Re: interface bonding
From: Richard Bejtlich (richard_bejtlich_at_yahoo.com)
Date: 12/21/03
- Previous message: bonifaktuura_at_inbox.lv: "Re: Configuring JAIL to bind on lo0 interface"
- Maybe in reply to: Vlad Galu: "Re: interface bonding"
- Next in thread: Dmitry Frolov: "Re: interface bonding"
- Reply: Dmitry Frolov: "Re: interface bonding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 20 Dec 2003 16:28:14 -0800 (PST) To: freebsd-security@freebsd.org
Hello,
I operate http://taosecurity.blogspot.com and
http://www.taosecurity.com.
I posted a method to use ng_one2many for bonding
interfaces here in June:
http://marc.theaimsgroup.com/?l=snort-users&m=105585533810122&w=2
That method relies on three real interfaces: the two
to be bonded and a third against which traffic is
mirrored.
I've not had luck creating a third "virtual" interface
against which to sniff.
Using ng_fec, however, a fec0 interface us created
automatically. That's what I'm using now on my NSM
sensor and it works fine.
I appreciate any hints on creating a virtual interface
to use for sniffing with ng_one2many. If you can
help me do that I'll use ng_one2many instead of
ng_fec. ng_fec doesn't have a man page, which is
enough for me to avoid it if possible. :)
Thank you,
Richard
http://www.taosecurity.com
__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: bonifaktuura_at_inbox.lv: "Re: Configuring JAIL to bind on lo0 interface"
- Maybe in reply to: Vlad Galu: "Re: interface bonding"
- Next in thread: Dmitry Frolov: "Re: interface bonding"
- Reply: Dmitry Frolov: "Re: interface bonding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
