I need to configure a Linux box as a transparent data sniffer between an
Internet connection router and the subnet hub/switch to which it is
connected (see ASCII art below)
Before:
} +-------------+
} +--------+ | |-------
I'net }--| router |---------------------| switch/hub |------- subnet
} +--------+ | |-------
} +-------------+
A B
After:
} +-------------+
} +--------+ +---------+ | |-------
I'net }--| router |-----| sniffer |-----| switch/hub |------- subnet
} +--------+ +----|----+ | |-------
} | +-------------+
A C | D B
E
The requirement is that interface A must continue to think that is is
still talking to the same addresses at B and the interfaces at B must
continue to think they are talking to the address at A. IOW, interface D
must mimic interface A and interface C must mimic interfaces B.
Connection to the sniffer will be at interface E.
This to enable a transparent man-in-the-middle data sniff. It's OK, it is
for a legitimate purpose :)
Does anyone have any pointers to this config. I believe it was discussed
on SLUG a few years back, but I can't think where to start looking.
--
Howard.
LANNet Computing Associates - Your Linux people <http://www.lannetlinux.com>
------------------------------------------
Flatter government, not fatter government - Get rid of the Australian states.
------------------------------------------
I before E except after C. We live in a weird society!
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
