On 13-May-2014 15:25:18 (+0300), Alan Jones wrote: > I currently have PF setup using VLAN enforcement. Is there a way in > packet fence to track the “allowed” or “normal” vlan and NAT the > connections? I’m basically looking to track connections for DMCA > reasons, but don’t want to use Inline mode.
If PF is NATing the connections then by definition it's inline. There's no other way to NAT for something where the packets don't go via the NAT device. If you mean the trapping function say by snort or suricata then that's done by having a span port on a switch close to your egress/NAT device (some vendors call it port mirror) and plugging into it another interface on your PF box and setting that as 'monitor' in the interface type. In this case it's best if the PF box sees the un-natted connections so it can trace it back to actual registrations. Beyond that you'd need to describe what exactly you want to track - you may find you need other tools like netflow and friends. -- patrick
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
