Warning. This is a non-real simulation. If you do harm to other people by exploiting the following, you will be punished by law.
Refer the network structure to use here. That page contains the another way to simulate sniffing.
❑ Detail procedure
First, select "Sniff → Unified Sniffing" to select ethernet interface for sniffing.
Select "Hosts → Scan for hosts" to find hosts.
Select "Hosts → Hosts list". It makes that you can see hosts list within your network.
Put the system for attack to target 1 and the gateway to target 2. If you want to see selected targets, select "Targets → Current targets".
Select "Mitm → Arp poisoning → Sniff remote connections". This makes starting ARP spoofing attack. if you want to stop it, select "Mitm → Stop mitm attack(s)". The "Sniff remote connections" contains forwarding.
Select "Start → Start sniffing" This makes starting sniffing the target 1. If you want to stop it, select "Start → Stop sniffing".
I tested sniffing with ping and the wireshark. I checked that the all traffic can be seen in attacker's system because victim uses attacker's system as a gateway.
Refer the network structure to use here. That page contains the another way to simulate sniffing.
❑ Overview
1. Open ettercap with GUI mode.
2. Select "Sniff → Unified Sniffing".
3. Select "Hosts → Scan for hosts".
4. Select "Hosts → Hosts list".
5. Put the system for attack to target 1 and the gateway to target 2.
6. Select "Mitm → Arp poisoning → Sniff remote connections".
7. Select "Start → Start sniffing".
❑ Detail procedure
Select "Hosts → Scan for hosts" to find hosts.
Select "Hosts → Hosts list". It makes that you can see hosts list within your network.
Put the system for attack to target 1 and the gateway to target 2. If you want to see selected targets, select "Targets → Current targets".
Select "Mitm → Arp poisoning → Sniff remote connections". This makes starting ARP spoofing attack. if you want to stop it, select "Mitm → Stop mitm attack(s)". The "Sniff remote connections" contains forwarding.
Select "Start → Start sniffing" This makes starting sniffing the target 1. If you want to stop it, select "Start → Stop sniffing".
I tested sniffing with ping and the wireshark. I checked that the all traffic can be seen in attacker's system because victim uses attacker's system as a gateway.