I am using Snort and a few other tools to decide which I'd like best. Here's the thing about Lowell's comment on Bridging. Is this necessary in this case? I don't want the interface without an IP to EVER transmit outbound. If I Need to enable bridging I'll do so. The other thing is, is it possible to configure each card to be on a different subnet(like xl1 on 10.X.X.X and xl0 on 192.X.X.X)?
See Matthew Seaman's post on this - I think he knows more about this than I do ;) I remember using snort for something recently and don't remember encountering any problems - It shouldn't need to be assigned an IP AFAIK.
Andrew, do you like VooDoo Blue? Let me know, I am involved.
For some reason, your email address insipred me to check out www.vdbmusic.com - I hadn't heard of the band before then. I downloaded a couple of MP3s from the site and they are pretty good :)
Not sure if their music ever makes it to Scotland though, which is where I am!
-----Original Message-----
From: Andrew Boothman [mailto:[EMAIL PROTECTED] Sent: Saturday, January 03, 2004 12:27 PM
To: Scott Renna
Cc: [EMAIL PROTECTED]
Subject: Re: problem with 2 nics in same box
Scott Renna wrote:
Hello List,
I am having some difficulty in getting my xl0 and xl1 3com cards to
work
the way I'd like. I'm running 5.1 Release and I'm basically trying to have one interface with no IP address(specifying it as such in /etc/rc.conf as ifconfig_xl1="up") And I'd like to have the other(xl0) to have an IP address of my Internal Network. The purpose of this
setup
is to sniff traffic with the interface that has no IP address and
allow
for management and reporting over the interface that has an IP associated with the Internal network.
For some reason, this is just not working for me at all. I've tried
to
configure via rc.conf and this fails to work. I've also tried
assigning
an RFC 1918 address to the interface I want sniffing as this traffic
should not be routable, but it doesn't seem to work.
What software are you using to sniff the traffic? Do you have the bpf device in your kernel? Do you get an error message or just no traffic recieved?
Andrew
P.S. Are you something to do with VooDoo Blue or do you just do their web site, or just a fan or something? :)
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
