Date: Thu, 22 Jul 2004 16:40:14 -0500 From: "Andy Baran" <abaran1@depaul.edu> To: <freebsd-questions@freebsd.org> Subject: Packet filters Message-ID: <s0ffedfa.071@gwia-loop-1.srv.depaul.edu>
next in thread | raw e-mail | index | archive | help
This question sounds like it has an easy answer at first but please bear with me. I am going to setup a network tap to monitor network traffic flows. The machine will be running FreeBSD 4.10 and has two NICs. One interface will be used for management and the other will be to collect the flows. Obviously, security is a concern with a machine of this nature so I need to setup a firewall on the management interface. However, I need to be absolutely sure that the firewall will not be handling any of the packets on the second interface. I am well aware that IPFW and IPF can both be setup to monitor only a specific interface. However, I'd like verification from someone familiar with the code for either that the filter will not touch packets on the interface being used as a tap. My apologies if I'm posing this question to the wrong list. If I am please let me know whom I should be asking. Thanks in advance for any replies. ----------------------------- +Andy Baran ................................... abaran1@depaul.edu +DePaul Computer Security Response Team http://security.depaul.edu ---------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?s0ffedfa.071>