On Sun, 17 Aug 2003, Howard Lowndes wrote: > I need to configure a Linux box as a transparent data sniffer between an > Internet connection router and the subnet hub/switch to which it is > connected (see ASCII art below) > > Before: > > } +-------------+ > } +--------+ | |------- > I'net }--| router |---------------------| switch/hub |------- subnet > } +--------+ | |------- > } +-------------+ > A B > > After: > > } +-------------+ > } +--------+ +---------+ | |------- > I'net }--| router |-----| sniffer |-----| switch/hub |------- subnet > } +--------+ +----|----+ | |------- > } | +-------------+ > A C | D B > E
Use bridging on interfaces C & D - don't give them IP addresses, just let them act as transparent devices - put an isolated IP address on interface E for management/data dumps. Take your sniffs from the raw device files on interface C & D rather than the IP addresses. There are bridging utilities for Linux which should do it. DaZZa -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
