Date: Tue, 16 Dec 2003 11:06:45 +0200 From: Vlad Galu <dudu@diaspar.rdsnet.ro> To: freebsd-security@freebsd.org Subject: Re: interface bonding Message-ID: <20031216110645.2752f5c8.dudu@diaspar.rdsnet.ro> In-Reply-To: <20031216052747.GA39053@mail.unixjunkie.com> References: <20031216052747.GA39053@mail.unixjunkie.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Signature=_Tue__16_Dec_2003_11_06_46_+0200_5ewaNAiksEcjKl5e Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 7bit John <strgout@unixjunkie.com> writes: |----- Forwarded message from John <strgout@mail.unixjunkie.com> ----- | |Date: Mon, 15 Dec 2003 17:58:15 -0600 |From: John <strgout@mail.unixjunkie.com> |To: freebsd-stable@freebsd.org |Subject: interface bonding |User-Agent: Mutt/1.4i | |Is there any way to bond sniffer interfaces? |I've read a little on netgraph and it seems |like i maybe able to use that but i'm not sure |how to go about that. | |Basicly the end result is to have snort listen on |a virtual interface, which will have data sent to |it from say fxp0 and fxp1. I also want to make sure that |data from fxp0, fxp1 or $VIRTUAL doesn't get sent out |fxp1 or fxp0 for some reason. | |----- End forwarded message ----- | |I'm sure i checked this before, but a google search turned up this. | |ngctl mkpeer fec dummy fec |ngctl msg fec0: add_iface '"sf2"' |ngctl msg fec0: add_iface '"sf3"' |ngctl msg fec0: set_mode_inet |ifconfig sf2 promisc |ifconfig sf3 promisc |ifconfig fec0 promisc | |after this fec0 will be the virtual if that gets the frames. | |This does depend on the fec module. |# cd /usr/src/sys/modules/netgraph/fec/ |# make && make install | |http://taosecurity.blogspot.com/ <- this is where i found it. |which points out this poster. |http://www.derkeiler.com/Mailing-Lists/securityfocus/focus-ids/2003-10 |/0029.html | |So is there a reason the netgraph fec module isn't built by default? Yes. It's not very stable. Better use ng_one2many. |_______________________________________________ |freebsd-security@freebsd.org mailing list |http://lists.freebsd.org/mailman/listinfo/freebsd-security |To unsubscribe, send any mail to |"freebsd-security-unsubscribe@freebsd.org" | ---- If it's there, and you can see it, it's real. If it's not there, and you can see it, it's virtual. If it's there, and you can't see it, it's transparent. If it's not there, and you can't see it, you erased it. --Signature=_Tue__16_Dec_2003_11_06_46_+0200_5ewaNAiksEcjKl5e Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/3ssnP5WtpVOrzpcRAmfxAJ9KqFBvW3IW7Rd/G65Pvi3ndOJc1ACgm82n oAKE4YfGBdwm6wtWjy8e7ps= =aAe9 -----END PGP SIGNATURE----- --Signature=_Tue__16_Dec_2003_11_06_46_+0200_5ewaNAiksEcjKl5e--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031216110645.2752f5c8.dudu>