Am 21.09.2010 18:18, schrieb Aaron Turner:
> On Tue, Sep 21, 2010 at 9:57 AM, Oliver Eales<[email protected]> wrote:
>> Hello,
>>
>> i want to bridge all traffic from one interface on machine A to a second
>> and send it to another machine B (an IDS like machine) For that i
>> rewrite the destinaton MAC to the nic of the IDS machine B
>> ./tcpbridge -u --intf1=eth0 --intf2=eth1 --enet-dmac=00:50:56:9c:60:26
>>
>> Basically it is working, the IDS machine gets the traffic, but tcpbridge
>> bridges only the incoming traffic of the eth0 interface on machine A
>> Outgoing packets of eth0 on machine A are completly ignored by the bridge.
>>
>> Am i misunderstanding the concept of the bridge or missing an option ?
> tcpbridge is a "bridge". It doesn't process packets generated by the
> host. So yeah, it's working as intended.
Hello Aaron,
thanks. Then i think i missunderstood the bride concept. I think i am
looking for something like a "tcpclone" or "tcpcopy"
I took a short look into the code and in src/bridge.c:407 there is the
following block:
/* first, is this a packet sent locally? If so, ignore it */
if ((memcmp(livedata->options->intf1_mac, &finder.key,
ETHER_ADDR_LEN)) == 0) {
dbgx(1, "Packet matches the MAC of %s, skipping.",
livedata->options->intf1);
return (1);
}
else if ((memcmp(livedata->options->intf2_mac, &finder.key,
ETHER_ADDR_LEN)) == 0) {
dbgx(1, "Packet matches the MAC of %s, skipping.",
livedata->options->intf2);
return (1);
}
I just commented this out and now i looks like i get the outgoiung
packets also. Is it enough to just remove this block to get the intended
behavoiur ?
Regards,
Oliver
------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Tcpreplay-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tcpreplay-users
Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
