From owner-freebsd-questions@FreeBSD.ORG Sat Jan 3 18:14:51 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E469516A4CE for ; Sat, 3 Jan 2004 18:14:51 -0800 (PST) Received: from 82-41-155-225.cable.ubr01.linl.blueyonder.co.uk (82-41-155-225.cable.ubr01.linl.blueyonder.co.uk [82.41.155.225]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4EED743D58 for ; Sat, 3 Jan 2004 18:14:36 -0800 (PST) (envelope-from andrew@cream.org) Received: from cream.org (spatula.home [192.168.0.4]) by gateway.home (Postfix) with ESMTP id 0E5DF12F; Sun, 4 Jan 2004 02:14:34 +0000 (GMT) Message-ID: <3FF77701.3070003@cream.org> Date: Sun, 04 Jan 2004 02:14:25 +0000 From: Andrew Boothman User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Scott Renna References: <000201c3d238$070d2790$0201a8c0@mars> In-Reply-To: <000201c3d238$070d2790$0201a8c0@mars> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: problem with 2 nics in same box X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jan 2004 02:14:52 -0000 Scott Renna wrote: > I am using Snort and a few other tools to decide which I'd like best. > Here's the thing about Lowell's comment on Bridging. Is this necessary > in this case? I don't want the interface without an IP to EVER transmit > outbound. If I Need to enable bridging I'll do so. The other thing is, > is it possible to configure each card to be on a different subnet(like > xl1 on 10.X.X.X and xl0 on 192.X.X.X)? See Matthew Seaman's post on this - I think he knows more about this than I do ;) I remember using snort for something recently and don't remember encountering any problems - It shouldn't need to be assigned an IP AFAIK. > Andrew, do you like VooDoo Blue? Let me know, I am involved. For some reason, your email address insipred me to check out www.vdbmusic.com - I hadn't heard of the band before then. I downloaded a couple of MP3s from the site and they are pretty good :) Not sure if their music ever makes it to Scotland though, which is where I am! > -----Original Message----- > From: Andrew Boothman [mailto:andrew@cream.org] > Sent: Saturday, January 03, 2004 12:27 PM > To: Scott Renna > Cc: freebsd-questions@freebsd.org > Subject: Re: problem with 2 nics in same box > > Scott Renna wrote: > > >>Hello List, >> >>I am having some difficulty in getting my xl0 and xl1 3com cards to > > work > >>the way I'd like. I'm running 5.1 Release and I'm basically trying to >>have one interface with no IP address(specifying it as such in >>/etc/rc.conf as ifconfig_xl1="up") And I'd like to have the other(xl0) >>to have an IP address of my Internal Network. The purpose of this > > setup > >>is to sniff traffic with the interface that has no IP address and > > allow > >>for management and reporting over the interface that has an IP >>associated with the Internal network. >> >>For some reason, this is just not working for me at all. I've tried > > to > >>configure via rc.conf and this fails to work. I've also tried > > assigning > >>an RFC 1918 address to the interface I want sniffing as this traffic >>should not be routable, but it doesn't seem to work. > > > What software are you using to sniff the traffic? Do you have the bpf > device in your kernel? Do you get an error message or just no traffic > recieved? > > Andrew > > P.S. Are you something to do with VooDoo Blue or do you just do their > web site, or just a fan or something? :) > > > >