create a similar setup, my laptop is going to forward a copy of http traffic to raspberry pi in the same network. Make