Date: Mon, 13 Aug 2001 21:45:53 -0700 From: "Chad R. Larson" <chad@DCFinc.com> To: FreeBSD Stable List <stable@FreeBSD.org> Subject: promiscuous but silent Message-ID: <20010813214553.A21348@freeway.dcfinc.com>
next in thread | raw e-mail | index | archive | help
I want to monitor the behavior of a firewall we're evaluating. I'd like to run Ethereal or tcpdump and/or other such tools on both sides of the firewall, to convince myself it's doing what it claims to do (and don't even ask why I think it isn't). With one of those $25 four port hubs, I can get a FreeBSD notebook in parallel with the firewall's input. But I want to be absolutely sure the notebook stays quiet. That is, no ARP for its ownself when bringing up the interface, nor responses to the network broadcast address. Nada. But, tcpdump and friends need to be able to put the interface into promiscuous mode and copy =all= the traffic it sees. Should it be obvious how to do that, or is something tricky involved? -crl -- Chad R. Larson (CRL15) 602-953-1392 Brother, can you paradigm? chad@dcfinc.com chad@larsons.org larson1@home.com DCF, Inc. - 14623 North 49th Place, Scottsdale, Arizona 85254-2207 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010813214553.A21348>