Date: Tue, 12 Feb 2002 19:27:27 -0500 (EST) From: Lowell Gilbert <lowell@TheWorld.com> To: twigles@yahoo.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: quasi-newbie question #1 answered Message-ID: <200202130027.TAA281667@shell.TheWorld.com> In-Reply-To: <20020212235235.46977.qmail@web10105.mail.yahoo.com> (message from twig les on Tue, 12 Feb 2002 15:52:35 -0800 (PST)) References: <20020212235235.46977.qmail@web10105.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Date: Tue, 12 Feb 2002 15:52:35 -0800 (PST) From: twig les <twigles@yahoo.com> Actually you solved the mystery but I'm still stuck. At home I'm running a Cisco 2924 with both cards in the same vlan and I forgot about that pesky TCP/IP thingy. I'll tinker with isolating the monitoring port (the one with rl1) in say...vlan 100 and have it monitor vlan 1 (everything else). The snorting interface really should not be able to communicate with anything anyway. You shouldn't need to configure *any* IP addresses on that interface, should you? Unfortunately my production server is under my direct and complete control in every sense of the word. I can't simply start vlanning things on a core switch in a datacenter just cause it suits me. So now I need to figure out if I can simply kill that stupid message. Is there anything I can do/read/config in kernel to make this thing stop? Sure. You've got the source. There's probably some sort of knob for it without even changing the source, but it's the kind of ugly hack that's better off not being advertised even if it exists... Good luck. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202130027.TAA281667>