You are not logged in.
I've got a machine with two NICs in it which is currently acting as a transparent firewall (i.e. just bridge the two NICs and watch traffic). I've added a third NIC and want to send a copy of all traffic that goes through the bridge out through the new NIC to a separate box so I can run an IDS or packet logger on it. How can I do it?
I've tried fighting with various iptables rules but not gotten anywhere.
I've got the daemonlogger script (http://www.snort.org/users/roesch/Site/ … ogger.html) which copies all the traffic on the bridge to the new NIC but I'm stuck with actually sending it out from there.
Offline