Re: Port Mirroring in Linux
- From: David Schwartz <davids@xxxxxxxxxxxxx>
- Date: Wed, 31 Oct 2007 08:42:43 -0700
On Oct 31, 2:41 am, Pascal Hambourg <boite-a-s...@xxxxxxxxxxxxxxx>
wrote:
But I'm afraid that the OP and a bridge have a slightly different idea
of what "appropriate interfaces" is. To a bridge, it is interfaces that
have seen incoming traffic from the destination MAC address, or all
interfaces if the destination is unknown or broadcast (I skip the
multicast case). To the OP, it is the same *plus* the mirroring interface.
A bridge does whatever it's configured to do.
What you want is what bridges do.
I do not think that the vanilla Linux bridge code can do what the OP
wants. I guess it could if learning could be disabled, so the bridge
floods all traffic on all interfaces.
Simply disabling learning will do exactly what the OP wants.
DS
.
- Follow-Ups:
- Re: Port Mirroring in Linux
- From: Pascal Hambourg
- Re: Port Mirroring in Linux
- References:
- Port Mirroring in Linux
- From: jeniffer
- Re: Port Mirroring in Linux
- From: david
- Re: Port Mirroring in Linux
- From: jeniffer
- Re: Port Mirroring in Linux
- From: David Schwartz
- Re: Port Mirroring in Linux
- From: Pascal Hambourg
- Port Mirroring in Linux
- Prev by Date: Re: Help Needed!!!!
- Next by Date: Re: Help Needed!!!!
- Previous by thread: Re: Port Mirroring in Linux
- Next by thread: Re: Port Mirroring in Linux
- Index(es):
Relevant Pages
|
