Wouldn't it be possible to REDIRect the traffic onto your firewall
machine to some other port just in order to record its contents? So you
don't really open up the port to the other machine again.
Not sure how to REDIRECT. If I have a second IP on my interface with IP
192.168.11.1 would I:
REDIRECT $FW 192.168.11.1 tcp * - 97.107.134.150
... and then listen on 192.168.11.1 with Wireshark? Would it actually
see any traffic?
--
http://www.fastmail.fm - Faster than the air-speed velocity of an
unladen european swallow
------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
