[ previous ] [ next ] [ threads ]
 
 From:  Dinesh Nair <dinesh at alphaque dot com>
 To:  Jim Gifford <jim at giffords dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IDS integration w/m0n0wall?
 Date:  Sat, 28 Feb 2004 12:11:40 +0800 (MYT) 
On Fri, 27 Feb 2004, Jim Gifford wrote:

> to "mirror" a port on m0n0wall to another port, I would love to hear
> about it.  Basically, I would love to see every packet sent and received
> on interface A retransmitted on interface B.

try looking at the ng_tee(4) netgraph module, which can send
incoming/outgoing traffic on one interface to another. you could run
ng_tee between your LAN and your DMZ (renamed to IDS) interface.

Regards,                           /\_/\   "All dogs go to heaven."
dinesh at alphaque dot com                (0 0)    http://www.alphaque.com/
+==========================----oOO--(_)--OOo----==========================+
| for a in past present future; do                                        |
|   for b in clients employers associates relatives neighbours pets; do   |
|   echo "The opinions here in no way reflect the opinions of my $a $b."  |
| done; done                                                              |
+=========================================================================+