Hi,
yes i like to do the NTOPNG inline policing. And don't know where to insert the bridge because LAN is NATed to WAN.
Vlans can come later. In my first Testcase I can simulate it without vlans because eth0 has no vlan. Would be nice to hear from someone who managed it on one machine. I like
Thomas,
Sorry i miss understood your question. I thought you wanted to do policing
with linux, and just use NTOP as usual.
Reading better, i see you meant to use NTOPNG inline policing right? If so,
I will let our good friends from NTOP chime in, as this involves bridging
with PFRING in userspace..
Hi Marco,
thank you for the answer.
Let's try to make an easy testcase. How about this:
eth0 wan (external ip)
eth1 lan (192.168.x.x)
lan gets NATed to wan. So i cannot build a bridge between eth0 and eth1.
So where to attach the bridge?
Maybe:
eth0 remove external ip
create b
Hi Thomas,
To the best of my knowledge, packets still have to pass on eth0, so attach
it there.
I don't use NTOP with a setup like yours, but you might have to account for
the VLAN tagging in NTOP config... maybe.
=Marco
2017-05-30 8:45 GMT+01:00 :
> Dear community,
>
> I have a NAT gateway with
Dear community,
I have a NAT gateway with iptables that is acting as main gateway for all workstations.
Ntopng is working fine, but now i like to use inline traffic policing. Therefore I need a bridge.
Currently i have a eth0(WAN untagged), eth1.1 (workstations), eth1.2 (phones), eth1.3 (s
