Chuck Kollars wrote: > 3) If your netstack is a bank of switches, find the > manual and see how to put a port into "monitor" mode > so it stops acting like a switch and repeats all the > packets anywhere in the netstack. Almost all good > quality devices can do this ...if you find the manual > and determine the right incantation.
Thanks (I haven't been back in the office this week to test things out like I wanted). In this case, even though everything may be a switch, I'm still trying to figure out why my Windows server box can see everything on the 10/100 dual-speed hub while the Linux box can't. If it wasn't for that fact (if not even the Windows box could do it), then I'd think that it was the fault of the 10/100 hub. But in this case I think I'm up against either a firewall issue, an issue with PROMISC mode on 2.6.18 kernels, or issues with the Intel PRO/1000 NIC driver. Ultimately, my solution may indeed be to pickup a relatively inexpensive 8/12/16 port switch (probably 3com) and shove the linux box on a port configured with monitor mode. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
