From ImageStream Router Documentation

Jump to: navigation, search

ImageStream's current Netsweeper implementation supports using an external policy server, and the xtables jump target tee.

The following configuration assumes that your customer's traffic is coming in on the Ethernet1, and that your NetSweeper Policy Server uses the IP address

iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 80 -j TEE --gateway

This configuration should be used on any router that a customer is using to access the internet.

To check if the match is working use the following command:

iptables -t mangle -L -n -v

If the rule has been matched, there should also be an arp entry for

arp -n | grep
Personal tools
Router software releases