From owner-freebsd-net Fri Apr 19 23:18:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id 35B2337B417 for ; Fri, 19 Apr 2002 23:18:30 -0700 (PDT) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020420061829.TVXQ1901.rwcrmhc52.attbi.com@blossom.cjclark.org>; Sat, 20 Apr 2002 06:18:29 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g3K6IT670329; Fri, 19 Apr 2002 23:18:29 -0700 (PDT) (envelope-from cjc) Date: Fri, 19 Apr 2002 23:18:28 -0700 From: "Crist J. Clark" To: Michael Smith Cc: freebsd-net@FreeBSD.ORG Subject: Re: network traffic analysis with a network switch Message-ID: <20020419231828.B70074@blossom.cjclark.org> References: <20020419081453.X30314@staff.texas.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020419081453.X30314@staff.texas.net>; from msmith@texas.net on Fri, Apr 19, 2002 at 08:14:54AM -0500 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Apr 19, 2002 at 08:14:54AM -0500, Michael Smith wrote: > Not quite sure how to set this up, or even if it can be setup... > I have a windows box, a FreeBSD box (gateway) and a RH box all > connected to a 100base-T network switch. The FreeBSD box > is then connected to a Cable Modem and a T1 router. > > I have a program on the RH box that can snoop and analyze some of > the network traffic of the windows box, however due to the nature > of network switches, it never sees the traffic. Don't ask about > the analyzer, I'm rather annoyed that it was written specifically > to compile and run only on RH and it's very close Linux relatives. > > Here is a rough visualization of the setup. > > +-------------+ +----+ > | Cable Modem | | T1 | > +-------------+ +----+ > \ / > +---------+ > | FreeBSD | > +---------+ > | > +------------------+ > | 100base-T Switch | > +------------------+ > / | \ > +----------+ +----+ +----------+ > | Windows1 | | RH | | Windows3 | > +----------+ +----+ +----------+ > > What I would like to be able to do is somehow send copies of > network traffic to the RH box without having to move it > between the FreeBSD box and the switch. Is this possible > and if so, how would I go about setting this up? Tell the Windows box that RH's IP is its gateway. Turn on IP forwarding on RH. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message