Probably. Honestly, I couldn't really say since I don't have the source code handy since I'm currently on vacation in Europe. Best advice I can give right now is try it and see if it works for you.
Regards, Aaron On Wed, Sep 22, 2010 at 12:08 PM, Oliver Eales <[email protected]> wrote: > Am 21.09.2010 18:18, schrieb Aaron Turner: >> On Tue, Sep 21, 2010 at 9:57 AM, Oliver Eales<[email protected]> wrote: >>> Hello, >>> >>> i want to bridge all traffic from one interface on machine A to a second >>> and send it to another machine B (an IDS like machine) For that i >>> rewrite the destinaton MAC to the nic of the IDS machine B >>> ./tcpbridge -u --intf1=eth0 --intf2=eth1 --enet-dmac=00:50:56:9c:60:26 >>> >>> Basically it is working, the IDS machine gets the traffic, but tcpbridge >>> bridges only the incoming traffic of the eth0 interface on machine A >>> Outgoing packets of eth0 on machine A are completly ignored by the bridge. >>> >>> Am i misunderstanding the concept of the bridge or missing an option ? >> tcpbridge is a "bridge". It doesn't process packets generated by the >> host. So yeah, it's working as intended. > > Hello Aaron, > thanks. Then i think i missunderstood the bride concept. I think i am > looking for something like a "tcpclone" or "tcpcopy" > I took a short look into the code and in src/bridge.c:407 there is the > following block: > > /* first, is this a packet sent locally? If so, ignore it */ > if ((memcmp(livedata->options->intf1_mac, &finder.key, > ETHER_ADDR_LEN)) == 0) { > dbgx(1, "Packet matches the MAC of %s, skipping.", > livedata->options->intf1); > return (1); > } > else if ((memcmp(livedata->options->intf2_mac, &finder.key, > ETHER_ADDR_LEN)) == 0) { > dbgx(1, "Packet matches the MAC of %s, skipping.", > livedata->options->intf2); > return (1); > } > > I just commented this out and now i looks like i get the outgoiung > packets also. Is it enough to just remove this block to get the intended > behavoiur ? > > Regards, > Oliver > > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > Tcpreplay-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/tcpreplay-users > Support Information: http://tcpreplay.synfin.net/trac/wiki/Support > -- Aaron Turner http://synfin.net/ Twitter: @synfinatic http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin "carpe diem quam minimum credula postero" ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Tcpreplay-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/tcpreplay-users Support Information: http://tcpreplay.synfin.net/trac/wiki/Support
