You are not logged in.

#1 2009-01-03 22:50:21

dninja
Member
From: Sheffield, UK
Registered: 2006-04-29
Posts: 374
Website

forwarding all traffic to a new IP

I've got a machine with two NICs in it which is currently acting as a transparent firewall (i.e. just bridge the two NICs and watch traffic). I've added a third NIC and want to send a copy of all traffic that goes through the bridge out through the new NIC to a separate box so I can run an IDS or packet logger on it. How can I do it?

I've tried fighting with various iptables rules but not gotten anywhere.

I've got the daemonlogger script (http://www.snort.org/users/roesch/Site/ … ogger.html) which copies all the traffic on the bridge to the new NIC but I'm stuck with actually sending it out from there.

Offline

Board footer

Powered by FluxBB