On Friday 14 December 2007, [EMAIL PROTECTED] wrote: > Mick <[EMAIL PROTECTED]> writes: > >> Would I likely be opening my lan up for some christmas shopping by > >> having a gentoo guest on a WinXP host running as a DMZ machine? > >> It would be pretty barebones with a IPTABLE setup for logging and > >> tagging or whatever I get interested in doing with the traffic. > >> > >> No X server or other frills. > > > > A rather simpler solution to do this would be to get hold of hub, connect > > it to the firewall and watch everything that passes through it. > > I do have an older hub, but not sure what you mean here. The hub has > no network address and of course is not switched so anything going > thru it can be filtered with tcpdump. But the router is switched. > Not sure how a hub would see the outfacing address. I'd be able to > see all the lan machines that were going thru it, but how about the > traffic that the firewall is rejecting? Thats what I'm after. > > Can you elaborate a little? > > Maybe you mean something different by `hub'.
I mean a hardware hub, not a switch and not a router. You need to place it in-line between your router/switch and your modem. Being on the WAN side of your NAT it will 'see' all the packets that go to/from the Internet (unfiltered). On the other side of the router you get the filtered traffic which when compared/contrasted with the WAN side will show you what the router and it's firewall are doing. I hope this is a bit clearer, otherwise please email me if you think this is getting off topic. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
