Creating mirror port in kernel

In my hunt for a way of reading network data(when using a linux box as a router) i got the idea that it could be possible to create something similar to a mirror port(which exists on some switches) directly in the kernel of linux.

The idea is to tap into the kernel at the point where the packages are recevied and making a copy to a file/stream.

Anyone who knows if this is done or is possible?

EDIT:
Seems like Netfilter is the way to go forward with this.

Are you looking to capture the network traffic that is coming in on the interface?

If so then look at tcpdump it will write to a file the network stream so you can look at it in wireshark and other applications.